core/php-tenant
8
0
Fork 0
Code Issues 43 Pull requests 33 Projects Releases Packages Wiki Activity Actions
45 commits 35 branches 3 tags 545 KiB
Commit graph

2 commits

Author SHA1 Message Date
Claude
84cabeffd4
docs: add OpenAPI 3.0 specification for all API endpoints 
Comprehensive machine-readable API documentation covering all REST
endpoints exposed by the php-tenant package:

- Workspace API (CRUD, switching, session and API key auth)
- Entitlement Provisioning API (Blesta: create, suspend, unsuspend, cancel, renew)
- Cross-App Entitlement API (check, usage recording, summary)
- Entitlement Webhooks API (CRUD, test, secret rotation, circuit breaker, deliveries)

Includes full request/response schemas, authentication details, error
responses, and pagination structures.

Fixes #33

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-24 13:49:58 +00:00
Snider
a35cbc9306 security: encrypt 2FA secrets and hash invitation tokens 
- Add encrypted cast to UserTwoFactorAuth secret and recovery_codes
- Hash invitation tokens on creation using Hash::make()
- Update token verification to use Hash::check()
- Add migration commands for existing data:
  - security:encrypt-2fa-secrets
  - security:hash-invitation-tokens
- Add tests for encryption and hashing

Fixes SEC-003, SEC-004 from security audit.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 12:20:53 +00:00