Adriano Belisario
78bef85c96
feat: allow anonymous public wishlist viewing
2026-05-04 00:09:43 +00:00
Adriano Belisario
6c8e11c851
chore: db snapshot with updated item images
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 23:14:23 +00:00
Adriano Belisario
7ef1065971
fix: hide item count when reservations are disabled
2026-05-03 23:14:17 +00:00
Adriano Belisario
9f6a7c15d9
docs: add repository contributor guide
2026-05-03 23:14:11 +00:00
Adriano Belisario
eebb183d36
Hide disabled reservations button
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 23:00:43 +00:00
Adriano Belisario
a0349aa9c4
chore: db snapshot with item images (batch 1) + image skill doc
...
Images applied to 9 items (Macacões RN, Bodies RN, Luvas, Meias, Sapatinhos malha,
Bodies ML 1-3m, Bodies MC 1-3m, Calças 1-3m, Macacões 1-3m, Swaddle).
Adds docs/skill-item-images.md with search/patch workflow and DB snapshot steps.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 22:58:06 +00:00
Adriano Belisario
b19a3fdf48
feat: grid layout, global claim/qty toggles, admin access link, swaddle image
...
- Public wishlist now renders as responsive 3-col grid instead of list
- Subtitle supports line breaks (whitespace-pre-line)
- claimingEnabled and showQuantity moved to global site settings (not per-item); toggled in admin Configurações panel; claim API enforces server-side
- Admin dashboard shows admin access link with copy button
- Settings API exposes and persists the two new boolean settings
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 22:52:32 +00:00
Adriano Belisario
5548f5000f
feat(ui): show price in public view and admin item card; fix quantity badge in claims list
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
- Public wishlist page now displays item price (formatted as BRL) below the
item name when a price is set
- Admin ItemCard shows price and quantity badge so items can be scanned at a
glance without opening the edit form
- Claims list no longer shows "· 1 un." for single-unit items (the unit count
is only displayed when item.quantity > 1)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 21:13:45 +00:00
Adriano Belisario
3df9a67b97
feat(admin): merge Site Settings and Wishlist into single Configurações panel
...
Single-wishlist apps no longer need two separate edit sections.
Both siteTitle/homepageSubtext and wishlist fields now save together
in one action from a unified Configurações card.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 21:10:58 +00:00
Adriano Belisario
21e8b7e137
fix(quantity): enforce claim limits on backend, fix quantity field in admin form
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 21:07:24 +00:00
Adriano Belisario
4b428ce272
docs: add skill draft for uploading items to the wishlist
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 21:04:15 +00:00
Adriano Belisario
23114637ac
fix: sync reorder transaction + redirect unauthenticated users to wishlist
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
- reorder route used async callback with better-sqlite3 (sync driver),
causing "Transaction function cannot return a promise" — converted to sync
- home page now redirects unauthenticated visitors to the wishlist slug
instead of getting stuck on the loading screen
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 21:02:10 +00:00
Adriano Belisario
2726be337e
feat: simplify to single-wishlist instance
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
- Home page redirects guests directly to the single wishlist slug
- Admin shows settings + single wishlist header + items only
- Removed multi-wishlist create/delete/reorder UI
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 20:57:00 +00:00
Adriano Belisario
cac2c223dd
feat: remove price and currency fields from frontend and backend
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 20:51:49 +00:00
Adriano Belisario
1e513c318f
feat(admin): merge quantity into price/currency row, add BRL, PT-BR labels
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 20:36:24 +00:00
belisards
4e031a9d4d
feat(admin): claims dashboard listing all reservations
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 17:26:19 -03:00
belisards
007aa35521
feat(admin): drop ShareButton and View Public Site from header
2026-05-03 17:25:10 -03:00
belisards
96d38301c4
feat(slug): drop Voltar ao início link
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 17:15:51 -03:00
belisards
31c912fc3d
revert: drop visitor CTA button and public visit endpoint
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 17:15:20 -03:00
belisards
17117ed7b2
feat(home): add Ver lista do Martin CTA, mints anonymous visitor guest
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 17:13:41 -03:00
