root/chadebebe
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
20 Commits 1 Branch 0 Tags
4f3017a02d1d66f8eb6f5c07ea656388ee4df8a5
Commit Graph

20 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
belisards
4f3017a02d refactor(auth): replace JWT/password-lock with token guards 2026-05-03 16:31:00 -03:00
belisards
7b29e39e9f feat(client): swap auth client to session API; add guestsApi 2026-05-03 16:26:09 -03:00
belisards
e518e28957 feat(api): tokens on all routes; items expose claims/claimedQuantity/remainingQuantity 2026-05-03 16:25:19 -03:00
belisards
844951c832 feat(claim): quantity-aware claims via item_claims; per-guest unclaim 2026-05-03 16:22:22 -03:00
belisards
32f9403bd8 feat(api): admin guests CRUD endpoints 2026-05-03 16:21:26 -03:00
belisards
7b2e2cc3c5 feat(auth): replace login/refresh/me with /api/auth/session 2026-05-03 16:20:37 -03:00
belisards
f03e7aaf19 feat(auth): add token verification and cookie helpers 2026-05-03 16:19:14 -03:00
belisards
5596e3fa19 feat(db): introduce item_claims for quantity-aware claims; supersede inline claim columns 2026-05-03 16:18:34 -03:00
belisards
44d4dcbf7e feat(db): add guests table and claimed_by_guest_id column 2026-05-03 16:12:24 -03:00
belisards
4d4cdee9eb wip: in-progress mars theme work (saved before auth refactor) 2026-05-03 16:11:12 -03:00
belisards
282e475562 feat(theme): switch to Mars-inspired palette and atmospheric haze (no planet disk) 2026-05-03 15:49:30 -03:00
belisards
e38473e88d feat(home): inline items grid, drop share button, add planet/newborn theme, rename to Chá do Martin 2026-05-03 15:47:56 -03:00
Adriano Belisario
4864bf6304 chore: add data snapshot, deployment compose, and CLAUDE.md
Some checks failed
Build and Push Docker Image / build-and-push (push) Has been cancelled
Details 
- Commit SQLite db snapshot (WAL checkpointed before copy)
- Replace upstream docker-compose with real deployment config
- Add CLAUDE.md documenting customization and deploy steps
- Gitignore secrets.json and SQLite temp files

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-03 18:29:38 +00:00
Adriano Belisario
52f75f0b3d refactor: update UI components and page layouts
Some checks failed
Build and Push Docker Image / build-and-push (push) Has been cancelled
Details 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-03 18:18:31 +00:00
Michael T
ee884ccdf2 fix(api): use synchronous transaction for wishlist reorder 
better-sqlite3 doesn't support async transactions. Removed async/await
and used synchronous .run() and .all() methods instead.

Fixes #38
 2026-01-23 15:29:16 -05:00
Michael T
30c661a364 fix(auth): resolve cookie authentication failure over HTTP 
Cookies were set with secure flag based solely on NODE_ENV, causing
401 errors when accessing over HTTP with NODE_ENV=production.

- Add COOKIE_SECURE env var for explicit control
- Auto-detect HTTPS via X-Forwarded-Proto header in production
- Extract isSecureCookie() utility to lib/auth/utils.ts
- Document COOKIE_SECURE in README and .env.example

Fixes #39
 2026-01-23 15:26:24 -05:00
Michael T
be49b91188 chore: remove unused middleware placeholder 
The middleware only passed requests through without modification.
Password lock protection is handled client-side via PasswordLockGuard.
 2026-01-12 15:57:25 -05:00
Michael T
ae81206de7 fix(security): sanitize HTML content to prevent XSS attacks 
Add DOMPurify to sanitize user-generated HTML in the preferences
section before rendering with dangerouslySetInnerHTML.
 2026-01-12 11:21:27 -05:00
Michael T
aec68daec0 chore(deps): update dependencies to latest versions 
- Upgrade @lexical/* packages from 0.38.2 to 0.39.0
- Upgrade drizzle-orm from 0.44.7 to 0.45.1
- Upgrade react and react-dom from 19.2.0 to 19.2.3
- Upgrade sharp from 0.33.5 to 0.34.5
- Sync eslint-config-next with next@16.1.1
 2026-01-12 11:16:45 -05:00
michaeltieso
3480888eaa Initial commit 2025-12-01 14:49:17 +00:00