mirror of
https://github.com/Memo-2023/mana-monorepo.git
synced 2026-05-14 20:21:09 +02:00
4d15d9e764
BREAKING: JWT keys are now auto-managed by Better Auth (EdDSA/Ed25519) - Remove all JWT_PRIVATE_KEY, JWT_PUBLIC_KEY, JWT_SECRET references - Keys stored in auth.jwks database table (auto-generated on first run) - Delete obsolete generate-keys.sh and generate-staging-secrets.sh scripts - Clean up legacy AUTH_*.md analysis files from root Security Improvements: - Add security_events table for audit logging - Add SecurityEventsService for tracking auth events - Enhanced security headers (HSTS, CSP, X-Frame-Options) - Rate limiting configuration Monitoring Setup: - Add auth-health-check.sh for automated testing - Add generate-dashboard.sh for HTML status dashboard - Tests: health endpoint, JWKS (EdDSA), security headers, response time - Ready for Hetzner cron deployment Documentation: - Update deployment docs with Better Auth notes - Update environment variable references - Add security improvements documentation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
21 lines
615 B
JSON
21 lines
615 B
JSON
{
|
|
"environment": "local",
|
|
"url": "http://localhost:3001",
|
|
"timestamp": "2025-12-18T20:37:28Z",
|
|
"status": "healthy",
|
|
"tests": {
|
|
"health": {
|
|
"test": "health",
|
|
"status": "pass",
|
|
"httpCode": 200,
|
|
"response": { "status": "ok", "timestamp": "2025-12-18T20:37:28.972Z" }
|
|
},
|
|
"jwks": { "test": "jwks", "status": "pass", "httpCode": 200, "algorithm": "EdDSA" },
|
|
"security_headers": {
|
|
"test": "security_headers",
|
|
"status": "pass",
|
|
"headers": ["HSTS", "X-Content-Type-Options", "X-Frame-Options", "CSP"]
|
|
},
|
|
"response_time": { "test": "response_time", "status": "pass", "time_ms": 1 }
|
|
}
|
|
}
|