NIS2 Agile - Piattaforma SaaS per compliance NIS2 (EU 2022/2555)

DevEnv nis2-agile e4f9e9179e [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding ... Implementazione completa del progetto allineamento alla suite Evix (TRPG/lg231), basato sul doc canonico docs/GAP_TRPG_NIS2_ALIGNMENT.md (5 fasi, 18 gap). Version 1.0.0 → 1.5.0 Fase 1 — SSO Federation (v1.1.0) - Migration 015_sso_columns: users.sso_identity_id + password_version - application/services/SsoHelper.php (client SSO dual-mode, cURL nativo, zero deps) - AuthController::login() + changePassword() conditional SSO (SSO_MODE=local default) Fase 2 — Multi-device Sessions (v1.2.0) - Migration 016_active_sessions: tabella + refresh_tokens.session_jti - BaseController::requireAuth() verifica jti + last_activity throttle + parseDeviceLabel - login() genera jti, logout/changePassword revoca selettiva - GET/DELETE /auth/sessions[/{id}] - UI settings.html tab Sicurezza con lista device + revoca Fase 3 — Password Reset + Tenant Switcher (v1.3.0) - Migration 017_password_reset_tokens (TTL 30min, single-use) - POST /auth/forgot-password (risposta opaca) + reset-password - Pagine forgot-password.html + reset-password.html (con strength bar) - EmailService::sendPasswordReset - POST /auth/switchContext con rotazione JWT + organization_id claim - Dropdown tenant in sidebar esposto a tutti gli utenti con ≥2 org Fase 4 — Impersonate + Preferences + Versioning UI (v1.4.0) - POST /auth/impersonate (super_admin o consulente stesso firm, TTL 1h, audit) - Migration 018_user_preferences: users.theme/timezone/notif_email/notif_inapp - GET/PUT /auth/preferences - Sidebar footer mostra versione + changelog modal su click Fase 5 — Branding white-label + Auth-gate (v1.5.0) - Migration 019_firm_branding (logo/colori/brand_name per consulting firm) - BrandingController GET /branding/current (auth opzionale) + PUT - common.js auto-applica CSS variables al boot - public/js/auth-gate.js (gate password client-side per docs riservati, da TRPG) Skip motivati: - G15 demo login: simulator esistenti coprono - G18 refactor controllers: rinviato (~5gg, valore tecnico solo) Cron sync SSO: AgileHub Ticket #220 aperto a team AGILEHUB per estendere sso-password-sync.sh al DB nis2_agile_db. Prerequisito per switch SSO_MODE=dual. Backup files: tutti i file modificati hanno .bak.pre-{fase}-{ts} sia in DEV sia in /var/www/nis2-agile/.backups/ su Hetzner (rollback ready). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-05-29 13:18:35 +02:00
.claude	[SERVER] Auto-commit: allineamento repository	2026-02-24 12:56:23 +00:00
application	[FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding	2026-05-29 13:18:35 +02:00
docker	[CORE] Housekeeping: CLAUDE.md allineato, docker hardening, gitignore	2026-02-20 11:09:04 +01:00
docs	[FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding	2026-05-29 13:18:35 +02:00
public	[FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding	2026-05-29 13:18:35 +02:00
scripts	[FIX] feedback-worker.php: correggi */ in docblock PHP	2026-03-10 09:16:09 +01:00
.dockerignore	[FIX] Dockerignore: allow docker/php.ini for build context	2026-02-18 09:17:52 +01:00
.gitignore	[CORE] Housekeeping: CLAUDE.md allineato, docker hardening, gitignore	2026-02-20 11:09:04 +01:00
.htaccess	[CORE] Initial project scaffold - NIS2 Agile Compliance Platform	2026-02-17 17:50:18 +01:00
agile-services-istructio.md	[CORE] Aggiunto integrazione agile-services: istruzioni + CLAUDE.md aggiornato	2026-02-18 08:05:36 +00:00
CLAUDE.md	[DOCS] CLAUDE.md aggiornato: FeedbackService, controller, endpoint, contatore file	2026-03-10 09:07:20 +01:00
simulate-nis2-b2b.php	[FIX] simulate-nis2-b2b: POST /invites → /invites/create (router mapping)	2026-03-10 15:55:23 +01:00
simulate-nis2-big.php	[FIX] BigSim: asset_type mapping + incident/NCR ENUM values	2026-03-17 15:49:49 +01:00
simulate-nis2.php	[FIX] simulate: proc_open streaming SSE (pattern lg231) + NIS2_SSE flag	2026-03-10 10:51:05 +01:00