senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2001 commits 37 branches 94 tags 1.5 GiB
Commit graph

370 commits

Author SHA1 Message Date
senke
4807f64c32 feat(live): add migration 117 and model fields for Go Live 2026-02-24 09:51:21 +01:00
senke
fc3585c556 test(marketplace): add refund order unit tests 2026-02-24 00:19:42 +01:00
senke
3d311ef01a test(marketplace): add invoice generation unit tests 2026-02-24 00:19:10 +01:00
senke
63b5abe08a test(marketplace): add product review unit tests 2026-02-24 00:18:45 +01:00
senke
022770ef9f feat(v0.701): AdminTransfers page/route, MSW, stories, Deep Health, API ref, docs, scope v0.702 
- Step 13: AdminTransfersPage, LazyAdminTransfers, route /admin/transfers
- Step 14: MSW handlers admin transfers
- Step 15: AdminTransfersView stories (Default, Empty, WithFailedTransfers, Error, Loading)
- Step 16-17: DeepHealth handler (disk, config), GET /health/deep
- Step 19: health_deep_test.go (4 tests)
- Step 20: docs/API_REFERENCE.md
- Step 21: Archive V0_604, MIGRATIONS.md migration 116
- Step 22: CHANGELOG, PROJECT_STATE, FEATURE_STATUS v0.701
- Step 23: RETROSPECTIVE_V0701, V0_702 placeholder, SCOPE_CONTROL, .cursorrules
- Step 24: Archive V0_701_RELEASE_SCOPE
- Fix: AdminTransfersView Select component (use options API)
 2026-02-23 23:42:02 +01:00
senke
56f2e9f9c3 test(admin): add admin transfer handler tests 2026-02-23 23:35:11 +01:00
senke
7fed717c9b feat(routes): wire admin transfer endpoints in /admin group 2026-02-23 23:33:54 +01:00
senke
8375466af9 feat(admin): add admin transfer handler (GET list, POST retry) 2026-02-23 23:33:35 +01:00
senke
0211e44a09 test(marketplace): add transfer retry worker tests 2026-02-23 23:32:59 +01:00
senke
fd357cb383 feat(marketplace): add TransferRetryWorker background goroutine 2026-02-23 23:32:03 +01:00
senke
ab12f5d1fe feat(monitoring): add transfer retry Prometheus metrics 2026-02-23 23:31:35 +01:00
senke
3261d0fb44 feat(config): add transfer retry configuration (v0.701) 2026-02-23 23:31:09 +01:00
senke
bdfda923ae feat(marketplace): add retry fields to SellerTransfer model 2026-02-23 23:30:51 +01:00
senke
31034f409c test(commerce): add transfer tests — success, multi-seller, transfer-fails 2026-02-23 22:58:16 +01:00
senke
81fccda396 feat(seller): add transfers history card to SellerDashboard 2026-02-23 22:57:28 +01:00
senke
c2d5073a6e feat(commerce): add GET /sell/transfers endpoint 2026-02-23 22:56:26 +01:00
senke
4a08a89dc5 feat(commerce): trigger seller transfers on payment succeeded 2026-02-23 22:56:01 +01:00
senke
51dd867bdf feat(commerce): wire TransferService in marketplace and webhook routes 2026-02-23 22:55:39 +01:00
senke
a0a36e9d3e feat(commerce): add TransferService interface and WithTransferService option 2026-02-23 22:55:18 +01:00
senke
e86c476d42 feat(commerce): add SellerTransfer model 2026-02-23 22:55:08 +01:00
senke
979658165c feat(commerce): add PLATFORM_FEE_RATE config (default 10%) 2026-02-23 22:54:50 +01:00
senke
b319b60396 chore(release): v0.602 — Payout, Dette Technique & Tests E2E 
- Stripe Connect: onboarding, balance, SellerDashboardView
- Interceptors: auth.ts, error.ts extracted, facade
- Grafana: dashboards enriched (p50, top endpoints, 4xx, WS, commerce)
- E2E commerce: product->order->review->invoice
- SMOKE_TEST_V0602, RETROSPECTIVE_V0602, PAYOUT_MANUAL
- Archive V0_602 scope, V0_603 placeholder, SCOPE_CONTROL v0.603
- Fix sanitizer regex (Go no backreferences)
- Marketplace test schema: product_licenses, product_images, orders, licenses
 2026-02-23 22:32:01 +01:00
senke
a5d2951ec5 feat(seller): add seller_stripe_accounts migration and model 2026-02-23 22:11:11 +01:00
