arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

📝 docs: add comprehensive SOLID analysis and code review findings
Some checks failed
CI/CD Pipeline / CI Pipeline (push) Has been cancelled
Details
CI/CD Pipeline / CI Pipeline (pull_request) Successful in 15m34s
Details

Browse Source 
- Documented SOLID principle violations across codebase
- Identified security best practice improvements needed
- Analyzed performance optimization opportunities
- Added detailed refactoring recommendations
- Updated ADR-0018 with JWT secret rotation reference
- Enabled gitea-client skill for programmer agent

This commit captures the current state analysis before implementing improvements.
This commit is contained in:
Gabriel Radureau
2026-04-06 23:49:03 +02:00
parent 72b9d35299
commit 08202a578d
16 changed files with 1015 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adr/0018-user-management-auth-system.md
View File

@@ -120,6 +120,7 @@ The user management system follows the established DanceLessonsCoach patterns:
- 30-minute expiration for access tokens
- Secure random signing key
- HTTPS-only cookies
- **Secret Rotation:** Multiple valid secrets with retention policy (see Issue #8)
3. **Admin Access:**
- Master password from environment variable
- Non-persisted admin user
@@ -464,6 +465,7 @@ The implementation maintains full backward compatibility:
3. **User Activity Logging:** For audit trails
4. **Password Strength Meter:** For better user experience
5. **Account Recovery:** Email/phone-based recovery options
6. **JWT Secret Rotation:** Implement secret persistence and rotation mechanism (Issue #8)
## References