k1nq/TREK

Fork 0

mirror of https://github.com/mauriceboe/TREK.git synced 2026-06-19 21:31:46 +00:00

Commit Graph

Author	SHA1	Message	Date
Maurice	093e069ccc	Backend/frontend hardening & consistency cleanups (#1113 ) * refactor(auth): session token validation and password-change consistency * refactor(journey): entry field allow-list and public share-link consistency * refactor(mcp): align tool authorization with the REST permission checks * chore: input validation and sanitisation touch-ups (uploads, pdf, maps, backup, csp)	2026-06-06 16:37:03 +02:00
jubnl	535c06bb3f	feat(mcp): granular OAuth scopes and per-client rate limiting - Split `media:read` into `geo:read` and `weather:read` scopes - Add dedicated `atlas:read/write` scopes (previously under `places`) - Add dedicated `todos:read/write` scopes (previously under `collab`) - Rate limiting now keyed by userId+clientId instead of userId alone - Bind MCP sessions to the OAuth client that created them - Log MCP tool calls to audit log with clientId - Invalidate all MCP sessions on addon state change - Reduce session sweep interval from 10min to 1min - Update all translations with new scope labels	2026-04-11 02:06:32 +02:00
jubnl	63784d86a3	refactor(mcp): extract all MCP tools into dedicated modules and add shared helpers	2026-04-09 18:09:33 +02:00

Author

SHA1

Message

Date

Maurice

093e069ccc

Backend/frontend hardening & consistency cleanups (#1113 )

* refactor(auth): session token validation and password-change consistency

* refactor(journey): entry field allow-list and public share-link consistency

* refactor(mcp): align tool authorization with the REST permission checks

* chore: input validation and sanitisation touch-ups (uploads, pdf, maps, backup, csp)

2026-06-06 16:37:03 +02:00

jubnl

535c06bb3f

feat(mcp): granular OAuth scopes and per-client rate limiting

- Split `media:read` into `geo:read` and `weather:read` scopes
- Add dedicated `atlas:read/write` scopes (previously under `places`)
- Add dedicated `todos:read/write` scopes (previously under `collab`)
- Rate limiting now keyed by userId+clientId instead of userId alone
- Bind MCP sessions to the OAuth client that created them
- Log MCP tool calls to audit log with clientId
- Invalidate all MCP sessions on addon state change
- Reduce session sweep interval from 10min to 1min
- Update all translations with new scope labels

2026-04-11 02:06:32 +02:00

jubnl

63784d86a3

refactor(mcp): extract all MCP tools into dedicated modules and add shared helpers

2026-04-09 18:09:33 +02:00

3 Commits