senke
cb9b418286 feat(seller): add Stripe Connect config 2026-02-23 22:09:23 +01:00
senke
06e3de98b9 feat(commerce): Hyperswitch LIVE_MODE configuration 
- config: HyperswitchLiveMode (HYPERSWITCH_LIVE_MODE)
- routes_marketplace: warn when production + LiveMode=false
- docker-compose.prod: HYPERSWITCH_LIVE_MODE env var
 2026-02-23 19:56:52 +01:00
senke
8f6a6b0b13 feat(streaming): wire HLS pipeline end-to-end with serving routes 
- Add HLSEnabled and HLSStorageDir to backend config (HLS_STREAMING env)
- Register HLS serving routes (master.m3u8, quality playlist, segments)
  behind HLSEnabled feature flag on existing track routes
- Add GetHLSStatus and TriggerHLSTranscode methods to StreamService
  for stream server communication
- Update docker-compose (dev, staging, prod) with HLS env vars and
  shared hls-data volume between backend and stream-server
- Stream callback already correctly updates stream_manifest_url
 2026-02-22 21:20:35 +01:00
senke
d3e3ba9b33 feat(chat): Redis rate limiter, persistent presence, PostgreSQL full-text search 
- Rewrite chat rate limiter with Redis sliding window (sorted sets) and
  automatic in-memory fallback when Redis is unavailable
- Add ChatPresenceService with Redis-backed online/offline/heartbeat
  tracking (2min TTL), integrated into Hub register/unregister
- Add migration 113: tsvector column with GIN index and auto-update
  trigger on messages table for full-text search
- Update Search repository method to use ts_rank ordering instead of ILIKE
- Wire Redis client into chat WebSocket setup in router.go
- Add comprehensive tests: rate limiter, presence, 100-user concurrent benchmark
 2026-02-22 21:17:51 +01:00
senke
25e7345a6a test(chat): Sprint 5 -- unit tests, E2E tests, feature parity validation 
- Add hub_test.go: register/unregister, join/leave room, broadcast, exclude sender,
  send to user, multiple clients same user (6 tests)
- Add handler_messages_test.go: send message, missing fields, edit ownership check,
  soft delete (4 tests)
- Add handler_realtime_test.go: typing broadcast, read receipts, reactions add/remove,
  delivered status (5 tests)
- Add e2e_chat_ws_test.go: auth valid, missing token, invalid token, ping/pong
- Add e2e_chat_messages_test.go: 2-client message flow, typing indicator
- Create CHAT_FEATURE_PARITY.md: 25-feature checklist (all OK or IMPROVED)
 2026-02-22 20:49:32 +01:00
senke
603eb06dae feat(chat): Sprint 3 -- message handlers, real-time features, permissions 
- Implement full MessageHandler dispatch with all 18 incoming message types
- Add handler_messages.go: SendMessage, EditMessage, DeleteMessage with ownership checks
- Add handler_rooms.go: JoinConversation, LeaveConversation
- Add handler_history.go: FetchHistory (cursor-based), SearchMessages (ILIKE), SyncMessages
- Add handler_realtime.go: Typing, MarkAsRead, Delivered, AddReaction, RemoveReaction
- Add handler_calls.go: WebRTC signaling relay (CallOffer/Answer/ICE/Hangup/Reject)
- Add PermissionService: CanRead/CanSend/CanJoin/CanModerate based on room_members
- Add RateLimiter: per-user per-action sliding window (in-memory)
- Wire all dependencies in router.go setupChatWebSocket
 2026-02-22 20:43:44 +01:00
senke
3baeef30dd feat(chat): Sprint 2 -- WebSocket hub, client, message types, route 
- Create Hub with register/unregister/broadcast, room/user index
- Create Client with readPump/writePump goroutines, 30s ping keepalive
- Define all 18 incoming + 18 outgoing message types matching Rust protocol
- Add ValidateChatToken to ChatService for JWT validation
- Update WSUrl from /ws to /api/v1/ws
