crewli/api/database/migrations at 4df668b5b84d4dc0021454946746da55c8b3a450 - crewli - Gitea: Git with a cup of tea

bert.hausmans/crewli

Files

History

bert.hausmans 4df668b5b8 feat: replace token-based impersonation with enterprise-grade header-based system

Replaces the insecure token-in-localStorage approach with a header-based
impersonation system backed by cache sessions and MFA verification.

Key changes:
- New impersonation_sessions audit table (immutable, ULID PK)
- MFA verification required to start impersonation (TOTP/email/backup)
- X-Impersonate-User header + HandleImpersonation middleware
- Per-request auth context swap (admin session never modified)
- IP pinning, sensitive route blocking, no nesting, sliding 60-min TTL
- Activity log auto-tagged with impersonated_by during sessions
- Frontend: sessionStorage, BroadcastChannel sync, countdown timer
- ImpersonateDialog with reason + MFA verification flow
- 26 comprehensive tests covering core, middleware, audit, lifecycle

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-16 02:42:53 +02:00

..

0001_01_01_000000_create_users_table.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

0001_01_01_000001_create_cache_table.php

feat: initial commit - Band Management application

2026-01-06 03:11:46 +01:00

0001_01_01_000002_create_jobs_table.php

feat: initial commit - Band Management application

2026-01-06 03:11:46 +01:00

2026_04_07_100000_create_personal_access_tokens_table.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

2026_04_07_110000_create_permission_tables.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

2026_04_07_120000_create_activity_log_table.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

2026_04_07_200000_create_organisations_table.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

2026_04_07_210000_create_organisation_user_table.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

2026_04_07_220000_create_events_table.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

2026_04_07_230000_create_user_invitations_table.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

2026_04_07_240000_create_event_user_roles_table.php

chore: align migrations, docs, and frontends with crewli.app setup

2026-04-07 10:45:34 +02:00

2026_04_07_250000_fix_organisations_and_invitations.php

feat: consolidate frontend API layer, add query-client, and harden backend Fase 1

2026-04-07 17:35:34 +02:00

2026_04_07_260000_create_locations_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_07_270000_create_festival_sections_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_07_280000_create_time_slots_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_100000_remove_volunteer_min_hours_from_events.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_110000_remove_route_geojson_from_locations.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_120000_add_section_settings_to_festival_sections.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_130000_create_shifts_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_140000_create_shift_assignments_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_150000_create_shift_check_ins_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_160000_create_volunteer_availabilities_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_170000_create_artists_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_180000_create_advance_sections_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_200000_create_crowd_types_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_205712_add_category_and_icon_to_festival_sections_table.php

feat: section category and icon fields with Tabler IconPicker component

2026-04-10 11:15:31 +02:00

2026_04_08_210000_create_companies_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_220000_create_persons_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_230000_create_crowd_lists_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_240000_create_crowd_list_persons_table.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_250000_add_person_foreign_keys_to_existing_tables.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_300000_add_shifts_extras_and_waitlist_tables.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_310000_drop_unique_person_timeslot_on_shift_assignments.php

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

2026-04-08 01:34:46 +02:00

2026_04_08_320000_fix_activity_log_morphs_to_ulid.php

feat: frontend member management

2026-04-08 01:50:38 +02:00

2026_04_08_400000_add_festival_columns_to_events_table.php

feat: schema v1.7 + sections/shifts frontend

2026-04-08 07:23:56 +02:00

2026_04_08_410000_create_event_person_activations_table.php

feat: schema v1.7 + sections/shifts frontend

2026-04-08 07:23:56 +02:00

2026_04_10_100000_add_registration_branding_to_events_table.php

feat: event registration branding with vertical wizard layout

2026-04-10 21:09:49 +02:00

2026_04_10_100000_create_person_tags_table.php

feat: person tags system - org-level skills with self-reported and organiser-assigned sources

2026-04-10 11:15:43 +02:00

2026_04_10_110000_create_user_organisation_tags_table.php

feat: person tags system - org-level skills with self-reported and organiser-assigned sources

2026-04-10 11:15:43 +02:00

2026_04_10_193837_add_cancellation_tracking_to_shift_assignments.php

feat: smart re-assignment with cancellation source tracking

2026-04-10 21:50:24 +02:00

2026_04_10_200000_create_person_identity_matches_table.php

feat: person identity matching with detection, confirmation and audit trail

2026-04-10 12:50:25 +02:00

2026_04_10_300000_add_registration_fields_to_festival_sections_table.php

feat: registration section preferences with show_in_registration filtering and deduplication

