5 Commits

Author	SHA1	Message	Date
Torsten Schulz (local)	300dce9835	Paßwort vergessen modernisiert	2026-06-09 10:31:32 +02:00
Torsten Schulz (local)	58fd7fa5c6	feat(auth): implement Android refresh token handling and session management ... - Added support for generating Android access tokens and managing refresh sessions in the auth endpoints. - Implemented new tests for login, logout, and refresh functionalities specific to Android clients. - Enhanced password reset logging with normalization and masking of email addresses. - Created a new diagnostics endpoint for password reset attempts, including filtering and summarizing logs. - Introduced a new utility for managing password reset logs with retention policies. - Added tests for password reset log utilities to ensure proper functionality and privacy compliance. - Updated WebAuthn configuration tests to validate origin handling for production and allowed origins.	2026-05-27 19:34:53 +02:00
Torsten Schulz (local)	5ce064cff0	Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.	2026-01-05 11:50:57 +01:00
Torsten Schulz (local)	2dc0bc7d67	Add dotenv package for environment variable management and refactor SMTP credential handling in email services. Enhance error handling for missing SMTP credentials across various API endpoints to improve reliability and maintainability.	2025-12-18 12:19:23 +01:00
Torsten Schulz (local)	f3c08cfb71	Add authentication system with login, password reset, and member area	2025-10-21 11:23:06 +02:00