niuniu/sub2api-cn-relay-manager
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
4e2ee087fd5286f6e5cd9d9d0287b0e6ec147d53
sub2api-cn-relay-manager/internal/store/migrations
History
phamnazage-jpg 4e2ee087fd feat(vNext.4): implement trusted-subject security chain for portal user key self-service 
- Add portal_auth.go: Portal user session auth with HMAC-signed cookies
- Add /api/portal/session/{login,logout,state} endpoints
- Update nginx config template: cookie-to-header trusted proxy pattern
- Update frontend: sync CRM session on login/logout
- Add TRUSTED_SUBJECT_DEPLOY_GUIDE.md with remote43 deployment steps
- Update EXECUTION_BOARD.md: mark trusted-subject blocking issue as resolved

This implements the secure chain:
  Browser → Portal → nginx (cookie→header) → CRM (verify proxy secret)

Required remote43 actions:
1. Generate 64-char hex secret
2. Update .env.crm with TRUSTED_* config
3. Update nginx with cookie map and header injection
4. Restart services

Fixes EXECUTION_BOARD.md 2026-06-08 blocking issue
2026-06-09 07:48:03 +08:00
..
0001_init.sql
feat: add state store migrations and repositories
2026-05-12 23:25:02 +08:00
0002_operational_runtime.sql
test(project): achieve ≥70% package coverage across all internal packages
2026-05-15 19:26:25 +08:00
0003_pack_install_metadata.sql
test(project): achieve ≥70% package coverage across all internal packages
2026-05-15 19:26:25 +08:00
0004_host_identity_and_managed_resources.sql
feat(control-plane): harden host-scoped reconcile and acceptance evidence
2026-05-18 22:22:22 +08:00
0005_reconcile_runs_host_scope.sql
feat(control-plane): harden host-scoped reconcile and acceptance evidence
2026-05-18 22:22:22 +08:00
0006_reconcile_runs_batch_scope.sql
feat(control-plane): harden host-scoped reconcile and acceptance evidence
2026-05-18 22:22:22 +08:00
0007_batch_import_runs.sql
feat(store): complete v2 runtime state repositories
2026-05-22 14:37:08 +08:00
0008_batch_import_run_events.sql
feat(store): complete v2 runtime state repositories
2026-05-22 14:37:08 +08:00
0009_batch_import_run_request_context.sql
Complete batch import v2 runtime and host capability recovery
2026-05-23 09:18:02 +08:00
0009_provider_drafts.sql
feat(admin): persist provider drafts in crm
2026-05-27 21:49:12 +08:00
0010_logical_groups_and_routes.sql
feat(routing): add logical group schema foundation
2026-05-28 15:26:16 +08:00
0011_route_logging.sql
feat(routing): add route log writer and admin api
2026-05-28 21:24:05 +08:00
0012_provider_accounts.sql
feat(accounts): add provider account inventory api
2026-05-29 14:43:34 +08:00
0013_logical_group_guidance.sql
feat(portal): add logical group guidance config
2026-05-30 10:38:59 +08:00
0014_logical_group_packaging.sql
feat(portal): add logical group packaging config
2026-05-30 10:54:32 +08:00
0015_user_keys.sql
feat(vnext2): add user key self-service skeleton
2026-06-05 11:45:17 +08:00
0016_user_key_control_plane.sql
feat(vnext2): close user key self-service on real host
2026-06-05 19:58:02 +08:00
0016_user_keys_managed_identity_selector.sql
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
embed_test.go
test: H-02 补充 migrations 测试
2026-06-02 06:50:02 +08:00
embed.go
feat: add state store migrations and repositories
2026-05-12 23:25:02 +08:00