2026-04-10 20:03:54 +02:00

2026_04_10_400000_split_name_into_first_last_on_users_table.php

feat: split name into first_name + last_name across users, persons, and companies

2026-04-10 23:04:55 +02:00

2026_04_10_400001_split_name_into_first_last_on_persons_table.php

feat: split name into first_name + last_name across users, persons, and companies

2026-04-10 23:04:55 +02:00

2026_04_10_400002_split_contact_name_on_companies_table.php

feat: split name into first_name + last_name across users, persons, and companies

2026-04-10 23:04:55 +02:00

2026_04_10_500000_add_date_of_birth_to_persons_table.php

feat: add date_of_birth field to persons across all layers

2026-04-11 09:06:29 +02:00

2026_04_12_100000_add_remarks_to_persons_table.php

feat: registration form fields, section preferences, tag sync & schema updates

2026-04-12 22:10:16 +02:00

2026_04_12_100001_add_registration_toggles_to_events_table.php

feat: registration form fields, section preferences, tag sync & schema updates

2026-04-12 22:10:16 +02:00

2026_04_12_200000_create_registration_field_templates_table.php

feat: registration form fields, section preferences, tag sync & schema updates

2026-04-12 22:10:16 +02:00

2026_04_12_200001_create_registration_form_fields_table.php

feat: registration form fields, section preferences, tag sync & schema updates

2026-04-12 22:10:16 +02:00

2026_04_12_200002_create_person_field_values_table.php

feat: registration form fields, section preferences, tag sync & schema updates

2026-04-12 22:10:16 +02:00

2026_04_12_200003_create_person_section_preferences_table.php

feat: registration form fields, section preferences, tag sync & schema updates

2026-04-12 22:10:16 +02:00

2026_04_13_100000_add_email_branding_to_organisations_table.php

feat(api): organisation email branding and shared mail layout

2026-04-13 00:44:34 +02:00

2026_04_14_100000_update_token_columns_for_hashed_storage.php

security: round 3 — token security (crypto random, hashed storage, portal middleware)

2026-04-14 06:52:54 +02:00

2026_04_14_200000_add_date_of_birth_to_users_table.php

feat: complete person identity matching system with fuzzy detection, revert, and manual link

2026-04-14 08:44:24 +02:00

2026_04_14_200001_enhance_person_identity_matches_table.php

feat: complete person identity matching system with fuzzy detection, revert, and manual link

2026-04-14 08:44:24 +02:00

2026_04_14_300000_create_email_change_requests_table.php

feat: password reset, email change with verification, and password change

2026-04-14 15:38:54 +02:00

2026_04_15_100000_create_organisation_email_settings_table.php

feat: complete email infrastructure with queue, templates, logging, and API

2026-04-15 20:12:21 +02:00

2026_04_15_100001_create_organisation_email_templates_table.php

feat: complete email infrastructure with queue, templates, logging, and API

2026-04-15 20:12:21 +02:00

2026_04_15_100002_create_email_logs_table.php

feat: complete email infrastructure with queue, templates, logging, and API

2026-04-15 20:12:21 +02:00

2026_04_15_200000_add_mfa_columns_to_users_table.php

feat: enterprise MFA with TOTP, email codes, backup codes, and trusted devices

2026-04-15 20:45:55 +02:00

2026_04_15_200001_create_mfa_backup_codes_table.php

feat: enterprise MFA with TOTP, email codes, backup codes, and trusted devices

2026-04-15 20:45:55 +02:00

2026_04_15_200002_create_trusted_devices_table.php

feat: enterprise MFA with TOTP, email codes, backup codes, and trusted devices

2026-04-15 20:45:55 +02:00

2026_04_15_200003_create_mfa_email_codes_table.php

feat: enterprise MFA with TOTP, email codes, backup codes, and trusted devices

2026-04-15 20:45:55 +02:00

2026_04_16_000000_add_phone_to_users_table.php

feat: account settings with Vuexy tab pattern and MFA banner fix

2026-04-15 22:18:16 +02:00

2026_04_16_100000_create_impersonation_sessions_table.php

feat: replace token-based impersonation with enterprise-grade header-based system

2026-04-16 02:42:53 +02:00