GitBucket
| 2026-06-07 |
Phase 3 infrastructure hardening: IP/UA binding, nginx getallheaders fallback, auth rate limiting, permission cache
Eugene Sukhodolskiy
committed
7 hours ago
|
|---|---|
|
Phase 2 session stability: refresh queue, Bearer fallback, proactive refresh
Eugene Sukhodolskiy
committed
7 hours ago
|
|
|
Phase 1 auth security hotfixes: cookie-based session, bearer checks, router guard sync
...
Eugene Sukhodolskiy
committed
8 hours ago
|
|
|
Fix OAuth callback URL: insert access_token query string BEFORE hash fragment so Vue can read it via window.location.search
Eugene Sukhodolskiy
committed
8 hours ago
|
|
|
Fix AppController and EventsHandlers to use __DIR__ instead of app()->root_folder() for prod compatibility
Eugene Sukhodolskiy
committed
9 hours ago
|
|
|
Integrate Vue webclient into server: serve SPA from /, remove proxy.php, update auth redirects
Eugene Sukhodolskiy
committed
9 hours ago
|
|
| 2026-06-06 |
Add Bearer token persistence for cross-domain SPA auth
...
Eugene Sukhodolskiy
committed
23 hours ago
|
|
Add IP roaming reconciliation for active devices during network scan
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Fix logout: session_start + destroy cookie + redirect to local /login instead of /auth/login
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Make user card avatar/name clickable link to gnexus-auth profile
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Add GnUserCard drawer footer; fix proxy.php cookie forwarding and /auth/ whitelist
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Fix auth session persistence: add credentials:include to fetch and session_start to auth flow
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Phase 2: Protect Areas, Scripts, Firmware REST API endpoints with permission checks
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Phase 2: Protect DevicesRESTAPIController endpoints with permission checks
...
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
|
|
| 2026-06-05 |
Move scan debug log to sys temp dir as well
Eugene Sukhodolskiy
committed
1 day ago
|
|
Move scan lock file to sys temp dir to avoid prod permission issues
Eugene Sukhodolskiy
committed
1 day ago
|
|
|
Debug scan locking: add shutdown cleanup + connection_aborted checks + debug log
Eugene Sukhodolskiy
committed
2 days ago
|
|
|
Fix abandoned scan overload: flock lock + connection abort detection + client timeout
Eugene Sukhodolskiy
committed
2 days ago
|
|
| 2026-06-04 |
Phase 1: Server-side firmware catalog, OTA API endpoints, and DeviceAPI::updateFirmware
Eugene Sukhodolskiy
committed
3 days ago
|
| 2026-06-03 |
Переписан механизм определения offline: last_contact-based вместо TCP ping + retry для сканера
...
Eugene Sukhodolskiy
committed
4 days ago
|
|
Обновлять last_contact при каждом контакте с устройством
Eugene Sukhodolskiy
committed
4 days ago
|
|
|
Add virtual device emulator (Flask) for relay and button types
...
Eugene Sukhodolskiy
committed
4 days ago
|
|
|
Phase 7: Separate ControlScripts from server core + CLI isolation + manifest
...
Eugene Sukhodolskiy
committed
4 days ago
|
|
|
|
|
|
Fix critical issues: router method enforcement, cron localhost guard, rate limiter file-based, entity update_at optional, device race condition, area remove transaction, control scripts static flush
Eugene Sukhodolskiy
committed
4 days ago
|
|
|
Phase 5: Code quality and tech debt (side effects, dedup, dead code, config extraction, log security)
Eugene Sukhodolskiy
committed
4 days ago
|
|
|
Phase 4: Device communication resilience (batch scanning, retry, configurable timeouts, non-blocking events, reset check)
Eugene Sukhodolskiy
committed
4 days ago
|
|
|
Phase 3: API hardening (validation, JSON wrappers, path traversal, rate limiting)
Eugene Sukhodolskiy
committed
4 days ago
|
|
| 2026-06-01 |
Add area_id and update_at to device detail API response
...
Eugene Sukhodolskiy
committed
5 days ago
|