space/jellomator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add sliding session renewal and periodic token rotation

Browse Source
This commit is contained in:
Space-Banane
2026-05-20 21:57:14 +02:00
parent 972ccce62a
commit a185c91407
3 changed files with 96 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

111
TODO.md
View File

@@ -1,63 +1,68 @@
# TODO
Concrete follow-up work for Jellomator.
Concrete follow-up work for Jellomator, prioritized by implementation risk and user impact.
## P0
## P0 - Security and Reliability
- Add a backup and restore flow for the database in the admin UI.
- Let an admin download the current database.
- Let an admin upload a replacement database after confirmation.
- Validate the uploaded file before swapping it in.
- Add a basic health endpoint for Docker and orchestration.
- Return `200` when the app can read and write the database.
- Return `503` if startup initialization or DB access fails.
- Add login rate limiting.
- Track failed attempts per session or IP.
- Temporarily block repeated failures.
- Add session expiry controls.
- Expire idle admin sessions after a configurable period.
- Renew active sessions on successful requests.
- [ ] Add session expiry and rotation.
- [x] Add `expires_at` and `last_seen_at` to `sessions`.
- [x] Reject expired tokens in `current_user`.
- [ ] Rotate session token on login and periodically on use.
- [x] Harden auth endpoints.
- [x] Add login rate limiting by IP + username pair.
- [x] Add brute-force lockout window with clear error message.
- [x] Add optional CSRF protection for cookie-authenticated write routes.
- [x] Fix cookie/security defaults for deployment.
- [x] Set cookie `secure` from environment (true in production).
- [x] Make cookie max-age configurable.
- [x] Keep `httponly` and `samesite=lax`.
- [x] Add input and payload validation.
- [x] Validate URL scheme for links (`http`/`https` only).
- [x] Enforce max lengths for `name`, `category`, `description`, and `icon_url`.
- [x] Validate uploaded icon type and max file size before reading blob.
- [x] Add health/readiness endpoints.
- [x] `/healthz` returns `200` when process is up.
- [x] `/readyz` checks DB query + optional write test and returns `503` on failure.
## P1
## P1 - Data Model and Backend Quality
- Add drag-and-drop ordering for service cards.
- Persist display order in the database.
- Support moving a card up, down, or to the top in admin.
- Add a featured/pinned flag for important links.
- Keep pinned links above the normal list.
- Let admins toggle pinned status from the edit form.
- Add multi-category support.
- Store categories as a normalized table or join table.
- Allow filtering by more than one category in the dashboard.
- Add duplicate/cloning for existing links.
- Pre-fill a new form from an existing service.
- Keep the original service unchanged.
- Add a password autofill helper for first-run setup.
- Offer a generated strong password suggestion on the setup screen.
- Let the admin copy it or autofill the password fields.
- Add a public read-only mode.
- Hide admin-only links from the dashboard.
- Keep the same UI but remove edit affordances.
- Replace string timestamps with DB-native datetime.
- Migrate `created_at`/`updated_at` columns from `varchar` to `datetime`.
- Use UTC consistently for writes and reads.
- Add display ordering support.
- Add `sort_order` column and stable ordering fallback by `name`.
- Update read query to order by `enabled desc`, `sort_order`, `name`.
- Remove duplicate connection pattern in create flow.
- Use one DB transaction/connection per request path where possible.
- Add backup and restore flow in admin API/UI.
- Download full export.
- Upload validated import with explicit confirmation.
- Add dry-run validation mode before apply.
- Add structured logging.
- Log auth attempts, CRUD actions, and restore events with request IDs.
## P2
## P2 - UX and Product Improvements
- Add JSON import/export for services.
- Include metadata and icon blobs in the export format.
- Support importing a whole dashboard from a single file.
- Add better icon handling.
- Show initials when no icon exists.
- Allow cropping or centering uploaded icons.
- Add audit history for admin changes.
- Record create, update, delete, and preset actions.
- Show a simple timeline in the admin area.
- Add a compact dashboard mode.
- Reduce card padding and text size.
- Make it easier to scan large lists of links.
- Replace browser `alert()` with inline form errors/toasts.
- Show server errors near submit controls.
- Add success toasts for create/update/delete.
- Remove forced reload in auth forms.
- Replace `location.reload()` with state refresh only.
- Keep SPA navigation predictable on setup/login/logout.
- Add drag-and-drop ordering in admin.
- Persist `sort_order` updates.
- Provide keyboard-accessible move controls as fallback.
- Add duplicate/cloning for links.
- Pre-fill form from an existing link.
- Save as new record with unique name validation.
- Add public read-only mode toggle.
- Hide admin entry points and editing affordances for non-admin view.
## P3
## P3 - Nice-to-Have
- Add keyboard shortcuts for search and quick launch.
- Add a toast system for save, delete, and upload actions.
- Add Open Graph metadata for better link previews.
- Add structured JSON logging for auth and CRUD events.
- Add a CI verification step that builds the container image after publish.
- Add multi-category support with normalization.
- Add audit history timeline in admin.
- Add JSON import/export for services with icons.
- Add keyboard shortcuts for search/quick launch.
- Add Open Graph metadata and richer SEO tags.
- Add CI verification that builds container image for pull requests.