adolforeyna/EMI-Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(auth): remove security plan doc and marker comments

Browse Source
This commit is contained in:
Adolfo Reyna
2026-02-20 21:22:47 -05:00
parent 19d805d322
commit f3a782a360
3 changed files with 0 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
index.js
View File

@@ -72,7 +72,6 @@ const { authRateLimiter } = require('./middleware/authRateLimiter');
* 400:
* description: Bad request.
*/
// SECURITY FIX (#2): POST-only signup to avoid query-string credential leakage.
app.post('/signup', signup);
/**
* @swagger
@@ -106,7 +105,6 @@ app.post('/signup', signup);
* 401:
* description: Invalid credentials.
*/
// SECURITY FIX (#2): POST-only login to avoid query-string credential leakage.
app.post('/login', authRateLimiter('login'), login);
/**
* @swagger
@@ -156,8 +154,6 @@ app.get('/logout', logout);
* description: Bad request.
*/
app.route('/resetPassword').post(authRateLimiter('reset'), resetPassword);
// SECURITY FIX (#1):
// Single-use token login endpoint for password recovery flow.
/**
* @swagger
* /password/token-login: