docs(audit): align documentation with post-remediation backend reality

- Update data model enums to match backend models
- Update API reference auth requirements
- Add dispute module references and warning blocks
- Add 2026-05-24 audit remediation callout to Overview
- Generate task breakdowns and audit artifacts
- Add doc alignment report (.taskmaster/reports/)
This commit is contained in:
Siavash Sameni
2026-05-24 11:16:29 +04:00
parent b824ca0435
commit 4cf5c49274
74 changed files with 5964 additions and 81 deletions

View File

@@ -0,0 +1,35 @@
---
taskmaster_id: "2.3"
status: "done"
priority: "high"
depends_on: ["1"]
parent_id: "2"
source: "taskmaster"
generated_at: "2026-05-24T07:15:25.199Z"
---
# 2.3 - Replace stubbed passkey/WebAuthn flow
- [x] 2.3 - Replace stubbed passkey/WebAuthn flow #taskmaster #priority/high #status/done ⏫ 🆔 tm-2-3 ⛔ tm-1
## Metadata
| Field | Value |
| --- | --- |
| Taskmaster ID | 2.3 |
| Status | done |
| Priority | high |
| Dependencies | 1 |
| Parent | 2 - Implement platform audit remediation plan |
## Description
Implement production-grade WebAuthn registration/authentication and shared challenge storage.
## Details
Use real attestation/assertion verification, Redis-backed TTL challenges, refresh-token persistence/rotation, and deterministic malformed/reused/expired challenge errors.
## Verification
Registration, login, replay, expired challenge, and refresh-token continuity tests pass.