Feat/add otp verification #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed

Rashed99Azm wants to merge 23 commits into main from feat/add-otp-verification

Closed

Feat/add otp verification #29

feat: add OTP verification flow + fix concurrency stamp on user confi…

GitHub Advanced Security / Semgrep OSS succeeded May 23, 2026 in 5s

242 new alerts

New alerts in code changed by this pull request

242 warnings

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 123 in backend/src/CCE.Api.Common/Auth/DevAuthHandler.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 59 in backend/src/CCE.Application/Common/Behaviors/ResponseValidationBehavior.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 25 in backend/src/CCE.Application/Content/Public/Queries/ListPublicEvents/ListPublicEventsQueryHandler.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-direct-datetime Warning

Use ISystemClock from the DI container instead of DateTimeOffset.UtcNow directly.
This makes time-dependent code testable via FakeSystemClock.

Check warning on line 7 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 8 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 9 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 10 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 11 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 12 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 13 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 14 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 15 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 16 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 21 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 22 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 23 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 24 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 25 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 26 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 27 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 28 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 29 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 30 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 31 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Check warning on line 32 in backend/src/CCE.Application/Errors/ApplicationErrors.cs

Code scanning / Semgrep OSS

Semgrep Finding: security.cce-no-string-secrets Warning

Possible hardcoded secret. Move to .env.local or appsettings.Development.json (gitignored)
or read from configuration.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feat/add otp verification #29

Uh oh!

Uh oh!

Feat/add otp verification #29

Uh oh!

242 new alerts

New alerts in code changed by this pull request

Annotations

Re-running checks...