- Register GET /api/v1/ws endpoint in router
- Create ChatWebSocketHandler for WebSocket upgrade and auth
 2026-02-22 20:41:39 +01:00
senke
2ee63b9b11 feat(chat): Sprint 1 -- migrations, models, repositories for chat rewrite 
- Add migrations 109-112: read_receipts, delivered_status, message_reactions, messages extra columns
- Create ReadReceipt, DeliveredStatus, MessageReaction GORM models
- Update Message model with EditedAt, Status, IsPinned, Metadata fields
- Enrich ChatMessageRepository with cursor pagination, search, soft delete
- Create ReadReceiptRepository, DeliveredStatusRepository, ReactionRepository
- Create ChatPubSubService with Redis PubSub and in-memory fallback
 2026-02-22 20:38:20 +01:00
senke
28136f2897 feat(v0.501): Sprint 5 -- integration, tests, and cleanup 
- INT-01: Add E2E streaming tests (upload -> HLS auth)
- INT-02: Add E2E cloud tests (CRUD auth, public gear)
- INT-03: Split track/handler.go into 4 focused sub-handlers
- INT-04: Create migration squash script + MIGRATIONS.md
- INT-05: Add Trivy container image scanning CI workflow
- INT-06: Replace production console.log with structured logger
 2026-02-22 18:40:07 +01:00
senke
bcc885327b feat(v0.501): Sprint 4 -- Cloud frontend + Gear advanced 
- C1-09: Create CloudPage with folder tree, file list, and /cloud route
- C1-10: Create CloudUploadModal with drag-and-drop and progress
- C1-11: Create CloudFilePreview mini player inline
- C1-12: Add Cloud stories (loading, empty, populated, quota full)
- G1-01: Add is_public toggle, public gear endpoint, GearShowcase
- G1-02: Add gear image upload endpoints, GearImageGallery component
- G1-03: Add gear search with ILIKE + SearchBar in toolbar
- G1-04: Add stories for GearShowcase and GearImageGallery
 2026-02-22 18:30:49 +01:00
senke
86a0978c28 feat(v0.501): Sprint 3 -- Cloud Storage MVP backend 
- C1-01: Create CloudService with CRUD folders/files, quota, ownership
- C1-02: Create CloudHandler with 11 REST endpoints
- C1-03: Register cloud routes in Go router
- C1-04: Implement file streaming with HTTP Range support
- C1-05: Add publish cloud file as track endpoint
- C1-06: Add MSW mock handlers for cloud API
- C1-07: Auto-init 5GB storage quota on user registration
- C1-08: Add 12 unit tests for CloudService
 2026-02-22 18:23:58 +01:00
senke
465aa9e008 feat(v0.501): Sprint 2 -- HLS production-ready 
- S1-01: Add multi-bitrate streaming profiles (128k, 256k, 320k)
- S1-02: Update master.m3u8 endpoint with 3-tier quality system
- S1-03: Integrate hls.js with ABR + useHLSPlayer hook
- S1-04: Add Cache-Control headers on HLS segments and manifests
- S1-05: Create WaveformService with async generation (FFmpeg + audiowaveform)
- S1-06: Add GET /tracks/:id/waveform endpoint with Redis cache
- S1-07: Create WaveformDisplay component with story
- S1-08: Add 4 Prometheus metrics for streaming monitoring
 2026-02-22 18:16:37 +01:00
senke
1797e5c32c feat(v0.501): Sprint 1 -- infrastructure foundations 
- Add MinIO S3-compatible storage to docker-compose (dev, staging, prod)
- Create migrations 103-108 (waveform_url, user_folders, user_files,
  user_storage_quotas, gear_items.is_public, gear_images)
- Add Go models: UserFile, UserFolder, StorageQuota, GearImage
- Add WaveformURL to Track model, IsPublic + GearImages to GearItem model
 2026-02-22 18:10:25 +01:00
senke
09dc20e965 refactor(websocket): replace gorilla/websocket with coder/websocket 
INT-06: Migrated playback_websocket_handler.go from deprecated
gorilla/websocket to coder/websocket v1.8.14. Uses context-based
reads/writes and websocket.Accept instead of Upgrader.
