AcadeNice/corentin_wakdo
7
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
65 commits 18 branches 2 tags 17 MiB
Commit graph

5 commits

Author SHA1 Message Date
Imugiii
f60bc484f7 feat(admin): definition self-service du PIN d'action sensible (P3)
Some checks failed
CI / secret-scan (push) Successful in 10s
Details
CI / static-tests (push) Successful in 30s
Details
CI / php-lint (push) Successful in 20s
Details
CI / secret-scan (pull_request) Successful in 9s
Details
CI / php-lint (pull_request) Successful in 19s
Details
CI / static-tests (pull_request) Successful in 30s
Details
CI / auto-merge (push) Has been skipped
Details
CI / auto-merge (pull_request) Failing after 5s
Details 
ProfileController -> GET/POST /admin/profile/pin : l'utilisateur connecte definit/change SON
propre PIN (cible = guard.userId issu de la session, jamais un champ de formulaire -> pas d'IDOR).
CSRF (RG-T01) + validation serveur (PinVerifier::meetsLengthPolicy : numerique + bornes min/max,
RG-T18 ; confirmation). PIN stocke en hash argon2id. Ecriture gardee sur 1 ligne affectee (pas de faux
succes silencieux). UserRepository : ecritures user hors auth (setPinHash retourne le compte de lignes,
pinIsSet). Prerequis du modele 'identifiant equipier + PIN' des actions sensibles (CRUD produits).
152 tests (unit + integration), PHPStan L6. Revue adversariale passee, 3 findings corriges.
 2026-06-15 20:00:48 +00:00
Corentin JOGUET
8290ceabc4 feat: CRUD categories P3 (rendu serveur, garde + CSRF + validation) (#15)
All checks were successful
CI / secret-scan (push) Successful in 7s
Details
CI / php-lint (push) Successful in 18s
Details
CI / static-tests (push) Successful in 27s
Details
CI / auto-merge (push) Has been skipped
Details
2026-06-15 21:45:31 +02:00
Corentin JOGUET
7c35f8e2dc feat: PIN d action sensible P2 (PinVerifier RG-T13) (#13)
All checks were successful
CI / secret-scan (push) Successful in 8s
Details
CI / php-lint (push) Successful in 16s
Details
CI / static-tests (push) Successful in 30s
Details
CI / auto-merge (push) Has been skipped
Details
2026-06-15 21:00:11 +02:00
Corentin JOGUET
f979a2339e feat: RBAC P2 (autorisation par permission + garde de session + /api/me) (#12)
All checks were successful
CI / secret-scan (push) Successful in 8s
Details
CI / php-lint (push) Successful in 19s
Details
CI / static-tests (push) Successful in 33s
Details
CI / auto-merge (push) Has been skipped
Details
2026-06-15 20:45:19 +02:00
Corentin JOGUET
1b0b20c12d feat: authentification back-office P2 (login/logout/reset, throttle, audit) (#11)
All checks were successful
CI / secret-scan (push) Successful in 7s
Details
CI / php-lint (push) Successful in 17s
Details
CI / static-tests (push) Successful in 32s
Details
CI / auto-merge (push) Has been skipped
Details
2026-06-15 20:18:59 +02:00