torsten/harheimertc - harheimertc - Gitea: Git with a cup of tea

torsten/harheimertc

Go to file

Torsten Schulz (local) 0274bed267 Add support for multiple encryption keys in data handling

This commit introduces a mechanism to handle multiple possible encryption keys for data decryption across various modules, including auth.js, members.js, newsletter.js, and encryption.js. It adds functions to retrieve potential old keys for migration purposes and updates the decryption logic to attempt decryption with these keys. Additionally, it includes warnings for users when old keys are used and provides guidance for re-encrypting data. This enhancement improves data migration capabilities and ensures backward compatibility with previously encrypted data.

2026-01-09 09:05:05 +01:00

.gitea/workflows

Enhance code analysis workflow by adding workspace sanity checks and refining OSV-Scanner commands to ensure proper execution with package-lock.json, improving overall reliability of the analysis process.

2025-12-20 16:01:25 +01:00

Initial commit: Harheimer TC Website

2025-10-21 00:41:12 +02:00

backups/users-1766060412221

Enhance Vereinsmeisterschaften and Vorstand pages with image support for players and board members. Implement lightbox functionality for player images in Vereinsmeisterschaften. Update CSV handling to include image filenames for better data management. Refactor components to utilize PersonCard for board members, improving code readability and maintainability.

2025-12-18 13:37:03 +01:00

Refactor authentication handling in Navigation and registration components to support lazy store access, improving resilience against Pinia initialization issues. Enhance registration logic to include optional password fallback for passkey users, with validation checks for password strength and confirmation. Update server-side registration to handle optional password securely, ensuring consistent user experience across different authentication methods.

2026-01-07 20:16:17 +01:00

Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.

2025-12-20 10:49:20 +01:00

Refactor authentication middleware to remove dependency on Pinia, implementing direct API calls for authentication status checks. Update member API documentation to escape JWT token placeholder for clarity. Update session and user data formats for improved security and consistency.

2026-01-07 17:26:22 +01:00

Enhance newsletter subscription functionality with user profile integration

2026-01-09 09:01:23 +01:00

Remove deprecated Passkey-related documentation and test files

2026-01-09 08:50:26 +01:00

Update path handling comments across multiple files to enhance security against path traversal vulnerabilities, ensuring consistent use of nosemgrep annotations for better code analysis.

2025-12-20 14:49:57 +01:00

Add support for multiple encryption keys in data handling

2026-01-09 09:05:05 +01:00

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

Refactor navigation and game schedule components; remove 'Spielplan' links from Navigation.vue, update links to point to '/mannschaften/spielplaene' in Spielplan.vue, and enhance date and time formatting for improved display. Add PDF metadata and security headers in the API for better document handling.

2025-10-24 01:36:58 +02:00

Add SMTP credentials for tests and enhance user role handling in CMS and Galerie endpoints

2025-12-20 10:32:06 +01:00

.gitignore

Update deployment script to ensure persistent data management, enhance backup and restore processes, and improve error handling. Modify .gitignore to exclude sensitive production data and update deployment documentation to reflect changes. Add environment variable loading for production secrets in configuration files.

2026-01-07 17:42:04 +01:00

.semgrepignore

Enhance security by adding DOMPurify comments in Vue components and updating path handling comments in server utilities to mitigate path traversal risks.

2025-12-20 11:15:31 +01:00

apache-config.conf

Simplify Apache config to proxy all requests to Nuxt server

2025-10-21 09:06:07 +02:00

apache-ssl-config.conf

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

apache-static.conf

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

app.vue

Refactor error and confirmation handling in membership application management; replace alerts with modal dialogs for improved user experience. Update application status to 'approved' for a new member and add corresponding data to JSON files.

2025-10-23 15:32:20 +02:00

AUTH_README.md

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

DATENSCHUTZ_UEBERSICHT.md

Implement passkey recovery feature, including email link requests and registration options. Update login and registration pages to support passkey authentication, with UI enhancements for user experience. Add server-side handling for passkey registration and login, including account activation checks. Update environment configuration for passkey recovery TTL settings.

2026-01-07 18:37:01 +01:00

DATENSCHUTZ.md

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

deploy-production.sh

Update deployment script to ensure PM2 processes start with updated environment variables. This change improves the reliability of the process startup by incorporating the --update-env flag, enhancing deployment robustness.

2026-01-08 23:28:25 +01:00

deploy.sh

Update AUTH_README.md to clarify admin password setup process and provide usage instructions for the set-admin-password script. Change file permissions for deploy.sh, production-setup.sh, and fetch-template.sh to make them executable.

2025-12-18 12:39:22 +01:00

DEPLOYMENT.md

Update deployment script to ensure persistent data management, enhance backup and restore processes, and improve error handling. Modify .gitignore to exclude sensitive production data and update deployment documentation to reflect changes. Add environment variable loading for production secrets in configuration files.

