core/php-commerce
8
0
Fork 0
Code Issues 16 Pull requests 11 Projects Releases Packages Wiki Activity Actions

security: add CSRF protection to API billing endpoints #23

Open
Charon wants to merge 0 commits from feat/csrf-billing-endpoints into dev
pull from: feat/csrf-billing-endpoints
merge into: core:dev
Conversation 0 Commits - Files changed -
Charon commented 2026-03-24 16:19:43 +00:00
Member
Copy link

Summary

  • Add verified middleware to billing route group so only email-verified users can access billing endpoints
  • Separate read-only GET routes from state-changing POST routes with clear section comments
  • Add throttle:6,1 rate limiting (6 req/min) to state-changing endpoints: cancel, resume, upgrade/preview, upgrade

Fixes #13

Test plan

  • Verify unverified users receive 403 on all /commerce endpoints
  • Verify verified+authenticated users can access read-only GET endpoints normally
  • Verify POST endpoints (cancel, resume, upgrade, upgrade/preview) enforce the 6/min throttle
  • Verify webhook routes remain unaffected (no auth, signature-verified)
## Summary - Add `verified` middleware to billing route group so only email-verified users can access billing endpoints - Separate read-only GET routes from state-changing POST routes with clear section comments - Add `throttle:6,1` rate limiting (6 req/min) to state-changing endpoints: cancel, resume, upgrade/preview, upgrade Fixes #13 ## Test plan - [ ] Verify unverified users receive 403 on all `/commerce` endpoints - [ ] Verify verified+authenticated users can access read-only GET endpoints normally - [ ] Verify POST endpoints (cancel, resume, upgrade, upgrade/preview) enforce the 6/min throttle - [ ] Verify webhook routes remain unaffected (no auth, signature-verified)
This branch is already included in the target branch. There is nothing to merge.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin feat/csrf-billing-endpoints:feat/csrf-billing-endpoints
git checkout feat/csrf-billing-endpoints

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git checkout dev
git merge --no-ff feat/csrf-billing-endpoints
git checkout feat/csrf-billing-endpoints
git rebase dev
git checkout dev
git merge --ff-only feat/csrf-billing-endpoints
git checkout feat/csrf-billing-endpoints
git rebase dev
git checkout dev
git merge --no-ff feat/csrf-billing-endpoints
git checkout dev
git merge --squash feat/csrf-billing-endpoints
git checkout dev
git merge --ff-only feat/csrf-billing-endpoints
git checkout dev
git merge feat/csrf-billing-endpoints
git push origin dev
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
P1

Priority 1 - Critical

  
P2

Priority 2 - Important

  
P3

Priority 3 - Nice to have

  
PHP

PHP codebase

  
agent-ready

   
bug

Bug fix

  
clotho

Assigned to Clotho AI agent

  
discovery

Auto-discovered by agent

  
docs

Documentation

  
refactor

Code quality refactoring

  
review

Needs human review

  
security

Security hardening

  
testing

Test coverage

  
athena

Assign to Athena AI agent (M3 Ultra)

  
athena-gemini

Dispatch to Gemini CLI on M3 Ultra

  
audit

Code audit task

  
clotho

Assign to Clotho AI agent for processing

  
clotho-gemini

Dispatch to Gemini CLI on darbs (AU)

  
codex

Dispatch to Codex CLI on gateway for analysis

  
darbs-claude

Dispatch to Claude on darbs (AU)

  
security

Security review task

  
wiki

Documentation/wiki update

No labels
P1
P2
P3
PHP
agent-ready
bug
clotho
discovery
docs
refactor
review
security
testing
athena
athena-gemini
audit
clotho
clotho-gemini
codex
darbs-claude
security
wiki
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: core/php-commerce#23
No description provided.
Delete branch "feat/csrf-billing-endpoints"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?