ISSUE : Missing idempotency protection on order creation and acceptance endpoints #17
Description
Description of the flaw
The backend does not enforce idempotency on order creation and order acceptance endpoints.
Repeated identical requests are processed independently, even when they represent the same logical operation.
There are no idempotency keys or duplicate request checks to prevent reprocessing.
Impact on the application or system
Duplicate orders can be created unintentionally.
The same order can be accepted or processed multiple times.
Leads to inconsistent business state and incorrect order lifecycle.
Common network retries or client resubmissions can cause data corruption.
This causes partial correctness and reliability failures under realistic conditions.
Steps to reproduce the issue
Send a request to create an order.
Resend the same request payload multiple times in quick succession.
Observe that multiple orders are created instead of one.
Repeat the same process for order acceptance and observe repeated state changes.