belisards
e96181a6f3
feat(home): teaser promo for unauthenticated visitors
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 17:04:51 -03:00
belisards
d33feced1d
fix(build): read URL params via window in guards (avoid useSearchParams prerender error)
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 17:02:45 -03:00
belisards
2418ab64cc
chore(deploy): switch domain to chadomartin.omeu.website
Build and Push Docker Image / build-and-push (push) Has been cancelled
2026-05-03 16:53:51 -03:00
belisards
c959cc8829
feat(ui): hide spoiler banner, anonymize claims, optional guest name, list wishlists on home, drop esgotados toggle
2026-05-03 16:53:48 -03:00
belisards
ce7731cebb
chore: remove password-lock; switch to ADMIN_TOKEN env; update docs
2026-05-03 16:34:41 -03:00
belisards
ea0d2c9370
feat(cli): guest create/list/delete scripts
2026-05-03 16:33:10 -03:00
belisards
0832c0f9e5
feat(admin): guests CRUD UI with copy-link
2026-05-03 16:32:19 -03:00
belisards
8d9e7c0709
feat(home): show convite necessário; route admin/guest tokens
2026-05-03 16:31:40 -03:00
belisards
4f3017a02d
refactor(auth): replace JWT/password-lock with token guards
2026-05-03 16:31:00 -03:00
belisards
7b29e39e9f
feat(client): swap auth client to session API; add guestsApi
2026-05-03 16:26:09 -03:00
belisards
e518e28957
feat(api): tokens on all routes; items expose claims/claimedQuantity/remainingQuantity
2026-05-03 16:25:19 -03:00
belisards
844951c832
feat(claim): quantity-aware claims via item_claims; per-guest unclaim
2026-05-03 16:22:22 -03:00
belisards
32f9403bd8
feat(api): admin guests CRUD endpoints
2026-05-03 16:21:26 -03:00
belisards
7b2e2cc3c5
feat(auth): replace login/refresh/me with /api/auth/session
2026-05-03 16:20:37 -03:00
belisards
f03e7aaf19
feat(auth): add token verification and cookie helpers
2026-05-03 16:19:14 -03:00
belisards
5596e3fa19
feat(db): introduce item_claims for quantity-aware claims; supersede inline claim columns
2026-05-03 16:18:34 -03:00
belisards
44d4dcbf7e
feat(db): add guests table and claimed_by_guest_id column
2026-05-03 16:12:24 -03:00
belisards
4d4cdee9eb
wip: in-progress mars theme work (saved before auth refactor)
2026-05-03 16:11:12 -03:00
belisards
282e475562
feat(theme): switch to Mars-inspired palette and atmospheric haze (no planet disk)
2026-05-03 15:49:30 -03:00
belisards
e38473e88d
feat(home): inline items grid, drop share button, add planet/newborn theme, rename to Chá do Martin
2026-05-03 15:47:56 -03:00
Adriano Belisario
4864bf6304
chore: add data snapshot, deployment compose, and CLAUDE.md
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
- Commit SQLite db snapshot (WAL checkpointed before copy)
- Replace upstream docker-compose with real deployment config
- Add CLAUDE.md documenting customization and deploy steps
- Gitignore secrets.json and SQLite temp files
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 18:29:38 +00:00
Adriano Belisario
52f75f0b3d
refactor: update UI components and page layouts
...
Build and Push Docker Image / build-and-push (push) Has been cancelled
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-03 18:18:31 +00:00
Michael T
ee884ccdf2
fix(api): use synchronous transaction for wishlist reorder
...
better-sqlite3 doesn't support async transactions. Removed async/await
and used synchronous .run() and .all() methods instead.
Fixes #38
2026-01-23 15:29:16 -05:00
Michael T
30c661a364
fix(auth): resolve cookie authentication failure over HTTP
...
Cookies were set with secure flag based solely on NODE_ENV, causing
401 errors when accessing over HTTP with NODE_ENV=production.
- Add COOKIE_SECURE env var for explicit control
- Auto-detect HTTPS via X-Forwarded-Proto header in production
- Extract isSecureCookie() utility to lib/auth/utils.ts
- Document COOKIE_SECURE in README and .env.example
Fixes #39
2026-01-23 15:26:24 -05:00
Michael T
be49b91188
chore: remove unused middleware placeholder
...
The middleware only passed requests through without modification.
Password lock protection is handled client-side via PasswordLockGuard.
2026-01-12 15:57:25 -05:00
Michael T
ae81206de7
fix(security): sanitize HTML content to prevent XSS attacks
...
Add DOMPurify to sanitize user-generated HTML in the preferences
section before rendering with dangerouslySetInnerHTML.
2026-01-12 11:21:27 -05:00
Michael T
aec68daec0
chore(deps): update dependencies to latest versions
...
- Upgrade @lexical/* packages from 0.38.2 to 0.39.0
- Upgrade drizzle-orm from 0.44.7 to 0.45.1
- Upgrade react and react-dom from 19.2.0 to 19.2.3
- Upgrade sharp from 0.33.5 to 0.34.5
- Sync eslint-config-next with next@16.1.1
2026-01-12 11:16:45 -05:00
michaeltieso
3480888eaa
Initial commit
2025-12-01 14:49:17 +00:00
