UMBRA

History

Kyle Pope 72075b7b71 Address QA review warnings for pentest remediation

- Clear IP failure counter on successful /change-password (W-01)
- Add nginx rate limiting for /api/auth/totp-verify (W-02)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-25 20:15:21 +08:00

__init__.py

Initial commit

2026-02-15 16:13:41 +08:00

auth.py

Address QA review warnings for pentest remediation

2026-02-25 20:15:21 +08:00

calendars.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00

dashboard.py

Address QA review: model registry, NOT NULL constraint, variable naming, toggle defaults, lockout UX

2026-02-25 04:34:21 +08:00

event_templates.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00

events.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00

locations.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00

people.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00

projects.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00

reminders.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00

settings.py

Add lock screen, auto-lock timeout, and login visual upgrade

2026-02-25 10:03:12 +08:00

todos.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00

totp.py

Implement Stage 6 Track B: TOTP MFA (pyotp, Fernet-encrypted secrets, backup codes)

2026-02-25 04:18:05 +08:00

weather.py

Implement Stage 6 Track A: PIN → Username/Password auth migration

2026-02-25 04:12:37 +08:00