Matt
a17c6ed162
**UPDATED ENDPOINTS (11 additional):** - email/send.ts (CRITICAL: was using old auth) - email/fetch-thread.ts (CRITICAL: was using old auth) - email/fetch-thread-v2.ts (CRITICAL: was using old auth) - email/generate-eoi-document.ts (CRITICAL: was using old auth) - files/upload.ts (CRITICAL: was using old auth) - files/list.ts (SECURITY ISSUE: had NO auth) - files/download.ts (SECURITY ISSUE: had NO auth) - files/delete.ts (SECURITY ISSUE: had NO auth) - files/create-folder.ts (SECURITY ISSUE: had NO auth) - files/preview.ts (SECURITY ISSUE: had NO auth) - files/rename.ts (SECURITY ISSUE: had NO auth) **AUTHENTICATION:** All now support dual auth: - x-tag header (webhooks/external calls) - Keycloak session (logged-in users) **PROGRESS:** 28/47 endpoints completed (~60%) **NEXT:** Continue with remaining proxy, test & debug endpoints **CRITICAL SECURITY FIXES:** Found 6 file endpoints with NO authentication - major vulnerability patched! |
||
|---|---|---|
| .. | ||
| fetch-thread-v2.ts | ||
| fetch-thread.ts | ||
| generate-eoi-document.ts | ||
| process-sales-eois.ts | ||
| send.ts | ||
| test-connection.ts | ||
| test-minio-bucket.ts | ||