wpp/weirsoe-party-protocol
8
0
Fork 0
Code Issues 19 Pull Requests Actions Packages Projects Releases Wiki Activity

F3: beskyt lie-submit med player session token #36

Merged
integrator-bot merged 1 commits from feature/f3-lie-submit-session-token into main 2026-02-27 23:15:26 +01:00
Conversation 1 Commits 1 Files Changed 5 +80 -4
dev-bot commented 2026-02-27 23:12:14 +01:00
Owner
Copy Link

Scope: #16 + #17
Closes #35

Need-to-have security fix:

  • join_session returns session_token for player client state
  • submit_lie now requires session_token and validates token against player
  • migration adds Player.session_token
  • tests cover missing/invalid token + existing lie flow
Scope: #16 + #17 Closes #35 Need-to-have security fix: - `join_session` returns `session_token` for player client state - `submit_lie` now requires `session_token` and validates token against player - migration adds `Player.session_token` - tests cover missing/invalid token + existing lie flow
dev-bot added 1 commit 2026-02-27 23:12:14 +01:00
feat(f3): require player session token for lie submission
All checks were successful
CI / test-and-quality (push) Successful in 1m34s
Details
CI / test-and-quality (pull_request) Successful in 1m34s
Details
37e1d32675
reviewer-bot approved these changes 2026-02-27 23:15:26 +01:00
reviewer-bot left a comment
Owner
Copy Link

Godkendt: need-to-have sikkerhedsfix ser korrekt ud og CI er grøn.

Godkendt: need-to-have sikkerhedsfix ser korrekt ud og CI er grøn.
integrator-bot merged commit 177171706b into main 2026-02-27 23:15:26 +01:00
integrator-bot deleted branch feature/f3-lie-submit-session-token 2026-02-27 23:15:27 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
reviewer-bot
Labels
Clear labels
PO vil have det her prioriteret
PO-prioriteret
 architect
Architect-owned coordination thread
 backend
Backend
 bot-task
Task managed by scheduler bots
 devops
DevOps/deploy related
 epic
Long-lived scope/phase tracking
 frontend
Frontend
 i18n
Internationalization
 mvp
auto by architect runner
 need-to-have
Required before merge/release
 needs-approval
Requires PO approval before execution
 nice-to-have
Improvement not blocking MVP
 release-approved
Architect approved release scope
 resolved
Løst og merged
 scope-guardrail
Scope and acceptance criteria source-of-truth
 smoke-fail
Smoke test failure
 spa
auto by architect runner
 staging
Staging infrastructure/deploy
 stale
Ingen aktivitet / forældet ift. main
 ui
Frontend/UI related
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
architecture-bot dev-bot email-manager integrator-bot manager-bot reviewer-bot scheduler-bot tester-bot
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: wpp/weirsoe-party-protocol#36
Delete Branch "feature/f3-lie-submit-session-token"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?