senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
555 commits 37 branches 94 tags 1.5 GiB
Commit graph

17 commits

Author SHA1 Message Date
senke
634d0db22f fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
senke
9cd76a512f [LOGGING] Fix #10: Erreurs silencieuses - Ajout de logs avec contexte pour toutes les erreurs dans core/auth et core/track 2026-01-04 01:44:15 +01:00
senke
4e0d436bf9 [FIX] Register: Améliorer logs d'erreur pour diagnostic 
- Ajouter logs détaillés dans service.go (erreur PostgreSQL complète)
- Ajouter logs détaillés dans handler (erreur complète avant encapsulation)
- Capturer type d'erreur, message, et contexte
- Gérer erreurs CHECK constraint, ENUM manquant, timeout
- Permettre identification précise de l'erreur réelle
 2026-01-04 01:44:15 +01:00
senke
939342a8a0 [FIX] Get Me: Création de session lors du Register 
- Problème: Get Me échouait avec 'Session expired or invalid'
- Cause: Register générait tokens JWT mais ne créait pas de session en base
- Solution: Ajout création de session dans Register handler (comme Login)
- Modifications:
  - handlers/auth.go: Register() accepte sessionService
  - handlers/auth.go: Création session après génération tokens
  - router.go: Passage sessionService à Register handler
- Test: Register → Get Me fonctionne 
- Flow complet validé: Register → Login → Get Me
 2026-01-04 01:44:15 +01:00
senke
d0f403018d [FIX] ISSUE-001 & ISSUE-002: Fix authentication workflow for MVP 
ISSUE-001: Auto-verify email on registration
- Set IsVerified: true in Register() to allow immediate login
- Removes blocking email verification requirement for MVP

ISSUE-002: Generate tokens in Register
- Modified Register() signature to return (*User, *TokenPair, error)
- Added JWT token generation after user creation
- Store refresh token in database
- Updated handlers to use returned tokens
- Added nil checks for JWTService and refreshTokenService

Changes:
- veza-backend-api/internal/core/auth/service.go
- veza-backend-api/internal/handlers/auth.go
- veza-backend-api/internal/core/auth/handler.go
- REAL_ISSUES_TODOLIST.json

Note: Backend needs to be recompiled and restarted for changes to take effect.
 2026-01-04 01:44:13 +01:00
senke
1b59fbaf34 [AUDIT] Real integration status - 58% pass rate, 2 blocking issues 
- 19 tests executed (11 pass, 6 fail, 3 skip)
- 2 P0 blocking issues: Login email verification, Register empty tokens
- 4 P1 issues: Protected endpoints cannot be tested (depends on auth)
- 1 P2 issue: Sessions endpoint redirect
- Full test results documented with exact HTTP codes and error messages
- User journey analysis: can register but cannot login
- Recommendations: Fix auth workflow first, then retest protected endpoints
 2026-01-04 01:44:13 +01:00
senke
27517ae916 [INT-017] int: Add session management integration 
- Fixed GetSessions handler to identify current session by comparing token hash
- Added session creation during token refresh to ensure sessions are tracked
- Sessions are now correctly identified as current in the frontend
- Updated Refresh handler to accept sessionService parameter

Files modified:
- veza-backend-api/internal/handlers/session.go
- veza-backend-api/internal/handlers/auth.go
- veza-backend-api/internal/api/router.go
- VEZA_COMPLETE_MVP_TODOLIST.json
 2025-12-25 15:47:33 +01:00
senke
dce5ff3484 [BE-TEST-001] be-test: Add unit tests for auth handlers 
- Created comprehensive unit tests for all authentication handlers
- Tests cover Login, Register, Refresh, Logout, VerifyEmail, ResendVerification, CheckUsername, and GetMe
- Tests use real AuthService with in-memory SQLite database for realistic testing
- All handlers tested with success cases, error cases, and edge cases
- Fixed ExpiresIn calculation in Login and Refresh handlers to handle TokenPair.ExpiresIn
- Test coverage includes:
  - Login: success, invalid credentials, email not verified, requires 2FA, invalid request
  - Register: success, user already exists, invalid email, weak password, invalid request
  - Refresh: invalid request (token validation tested via integration tests)
  - Logout: success, unauthorized
  - VerifyEmail: missing token
  - ResendVerification: success
  - CheckUsername: available, taken, missing username
  - GetMe: success, unauthorized