 2026-02-22 17:53:10 +01:00
senke
43536ea3f3 fix(tests): fix 2 skipped tests, add clear skip reasons to 11 others 
INT-04: Fixed nil UserID panic in AuditService (re-enabled 2 tests).
Added INT-04 comments explaining skip reasons for tests requiring
PostgreSQL, real file headers, or external services.
 2026-02-22 17:53:00 +01:00
senke
23791095ad test: add 5 cross-service E2E integration tests 
INT-03: Tests for health endpoint, auth flow, track upload auth,
webhook HTTPS-only, and rate limit headers. Build-tagged
'integration' to avoid running in regular test suite.
 2026-02-22 17:52:50 +01:00
senke
5258b9bf17 feat(streaming): trigger HLS transcoding after track upload 
INT-02: TrackService.copyFileAsync now calls StreamService.StartProcessing
after successful file copy. Wires the stream server integration into
all track route registrations.
 2026-02-22 17:52:39 +01:00
senke
0e095d9a54 refactor(backend): replace 40 fmt.Printf calls with zap structured logging 
CLN-03: router.go, track/service.go, upload_validator.go, cors.go,
playlist_handler.go, and mfa.go now use zap.L() or local logger
for structured logging instead of fmt.Printf.
 2026-02-22 17:44:38 +01:00
senke
05daed60df refactor: remove dead code (api_manager.go, unused templates) 
CLN-01: Deleted archived api_manager.go (~789 LOC, build-tag ignore)
and dev-environment/templates/ (~806 LOC, never used by generator).
 2026-02-22 17:44:19 +01:00
senke
9752a90dfb fix(security): hash password reset tokens before database storage 
INF-10: Reset tokens are now SHA-256 hashed before INSERT. Validation
hashes the received token and compares against stored hash. Plain
tokens never persisted.
 2026-02-22 17:36:10 +01:00
senke
eb92779df2 feat(security): implement Redis-backed rate limiter with in-memory fallback 
INF-01: RedisRateLimiter uses atomic Lua script (INCR+EXPIRE) for
distributed rate limiting. Falls back to in-memory SimpleRateLimiter
when Redis is unavailable. Same X-RateLimit-* headers and 429 format.
 2026-02-22 17:35:21 +01:00
senke
4efd5d1d07 fix(security): require Hyperswitch webhook secret in production when payments enabled 
SEC-08: If HYPERSWITCH_ENABLED=true in production, startup now fails
unless HYPERSWITCH_WEBHOOK_SECRET is set. This prevents webhook
signature verification from being silently bypassed.
 2026-02-22 17:31:52 +01:00
senke
142d1576be fix(security): add SSRF protection for webhook URL registration 
SEC-07: Strengthened ValidateWebhookURL to require HTTPS only (was
allowing HTTP). Private IP ranges, localhost, and cloud metadata
endpoints remain blocked.
 2026-02-22 17:31:10 +01:00
senke
72d15f60b5 fix(security): add ownership check to GetUploadStatus handler (IDOR fix) 
SEC-06: GetUploadStatus now verifies that the authenticated user owns the
upload before returning status. Returns 404 for non-owners to prevent
information disclosure.
 2026-02-22 17:30:30 +01:00
senke
de5b3bc542 feat(auth): add ephemeral stream-token endpoint for HLS and WebSocket authentication 
SEC-03: TokenStorage.getAccessToken() returns null with httpOnly cookies.
New POST /api/v1/auth/stream-token returns a 5-min JWT compatible with
both stream server (Claims struct) and chat server (JwtClaims struct).
Frontend hlsService and websocket updated to use fetchStreamToken() fallback.
 2026-02-22 17:28:00 +01:00
senke
952520dd7f feat(marketplace): add license revoked_at migration 2026-02-22 16:18:01 +01:00
senke
bf57d58f5a feat(hyperswitch): add CreateRefund to client 2026-02-22 16:17:54 +01:00