botserver

3743 commits 88 branches 325 tags 94 MiB

Author	SHA1	Message	Date
Rodrigo Rodriguez (Pragmatismo)	928f29e888	feat(security): Complete security wiring and log audit SECURITY WIRING: - Auth middleware wired to main router with AnonymousPath config - CORS allowed origins loaded from bot_configuration database (config.csv) - Zitadel auth config loads from Vault via SecretsManager - No more env vars for sensitive config (only VAULT_* allowed) LOG AUDIT: - Added is_sensitive_config_key() check in ask_later.rs - Sensitive config values (password, secret, token, key, etc) now logged as [REDACTED] - Removed potential credential exposure in pending_info logs CONFIG LOADING ORDER: 1. VAULT_ADDR and VAULT_TOKEN from .env 2. All secrets from Vault (gbo/directory for Zitadel) 3. Bot config from config.csv (cors-allowed-origins, etc) Auth Config Paths: - Anonymous: /health, /healthz, /api/health, /ws, /auth - Public: /static, /favicon.ico	2025-12-28 19:41:33 -03:00
Rodrigo Rodriguez (Pragmatismo)	aeb4e8af0f	Fix all clippy warnings - 0 warnings	2025-12-28 14:27:52 -03:00
Rodrigo Rodriguez (Pragmatismo)	36fb7988cb	refactor: Move AutoTask system from basic/keywords to auto_task module - Move app_generator, intent_classifier, intent_compiler, autotask_api, designer_ai, ask_later, auto_task, safety_layer to src/auto_task/ - Create auto_task/mod.rs with exports and route configuration - Update imports in moved files - Update main.rs to use auto_task::configure_autotask_routes - Keep table_definition in keywords (shared utility)	2025-12-27 22:58:43 -03:00

Author

SHA1

Message

Date

Rodrigo Rodriguez (Pragmatismo)

928f29e888

feat(security): Complete security wiring and log audit

SECURITY WIRING:
- Auth middleware wired to main router with AnonymousPath config
- CORS allowed origins loaded from bot_configuration database (config.csv)
- Zitadel auth config loads from Vault via SecretsManager
- No more env vars for sensitive config (only VAULT_* allowed)

LOG AUDIT:
- Added is_sensitive_config_key() check in ask_later.rs
- Sensitive config values (password, secret, token, key, etc) now logged as [REDACTED]
- Removed potential credential exposure in pending_info logs

CONFIG LOADING ORDER:
1. VAULT_ADDR and VAULT_TOKEN from .env
2. All secrets from Vault (gbo/directory for Zitadel)
3. Bot config from config.csv (cors-allowed-origins, etc)

Auth Config Paths:
- Anonymous: /health, /healthz, /api/health, /ws, /auth
- Public: /static, /favicon.ico

2025-12-28 19:41:33 -03:00

Rodrigo Rodriguez (Pragmatismo)

aeb4e8af0f

Fix all clippy warnings - 0 warnings

2025-12-28 14:27:52 -03:00

Rodrigo Rodriguez (Pragmatismo)

36fb7988cb

refactor: Move AutoTask system from basic/keywords to auto_task module

- Move app_generator, intent_classifier, intent_compiler, autotask_api, designer_ai, ask_later, auto_task, safety_layer to src/auto_task/
- Create auto_task/mod.rs with exports and route configuration
- Update imports in moved files
- Update main.rs to use auto_task::configure_autotask_routes
- Keep table_definition in keywords (shared utility)

2025-12-27 22:58:43 -03:00

Renamed from src/basic/keywords/ask_later.rs (Browse further)

3 commits