Phase: PHASE-5
Priority: P2
Progress: 121/267 (45.32%)
 2025-12-24 18:14:31 +01:00
senke
651c8199b2 [INT-003] integration: Fix auth/login response format mismatch 
- Added username field to UserResponse in Login handler
- Backend now returns { user: { id, email, username }, token: { access_token, refresh_token, expires_in } }
- Format matches frontend AuthResponse type
- Frontend client API already handles unwrapping correctly
- DTOs already use correct JSON tags (snake_case)

Phase: PHASE-1
Priority: P0
Progress: 8/267 (3.0%)
 2025-12-23 01:44:54 +01:00
senke
5e25825726 [BE-API-001] api: Implement 2FA endpoints (setup, verify, disable) 
- Created TwoFactorHandler with SetupTwoFactor, VerifyTwoFactor, DisableTwoFactor, GetTwoFactorStatus
- Added routes: POST /auth/2fa/setup, POST /auth/2fa/verify, POST /auth/2fa/disable, GET /auth/2fa/status
- Updated LoginResponse DTO to include requires_2fa flag
- Updated Login handler to check 2FA status and return requires_2fa flag when enabled
- Reused existing TwoFactorService (already had QR generation and TOTP verification)
- Added VerifyTOTPCode helper method to TwoFactorService
- All endpoints properly authenticated with RequireAuth middleware

Phase: PHASE-1
Priority: P0
Progress: 4/267 (1.5%)
 2025-12-23 01:40:28 +01:00
senke
ccd4542f11 fix(MVP-009): Fix GetMe endpoint to return full user object from database 2025-12-22 23:03:46 +01:00
senke
d61d851f65 stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
okinrev
87c6461900 report generation and future tasks selection 2025-12-08 19:57:54 +01:00
okinrev
7d227bd902 feat(api): remediate missing openapi spec and annotate handlers 2025-12-06 17:34:18 +01:00
okinrev
1e4f7b1756 STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
okinrev
b7955a680c P0: stabilisation backend/chat/stream + nouvelle base migrations v1 
Backend Go:
- Remplacement complet des anciennes migrations par la base V1 alignée sur ORIGIN.
- Durcissement global du parsing JSON (BindAndValidateJSON + RespondWithAppError).
- Sécurisation de config.go, CORS, statuts de santé et monitoring.
- Implémentation des transactions P0 (RBAC, duplication de playlists, social toggles).
- Ajout d’un job worker structuré (emails, analytics, thumbnails) + tests associés.
- Nouvelle doc backend : AUDIT_CONFIG, BACKEND_CONFIG, AUTH_PASSWORD_RESET, JOB_WORKER_*.

Chat server (Rust):
- Refonte du pipeline JWT + sécurité, audit et rate limiting avancé.
- Implémentation complète du cycle de message (read receipts, delivered, edit/delete, typing).
- Nettoyage des panics, gestion d’erreurs robuste, logs structurés.
- Migrations chat alignées sur le schéma UUID et nouvelles features.

Stream server (Rust):
- Refonte du moteur de streaming (encoding pipeline + HLS) et des modules core.
- Transactions P0 pour les jobs et segments, garanties d’atomicité.
- Documentation détaillée de la pipeline (AUDIT_STREAM_*, DESIGN_STREAM_PIPELINE, TRANSACTIONS_P0_IMPLEMENTATION).

Documentation & audits:
- TRIAGE.md et AUDIT_STABILITY.md à jour avec l’état réel des 3 services.
- Cartographie complète des migrations et des transactions (DB_MIGRATIONS_*, DB_TRANSACTION_PLAN, AUDIT_DB_TRANSACTIONS, TRANSACTION_TESTS_PHASE3).
- Scripts de reset et de cleanup pour la lab DB et la V1.

Ce commit fige l’ensemble du travail de stabilisation P0 (UUID, backend, chat et stream) avant les phases suivantes (Coherence Guardian, WS hardening, etc.).
 2025-12-06 11:14:38 +01:00
okinrev
2425c15b09 adding initial backend API (Go) 2025-12-03 20:29:37 +01:00