senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1856 commits 37 branches 94 tags 1.5 GiB
Commit graph

132 commits

Author SHA1 Message Date
senke
aec22b596c feat(marketplace): add product images management endpoint 2026-02-22 14:08:13 +01:00
senke
c6f094a3d5 feat(marketplace): add POST /products/:id/preview for audio preview upload 2026-02-22 14:07:30 +01:00
senke
49bb633fc6 feat(presence): P2.1 rich presence, P2.2 invisible mode 
Backend:
- UserPresence: track_id, track_title, invisible
- UpdatePresenceFull, GetPresenceForViewer (invisible hides for others)
- PUT /users/me/presence
- Migration 094 rich presence columns

Frontend:
- presenceService.updatePresence
- usePresenceSync: sync currentTrack to presence
- PresenceBadge: statusMessage tooltip
- PresenceInvisibleToggle in PrivacySettings
- MSW: PUT /users/me/presence
 2026-02-21 16:47:09 +01:00
senke
49e3122e78 feat(notifications): N1.1-N1.3 Web Push subscription, send on events, preferences 
- N1.1: POST /notifications/push/subscribe, PushService, migration 090
- N1.2: Send Web Push on follow/like/comment/message via CreateNotification
- N1.3: GET/PUT /notifications/preferences, migration 093
- Shared NotificationService with PushService for profile, track, comment handlers
- Fix MockSocialService GetGlobalFeed, GetTrendingHashtags for tests
 2026-02-21 16:41:39 +01:00
senke
d2a55b405e feat(groups): S2 frontend - request join, invite, roles, my groups, MSW handlers 2026-02-21 05:51:29 +01:00
senke
7ca8d14283 feat(groups): S2.1-S2.5 request join, invite, roles, feed groups, my groups 2026-02-21 05:48:59 +01:00
senke
28e6642fa6 feat(social): GET /social/explore, explore tab, feed filters all/following/groups (S1.5, S1.6) 2026-02-21 05:31:12 +01:00
senke
182b28011f feat(presence): PresenceService and GET /users/:id/presence (P1.2) 2026-02-21 05:22:43 +01:00
senke
ba24507b1f feat(queue): add queue session API (create, get, delete, add/remove items) 2026-02-20 18:41:12 +01:00
senke
7e171f1c1e feat(social): cache trending hashtags in Redis 2026-02-20 18:33:17 +01:00
senke
ae50f6956a feat(social): add GET /social/trending endpoint 2026-02-20 18:32:16 +01:00
senke
ede3546f4b feat(release): v0.202 — Lots G, H, F, C, D
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details
Frontend CI / test (push) Failing after 0s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 0s
Details 
- Lot G: Recherche avancée (musical_key, tri pertinence, autocomplete, facettes, historique)
- Lot H: Analytics créateur (stats, charts, completion rate, export CSV/JSON)
- Lot F: Seller dashboard (GET /sell/stats, liste produits)
- Lot C: Player (crossfade, gapless preload, PiP)
- Lot D2: Autoplay (GET /tracks/recommendations, section À écouter ensuite)

