cameleer/cameleer-server
1
0
Fork 0
Code Issues 44 Pull Requests Actions Packages Projects Releases Wiki Activity

docs(04-02): complete security filter chain wiring plan

Browse Source 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-03-11 20:40:33 +01:00
parent 539b85f307
commit acf78a10f1
3 changed files with 181 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.planning/REQUIREMENTS.md
View File

@@ -43,8 +43,8 @@ Requirements for initial release. Each maps to roadmap phases. Tracked as Gitea
### Security
- [ ] **SECU-01**: All API endpoints (except health and register) require valid JWT Bearer token (#23)
- [ ] **SECU-02**: JWT refresh flow via `POST /api/v1/agents/{id}/refresh` (#24)
- [x] **SECU-01**: All API endpoints (except health and register) require valid JWT Bearer token (#23)
- [x] **SECU-02**: JWT refresh flow via `POST /api/v1/agents/{id}/refresh` (#24)
- [x] **SECU-03**: Server generates Ed25519 keypair; public key delivered at registration (#25)
- [x] **SECU-04**: All config-update and replay SSE payloads are signed with server's Ed25519 private key (#26)
- [x] **SECU-05**: Bootstrap token from `CAMELEER_AUTH_TOKEN` env var validates initial agent registration (#27)