matt
/
port-nimara-client-portal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
port-nimara-client-portal/server
History
Matt a17c6ed162 KEYCLOAK AUTH FIX: Phase 4 - Email & Files Endpoints 
**UPDATED ENDPOINTS (11 additional):**
- email/send.ts (CRITICAL: was using old auth)
- email/fetch-thread.ts (CRITICAL: was using old auth)
- email/fetch-thread-v2.ts (CRITICAL: was using old auth)
- email/generate-eoi-document.ts (CRITICAL: was using old auth)
- files/upload.ts (CRITICAL: was using old auth)
- files/list.ts (SECURITY ISSUE: had NO auth)
- files/download.ts (SECURITY ISSUE: had NO auth)
- files/delete.ts (SECURITY ISSUE: had NO auth)
- files/create-folder.ts (SECURITY ISSUE: had NO auth)
- files/preview.ts (SECURITY ISSUE: had NO auth)
- files/rename.ts (SECURITY ISSUE: had NO auth)

**AUTHENTICATION:** All now support dual auth:
- x-tag header (webhooks/external calls)
- Keycloak session (logged-in users)

**PROGRESS:** 28/47 endpoints completed (~60%)
**NEXT:** Continue with remaining proxy, test & debug endpoints

**CRITICAL SECURITY FIXES:** Found 6 file endpoints with NO authentication - major vulnerability patched!
 		2025-06-15 16:32:34 +02:00
..
api KEYCLOAK AUTH FIX: Phase 4 - Email & Files Endpoints 2025-06-15 16:32:34 +02:00
plugins REVERT Network Updates 2025-06-12 21:54:47 +02:00
tasks updates 2025-06-10 14:32:20 +02:00
utils FIX: Authentication for Keycloak - Phase 1 2025-06-15 16:13:22 +02:00