- Auth: HS256 algorithm restriction on JWT verify, timing-safe bcrypt
for inactive/locked users, locked_until check in loadAuthData, TOTP
fixes (async bcrypt, BigInt conversion, future-code counter fix)
- Validation: Zod enums for leave_type/status, numeric transforms on
foreign keys, VAT 0% coercion fix (Number(v)||21 → v!=null checks)
- Permissions: requirePermission on attendance PUT, attendance_users
and project_logs access checks, trips users filtered by trips.record
- Prisma queries: fixed roles.is:{OR} pattern (doesn't work on to-one
relations), attendance_users now filters by attendance.record only
- Transactions: wrapped deleteOrder, createOrder, updateUser, deleteUser,
duplicateOffer, bulkCreateAttendance, createLeave, scope-templates,
leave-requests, company-settings, profile updates
- Frontend: mountedRef reset in useListData, blob URL cleanup on unmount,
null checks on date fields, AdminDatePicker min/max for HH:mm
- Security headers: COOP, CORP, CSP frame-ancestors/form-action/base-uri
- Other: exchange-rate cache TTL, invoice-alert midnight comparison fix,
numbering.service releaseSequence no-op, nas-offers filename sanitize,
Content-Disposition header injection fix, mojibake Czech strings
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
39 lines
1.2 KiB
TypeScript
39 lines
1.2 KiB
TypeScript
import { z } from "zod";
|
|
|
|
export const LoginSchema = z.object({
|
|
username: z.string().min(1, "Uživatelské jméno je povinné"),
|
|
password: z.string().min(1, "Heslo je povinné"),
|
|
remember_me: z.boolean().optional().default(false),
|
|
});
|
|
|
|
export const TotpVerifySchema = z.object({
|
|
login_token: z.string().min(1, "Token je povinný"),
|
|
totp_code: z.string().length(6, "Kód musí mít 6 číslic"),
|
|
remember_me: z.boolean().optional().default(false),
|
|
});
|
|
|
|
export const TotpBackupSchema = z.object({
|
|
login_token: z.string().min(1, "Token je povinný"),
|
|
backup_code: z.string().min(1, "Záložní kód je povinný"),
|
|
});
|
|
|
|
export const TotpEnableSchema = z.object({
|
|
secret: z.string().min(1),
|
|
code: z.string().min(1),
|
|
password: z.string().optional(),
|
|
current_code: z.string().optional(),
|
|
});
|
|
|
|
export const TotpDisableSchema = z.object({
|
|
code: z.string().min(1),
|
|
password: z.string().optional(),
|
|
});
|
|
|
|
export const TotpRequiredSchema = z.object({
|
|
required: z.boolean(),
|
|
});
|
|
|
|
export type LoginInput = z.infer<typeof LoginSchema>;
|
|
export type TotpVerifyInput = z.infer<typeof TotpVerifySchema>;
|
|
export type TotpBackupInput = z.infer<typeof TotpBackupSchema>;
|