7 Commits

Author	SHA1	Message	Date
phamnazage-jpg	4e2ee087fd	feat(vNext.4): implement trusted-subject security chain for portal user key self-service ... - Add portal_auth.go: Portal user session auth with HMAC-signed cookies - Add /api/portal/session/{login,logout,state} endpoints - Update nginx config template: cookie-to-header trusted proxy pattern - Update frontend: sync CRM session on login/logout - Add TRUSTED_SUBJECT_DEPLOY_GUIDE.md with remote43 deployment steps - Update EXECUTION_BOARD.md: mark trusted-subject blocking issue as resolved This implements the secure chain: Browser → Portal → nginx (cookie→header) → CRM (verify proxy secret) Required remote43 actions: 1. Generate 64-char hex secret 2. Update .env.crm with TRUSTED_* config 3. Update nginx with cookie map and header injection 4. Restart services Fixes EXECUTION_BOARD.md 2026-06-08 blocking issue	2026-06-09 07:48:03 +08:00
phamnazage-jpg	37694f993f	fix(gateway): pass sqlite DSN to NewAPIHandlerWithAuth so gateway can open DB for key auth	2026-06-07 14:42:46 +08:00
phamnazage-jpg	98bd619ec8	feat(routing): add sticky runtime backends	2026-05-29 07:43:29 +08:00
phamnazage-jpg	de33ff3492	feat(admin): add session-based portal login	2026-05-28 11:01:29 +08:00
phamnazage-jpg	cfa1eaa904	Complete batch import v2 runtime and host capability recovery	2026-05-23 09:18:02 +08:00
phamnazage-jpg	71cbaf5fa6	test(project): achieve ≥70% package coverage across all internal packages ... - store/sqlite: 75.4% (repos + db coverage) - host/sub2api: 80.8% (httptest mock server, pure function tests) - app: 74.2% (handler error paths, NewActionSet closures) - pack: 72.4% - provision: 75.2% - access: 77.3% - config: 94.7% (lookup mock tests) All tests pass: build, vet, race, coverage gates.	2026-05-15 19:26:25 +08:00
phamnazage-jpg	9d52b22b8d	feat: bootstrap control plane app skeleton	2026-05-12 22:44:30 +08:00