updated the docs, removed oauth and introduced sanctum pat

2025-11-07 07:47:25 +01:00
parent 67affd3317
commit 9cc9950b0c
16 changed files with 153 additions and 503 deletions
--- a/docs/implementation-roadmap.md
+++ b/docs/implementation-roadmap.md
@@ -97,8 +97,8 @@ Basierend auf aktueller Code-Analyse und Implementierung:

 ### Verbleibende Tasks
 1. **Security Implementation (1 Tag)**
-   - Rate Limiting: 100/min tenant, 10/min oauth *(aktiv)*
-   - Token-Rotation in OAuthController *(KID-basierte Schlüssel & `oauth:rotate-keys`)*
+   - Rate Limiting: 100/min tenant API, 20/min tenant-auth login/exchange *(aktiv)*
+   - Token issuance handled by Sanctum PAT endpoints; rotation via PAT revocation *(aktiv)*
   - IP-Binding für Refresh Tokens *(konfigurierbar, Subnetzrelax optional)*

 ### Milestones