admin/felhom.eu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3bc31fca2d0c408071f472b811e0ff0e1a4001eb
felhom.eu/hub/internal
T
History
admin 67f53a4ccd hub v0.3.8 — CSRF protection + secure session model 
- server.go: replace literal hub_session=authenticated with random 64-char hex
  session tokens stored server-side (hubSession map + sync.RWMutex); per-session
  CSRF tokens; CleanupSessions goroutine; SameSite=Lax+Secure cookie; CSRF
  validation in ServeHTTP; csrfToken/csrfField helpers
- configs.go: add html/template import; pass CSRFField/CSRFToken to all template
  renders; renderConfigForm gains r *http.Request parameter
- config_form.html: {{.CSRFField}} in form
- customer_unified.html: meta csrf-token + csrfHeaders() JS; {{.CSRFField}} in
  all 5 POST forms; csrfHeaders() on 3 fetch calls
- main.go: start CleanupSessions goroutine

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-21 16:39:14 +01:00
..
api
feat(hub): asset management API with PVC storage and image seed
2026-02-21 15:22:45 +01:00
assets
feat(hub): asset management API with PVC storage and image seed
2026-02-21 15:22:45 +01:00
configgen
hub: use Hungarian word passphrases for retrieval passwords
2026-02-21 14:31:39 +01:00
monitor
feat: Hub monitoring takeover — event system, dead man's switch, notifications (v0.3.0)
2026-02-20 18:53:24 +01:00
notify
feat: Hub monitoring takeover — event system, dead man's switch, notifications (v0.3.0)
2026-02-20 18:53:24 +01:00
store
feat: Hub monitoring takeover — event system, dead man's switch, notifications (v0.3.0)
2026-02-20 18:53:24 +01:00
web
hub v0.3.8 — CSRF protection + secure session model
2026-02-21 16:39:14 +01:00