Archive/screentinker

Fork 0

mirror of https://github.com/screentinker/screentinker.git synced 2026-06-17 11:42:40 -06:00

Commit graph

Author	SHA1	Message	Date
ScreenTinker	728f03beba	test(server): TOTP - bite, lockout, replay, recovery, st_ bypass, key-rotation (#100 ) Unit: the mfa_pending BITE (db-injected so removing the rejection goes red), lockout, replay, recovery-hash, decrypt-null graceful. Integration: enrollment, login->mfa_required, route-level bite, recovery single-use, API-token bypass, verify lockout. Key-rotation: enroll under key A, reboot under key B -> recovery still works, TOTP fails cleanly (no 500). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-13 20:48:55 -05:00

Author

SHA1

Message

Date

ScreenTinker

728f03beba

test(server): TOTP - bite, lockout, replay, recovery, st_ bypass, key-rotation (#100 )

Unit: the mfa_pending BITE (db-injected so removing the rejection goes red), lockout, replay,
recovery-hash, decrypt-null graceful. Integration: enrollment, login->mfa_required, route-level
bite, recovery single-use, API-token bypass, verify lockout. Key-rotation: enroll under key A,
reboot under key B -> recovery still works, TOTP fails cleanly (no 500).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-13 20:48:55 -05:00

1 commit