posimai d6f7b487d0 fix: security hardening for commercial release ... - Fix OAuth (Google/GitHub) DB column bug: SELECT id → SELECT user_id - Add OAuth CSRF protection via state parameter (Google + GitHub) - Restrict /health endpoint: detailed info requires authentication - Add in-memory rate limiter utility (checkRateLimit) - Add rate limit to passkey login/begin: 10 req/min per IP - Add rate limit to Gemini AI analysis: 50 articles/hour per user - Add rate limit to journal suggest-tags: 10 req/hour per user - Update posimai-dev /api/vps-health proxy to send VPS_API_KEY header Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>		2026-04-04 23:04:20 +09:00
..
favicon.svg	fix: Posimai API check via /api/vps-health proxy, add favicon	2026-04-02 19:36:18 +09:00
index.html	fix(posimai-dev): aurora visibility, scrollbar styling	2026-03-31 07:26:06 +09:00
manifest.json	feat: add posimai-dev — self-hosted terminal portal with xterm.js	2026-03-30 23:23:28 +09:00
package.json	feat: add posimai-dev — self-hosted terminal portal with xterm.js	2026-03-30 23:23:28 +09:00
posimai-dev.service	fix: systemd service — correct node path to /usr/bin/node	2026-03-31 00:28:52 +09:00
server.js	fix: security hardening for commercial release	2026-04-04 23:04:20 +09:00
sessions.html	feat(posimai-dev): add sessions viewer, chat bar, Claude button, session logging	2026-03-31 00:42:16 +09:00
setup-kiosk.sh	fix: handle destroyed logStream in pty, update kiosk URL to https:3333	2026-03-31 13:37:38 +09:00
station-b.html	fix: remove ubuntu pc binbars, reduce machines gap to 8px	2026-04-03 00:56:32 +09:00
station.html	fix: Posimai API check via /api/vps-health proxy, add favicon	2026-04-02 19:36:18 +09:00
sw.js	feat: add posimai-dev — self-hosted terminal portal with xterm.js	2026-03-30 23:23:28 +09:00