René Schober
|
51f0028883
|
security: WS membership check, rate limiting, Zod WS validation, remove /repair
- WebSocket upgrade now verifies user is member of the household (prevents cross-household access)
- Rate limiting: invite/join 10/h, scanner 50/h, auth sign-in 10/min
- WebSocket commands validated via Zod discriminatedUnion (no unsafe cast)
- Removed /repair endpoint (dev artifact, bypassed tenant middleware)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-03-20 13:14:45 +01:00 |
|
René Schober
|
9ddc7c6d7a
|
Production deployment setup + feature complete
- Dockerfile + deploy.sh for Hetzner server
- Email verification via Better Auth + Resend
- Invite code flow (6-digit OTP, generate/join)
- Settlement share percent fix (payer vs debtor)
- OCR scanner fixes (date display, retry, viewfinder)
- app.json icon/splash/adaptive-icon configured
- iOS deployment target 15.5 (ML Kit requirement)
- DB migration 0014: household_invitations table
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-03-20 11:54:22 +01:00 |
|