turf_saas

admin/turf_saas

Fork 0

Commit Graph

Author	SHA1	Message	Date
DevOps Engineer	7f5573f076	feat(security): add IP-based rate limiting on /api/v1/auth/login — fix brute force HRT-62 - saas_auth.py: in-memory sliding-window rate limiter (5 attempts/5min, 15min block) using collections.defaultdict + threading.Lock, stdlib only, no new deps - portal_server.py: register rate_limit_middleware + access_log_middleware (was missing, leaving global 100req/min limit unApplied on portal routes) - tests/security/test_security.py: add TestLoginRateLimit class with test_login_brute_force_blocked_after_5_attempts and test_login_429_has_retry_after_header Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-04-27 14:50:08 +02:00
DevOps Engineer	793ee82c29	fix(qa): add /health endpoints to Flask apps for Docker healthchecks Docker compose healthchecks target /health on combined-api, dashboard-api and portal, but these endpoints did not exist (returned 404). This caused all dependent services (condition: service_healthy) to fail startup. - combined_api.py: GET /health + /turf/health with DB connectivity check - dashboard_api.py: GET /health + /turf/health with DB connectivity check - portal_server.py: GET /health (lightweight, no DB) QA Finding 1 from HRT-34 review of HRT-33 branch feature/devops-cicd. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-04-25 17:44:21 +02:00
ML Engineer	ed07c8a3d1	Initial commit: existing turf_saas codebase Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-04-25 17:18:43 +02:00

Author

SHA1

Message

Date

DevOps Engineer

7f5573f076

feat(security): add IP-based rate limiting on /api/v1/auth/login — fix brute force HRT-62

- saas_auth.py: in-memory sliding-window rate limiter (5 attempts/5min, 15min block)
  using collections.defaultdict + threading.Lock, stdlib only, no new deps
- portal_server.py: register rate_limit_middleware + access_log_middleware
  (was missing, leaving global 100req/min limit unApplied on portal routes)
- tests/security/test_security.py: add TestLoginRateLimit class with
  test_login_brute_force_blocked_after_5_attempts and test_login_429_has_retry_after_header

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-27 14:50:08 +02:00

DevOps Engineer

793ee82c29

fix(qa): add /health endpoints to Flask apps for Docker healthchecks

Docker compose healthchecks target /health on combined-api, dashboard-api
and portal, but these endpoints did not exist (returned 404). This caused
all dependent services (condition: service_healthy) to fail startup.

- combined_api.py: GET /health + /turf/health with DB connectivity check
- dashboard_api.py: GET /health + /turf/health with DB connectivity check
- portal_server.py: GET /health (lightweight, no DB)

QA Finding 1 from HRT-34 review of HRT-33 branch feature/devops-cicd.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-25 17:44:21 +02:00

ML Engineer

ed07c8a3d1

Initial commit: existing turf_saas codebase

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-25 17:18:43 +02:00

3 Commits