GrottoCenter / grottocenter-api / 24017769687 / 1

87%

develop: 87%

push

github

feat(caver): add admin ban/unban endpoints with security hardening

- Add POST /cavers/:caverId/ban and /unban admin-only endpoints
- Activate banned, date_last_connection, connection_counter columns on t_caver
- Reject banned cavers on login with generic 401 (no ban status leakage)
- Suppress forgot-password email for banned cavers (silent 200)
- Block password change via reset token for banned cavers (same as expired)
- Prevent account enumeration on sign-up (generic conflict message)
- Log warnings server-side for all banned caver activity

2793 of 3428 branches covered (81.48%)

Branch coverage included in aggregate %.

5862 of 6692 relevant lines covered (87.6%)

75.86 hits per line