aboutsummaryrefslogtreecommitdiffstats
path: root/docker
Commit message (Collapse)AuthorAgeFilesLines
* Move uploads to a named Docker volumeHEADmasterThomas Vanbesien2026-03-242-9/+0
| | | | | | Replace the bind-mounted src/uploads/ with a named volume shared between PHP (read-write) and Nginx (read-only). Remove entrypoint.sh since the volume handles directory creation automatically.
* Add rate limiting on login and password reset endpointsThomas Vanbesien2026-03-221-0/+10
| | | | | | Track attempts per IP in a rate_limits table with a sliding time window. Login allows 5 failed attempts per 15 min, password reset allows 3 requests per 15 min. Old entries are purged automatically.
* Add session cookie hardening and Nginx security headersThomas Vanbesien2026-03-221-0/+8
| | | | | | Set httponly, samesite=Lax, and auto-detected secure flag on session cookies. Add X-Content-Type-Options, X-Frame-Options, and Content-Security-Policy headers in Nginx. Document both in README.
* Add editor with webcam/upload capture, overlay compositing, and gallery feedThomas Vanbesien2026-03-213-0/+15
|
* Add user authentication with email verification and password resetThomas Vanbesien2026-03-211-0/+10
| | | | | | Implements registration, login/logout, email verification via token, and password reset flow. Includes CSRF protection, flash messages, MailPit for dev email testing, and security docs in README.
* Initial project scaffoldThomas Vanbesien2026-03-214-0/+77
Set up MVC architecture with front controller, router, autoloader, database singleton, and Docker Compose stack (Nginx + PHP-FPM + MariaDB). Includes DB schema, responsive layout, dev tooling (php-cs-fixer, parallel-lint), and documentation.
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-16 14:28:18 +0000