2026-01-07 17:42:04 +01:00

env.example

Implement passkey recovery feature, including email link requests and registration options. Update login and registration pages to support passkey authentication, with UI enhancements for user experience. Add server-side handling for passkey registration and login, including account activation checks. Update environment configuration for passkey recovery TTL settings.

2026-01-07 18:37:01 +01:00

eslint.config.js

Enhance security by adding role-checking functions in ESLint configuration and updating Vue components to improve content sanitization comments, while refining error handling in API endpoints for better clarity.

2025-12-20 14:19:55 +01:00

harheimertc.config.cjs

Refactor deployment script to handle symlinking of public data conditionally based on git tracking status, improving error handling for uncommitted changes. Update PM2 configuration to directly start the Node server for Nuxt 4 production builds in both harheimertc.config.cjs and harheimertc.simple.cjs. Modify user ID handling in registration options to use Uint8Array for compatibility with @simplewebauthn/server.

2026-01-07 18:06:09 +01:00

harheimertc.simple.cjs

Refactor deployment script to handle symlinking of public data conditionally based on git tracking status, improving error handling for uncommitted changes. Update PM2 configuration to directly start the Node server for Nuxt 4 production builds in both harheimertc.config.cjs and harheimertc.simple.cjs. Modify user ID handling in registration options to use Uint8Array for compatibility with @simplewebauthn/server.

2026-01-07 18:06:09 +01:00

index.htm

Remove index-iframe.html file, eliminating the iframe integration for the Harheimer Tischtennis-Club website. This change simplifies the project structure by removing unused HTML content.

2025-11-07 10:20:05 +01:00

next-env.d.ts

Initial commit: Harheimer TC Website

2025-10-21 00:41:12 +02:00

nuxt.config.js

Update nuxt.config.js to enhance SEO and social media integration; modify title and description for clarity, add Open Graph and Twitter meta tags, and include canonical link for improved indexing. Adjust keywords for better search visibility.

2025-11-07 10:15:14 +01:00

package-lock.json

Update package-lock.json to remove deprecated @peculiar/x509 version and add a new dependency entry for @simplewebauthn/server. Modify package.json to include an override for @peculiar/x509 version 1.13.0, ensuring compatibility across the project.

2026-01-07 17:58:38 +01:00

package.json

Update package-lock.json to remove deprecated @peculiar/x509 version and add a new dependency entry for @simplewebauthn/server. Modify package.json to include an override for @peculiar/x509 version 1.13.0, ensuring compatibility across the project.

2026-01-07 17:58:38 +01:00

production-setup.sh

Update AUTH_README.md to clarify admin password setup process and provide usage instructions for the set-admin-password script. Change file permissions for deploy.sh, production-setup.sh, and fetch-template.sh to make them executable.

2025-12-18 12:39:22 +01:00

renovate.json

Add renovate.json

2025-12-19 15:58:03 +01:00

tailwind.config.js

Initial commit: Harheimer TC Website

2025-10-21 00:41:12 +02:00

test-vspace.tex

Refactor environment configuration for local development; update SMTP settings and add JWT secret, encryption key, and debug options. Enhance Nuxt configuration for development server and runtime settings. Introduce new membership application form with validation and PDF generation functionality. Update footer and navigation components to include new membership links. Revise user and session data in JSON files.

2025-10-23 01:31:45 +02:00

test.aux

Refactor environment configuration for local development; update SMTP settings and add JWT secret, encryption key, and debug options. Enhance Nuxt configuration for development server and runtime settings. Introduce new membership application form with validation and PDF generation functionality. Update footer and navigation components to include new membership links. Revise user and session data in JSON files.

2025-10-23 01:31:45 +02:00

test.pdf

Refactor environment configuration for local development; update SMTP settings and add JWT secret, encryption key, and debug options. Enhance Nuxt configuration for development server and runtime settings. Introduce new membership application form with validation and PDF generation functionality. Update footer and navigation components to include new membership links. Revise user and session data in JSON files.

2025-10-23 01:31:45 +02:00

test.tex

Refactor environment configuration for local development; update SMTP settings and add JWT secret, encryption key, and debug options. Enhance Nuxt configuration for development server and runtime settings. Introduce new membership application form with validation and PDF generation functionality. Update footer and navigation components to include new membership links. Revise user and session data in JSON files.

2025-10-23 01:31:45 +02:00

vitest.config.ts

Update dependencies in package.json and package-lock.json; add testing scripts for Vitest, and include new packages such as supertest and vitest. Refactor Navigation component to improve event handling and cleanup, ensuring better performance and user experience. Enhance error handling in various API endpoints for PDF uploads and CSV saves, ensuring robust error propagation. Update nodemailer transport configuration for consistency across API handlers.

2025-11-10 13:08:50 +01:00

Languages

Vue 55.3%

JavaScript 38.8%

TypeScript 3.1%

Shell 2.6%

HTML 0.1%