pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-20 15:51:12 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,074 Commits 15 Branches 0 Tags
c0e4a4abf29b29e8fefd9a72e341de1e41d4ad42
Commit Graph

9 Commits

Author SHA1 Message Date
gpt-engineer-app[bot]
82b85e3284 Add system phase 4 audits 
- Add audit logging for system maintenance operations (cache/orphaned images/manual cleanup)
- Log account deletion request handling (requests/confirm/cancel)
- Log security actions (admin password resets, MFA enforcement changes, account lockouts)
 2025-11-11 14:49:11 +00:00
gpt-engineer-app[bot]
e28dc97d71 Migrate Phase 1 Functions 
Migrate 8 high-priority functions (admin-delete-user, mfa-unenroll, confirm-account-deletion, request-account-deletion, send-contact-message, upload-image, validate-email-backend, process-oauth-profile) to wrapEdgeFunction pattern. Replace manual CORS/auth, add shared validations, integrate standardized error handling, and preserve existing rate limiting where applicable. Update implementations to leverage context span, requestId, and improved logging for consistent error reporting and tracing.
 2025-11-11 03:03:26 +00:00
gpt-engineer-app[bot]
6da29e95a4 Add rate limiting to high-risk 
Introduce centralized rate limiting by applying defined tiers (STRICT, STANDARD, LENIENT, MODERATE) to high-risk edge functions:
- export-user-data (STRICT, 5 req/min)
- send-contact-message (STANDARD, 20 req/min)
- validate-email-backend (LENIENT, 30 req/min)
- admin-delete-user, resend-deletion-code (MODERATE)
- additional standard targets identified (request-account-deletion, cancel-account-deletion) as per guidance

Implements:
- Wrapped handlers with withRateLimit using centralized rateLimiters
- Imported from shared rate limiter module
- Annotated with comments explaining tier rationale
- Updated three initial functions and extended coverage to admin/account management functions
- Added documentation guide for rate limiting usage

This aligns with the Rate Limiting Guide and centralizes rate limit configuration for consistency.
 2025-11-10 21:39:37 +00:00
gpt-engineer-app[bot]
bf3da6414a Centralize CORS configuration 
Consolidate CORS handling by introducing a shared supabase/functions/_shared/cors.ts and migrate edge functions to import from it. Remove inline cors.ts usage across functions, standardize headers (including traceparent and x-request-id), and prepare for environment-aware origins.
 2025-11-10 21:28:46 +00:00
gpt-engineer-app[bot]
99ceacfe0c Fix remaining console statements 2025-11-03 19:24:38 +00:00
gpt-engineer-app[bot]
a2cb037410 Fix account deletion flow 2025-10-29 22:46:49 +00:00
gpt-engineer-app[bot]
12433e49e3 Implement 5-day plan 2025-10-21 12:37:28 +00:00
gpt-engineer-app[bot]
391e6a07fd Refactor account deletion flow 2025-10-12 14:31:26 +00:00
gpt-engineer-app[bot]
3a38b47108 Implement account deletion system 2025-10-12 14:17:54 +00:00