curo/Business-Management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74 Commits 1 Branch 0 Tags
f5bc28cda293d62fafb0f2ae982b82261b825e45
Commit Graph

4 Commits

Author SHA1 Message Date
curo1305 6d626ff266 Make bcrypt work factor explicit (13 rounds) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-17 20:58:02 +02:00
curo1305 e2c55556ac Switch JWT signing from HS256 to RS256 (4096-bit RSA) 
- Replace symmetric SECRET_KEY with JWT_PRIVATE_KEY / JWT_PUBLIC_KEY (PEM)
- Add iat claim to every token
- Add expand_newlines validator in config for single-line .env PEM values
- Add scripts/generate_jwt_keys.py key-generation helper
- Update security-auditor agent JWT checklist with RS256 enforcement rules
- Mark RS256 as done in TODO.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 23:00:35 +02:00
curo1305 e6d7888513 Fix dev stack startup: seed path, missing migration, passlib/bcrypt incompatibility 
- python -m scripts.seed (module mode) fixes ModuleNotFoundError
- Add scripts/__init__.py to make scripts/ a proper package
- Generate initial Alembic migration for users table
- Replace passlib with direct bcrypt>=4.0 (passlib unmaintained, broken with bcrypt 4.x)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 16:03:03 +02:00
curo1305 606b7bd6b3 Initial project scaffold: FastAPI + React/Vite + PostgreSQL SaaS starter 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 15:00:44 +02:00