Backend: GetRecommendations handler, route /tracks/recommendations
Frontend: PlayerQueue recommendations, fix TS errors (GlobalPlayer, AnalyticsViewKpiGrid, etc.)
Docs: FEATURE_STATUS, PROJECT_STATE, CHANGELOG, SCOPE_CONTROL
 2026-02-20 18:16:17 +01:00
senke
7caf082078 feat(seller): add GET /sell/stats and connect dashboard (F1) 2026-02-20 17:02:13 +01:00
senke
363b092f3e feat(analytics): add creator export CSV/JSON (H4) 2026-02-20 17:00:36 +01:00
senke
d81695c27c feat(analytics): add creator charts endpoint and UI (H2) 2026-02-20 16:59:25 +01:00
senke
ecbc2389d8 feat(analytics): add creator stats endpoint and UI (H1) 2026-02-20 16:57:58 +01:00
senke
aeb941d41a feat(search): add autocomplete suggestions endpoint and UI (G3) 2026-02-20 16:54:17 +01:00
senke
1977183718 feat(tracks): add suggested tags endpoint and UI (E4) 
- Migration 085: tracks.tags TEXT[]
- Track model: Tags pq.StringArray
- GET /tracks/suggested-tags?genre=X&bpm=Y (static suggestions by genre)
- UpdateTrack: support tags
- TrackMetadataEditModal: tags chips + suggestions dropdown
- TrackDetailPageInfo: display tags
- getSuggestedTags, UpdateTrackParams.tags
- MSW: suggested-tags handler, tags in mock track
 2026-02-20 15:38:51 +01:00
senke
6b80089706 feat(tracks): add lyrics model and endpoints (E3) 
- Migration 084: track_lyrics table
- TrackLyrics model, GetLyrics, CreateOrUpdateLyrics in TrackService
- GET /tracks/:id/lyrics, PUT /tracks/:id/lyrics (owner only)
- Frontend: TrackLyricsSection with show/hide toggle, Lyrics tab
- trackService: getLyrics, updateLyrics
- MSW: handlers for lyrics
 2026-02-20 15:36:28 +01:00
senke
d626e9c533 feat(auth): enrich sessions page with history and revoke (A4) 2026-02-20 14:52:20 +01:00
senke
6bac68b679 feat(auth): add OAuth Spotify provider (A1) 2026-02-20 14:48:08 +01:00
senke
32348bebce feat(developer): add API keys backend (Lot C) 
- Migration 082: api_keys table (user_id, name, prefix, hashed_key, scopes, last_used_at, expires_at)
- APIKey model, APIKeyService (Create, List, Delete, ValidateAPIKey)
- APIKeyHandler: GET/POST/DELETE /api/v1/developer/api-keys
- AuthMiddleware: X-API-Key and Bearer vza_* accepted as alternative to JWT
- CSRF: skip for API key auth (stateless)
- Key format: vza_ prefix, SHA-256 hashed storage
 2026-02-20 00:18:36 +01:00
senke
6a53daab59 feat(queue): add backend queue API with CRUD operations 2026-02-19 23:44:44 +01:00
senke
b103a09a25 chore: consolidate CI, E2E, backend and frontend updates 
- CI: workflows updates (cd, ci), remove playwright.yml
- E2E: global-setup, auth/playlists/profile specs
- Remove playwright-report and test-results artifacts from tracking
- Backend: auth, handlers, services, workers, migrations
- Frontend: components, features, vite config
- Add e2e-results.json to gitignore
- Docs: REMEDIATION_PROGRESS, audit archive
- Rust: chat-server, stream-server updates
 2026-02-17 16:43:21 +01:00
senke
06d56dd298 feat(backend): OAuth FRONTEND_URL from config, docs update 
- Add FrontendURL to config (FRONTEND_URL or VITE_FRONTEND_URL)
- OAuth handlers use config instead of os.Getenv
- Update TODOS_AUDIT: mark UUID migration items as resolved
- Add ISSUES_P2_BACKLOG.md for GitHub issues
- Add ROUTES_ORPHANES.md for routes without UI
- Document FRONTEND_URL in .env.example
 2026-02-17 16:42:23 +01:00
senke
7846bbab28 fix(backend): remediation plan — tests, playback_analytics, job queue, gamification 
Phase 1 - Backend tests:
- Add PlaybackAnalytics to AutoMigrate in setupTestTrackHandler
- Create migration 081_create_playback_analytics.sql for production
- PlaybackAnalyticsService: return ErrTrackNotFound for missing track
- RecordPlay handler: return 404 when track not found
- CreateShare: use RespondSuccess, fix services.ErrTrackNotFound/ErrForbidden
- GetTrackLikes, UnlikeTrack: use RespondSuccess for consistent response
- GetUserLikedTracks test: fix route /users/:id/likes and params
- GetSharedTrack_InvalidToken: set share service in test

Phase 4 - Job queue transcoding:
- Add EnqueueTranscodingJob to JobEnqueuer interface
- Add TypeTranscoding and processTranscodingJob (stub) in JobWorker
- MockJobEnqueuer: implement EnqueueTranscodingJob

Phase 5 - Gamification cleanup:
- Move api_manager.go to internal/api/archive/
- Add archive/README.md documenting archived modules
- Update TODOS_AUDIT.md and FEATURE_STATUS.md
 2026-02-17 16:01:45 +01:00
senke
9c0c065383 chore: remove dead code (Education, Studio, Gamification) (P2) 2026-02-16 11:03:27 +01:00
senke
3cf1d14f46 fix(security): verify track access before download (A04) 
- Add TrackDownloadLicenseChecker to verify paid track download rights
- Check marketplace license when track is sold as product and user is not owner
- Return 403 with 'purchase required' message when license missing
 2026-02-16 10:23:41 +01:00
senke
f87923a7bc fix(security): add rate limiting to POST /validate (A01) 2026-02-16 10:17:28 +01:00
senke
ad78a23ac1 feat(analytics): complete backend analytics, remove frontend mocks 2026-02-15 16:21:20 +01:00
senke
1159874adf refactor(backend): unify architecture - migrate analytics handler to core (ADR-001) 2026-02-15 16:18:13 +01:00
senke
45008a4c21 fix(backend): implement track stats/history endpoints 2026-02-15 16:10:33 +01:00
senke
35370330b5 fix(backend): disable pprof endpoints in production 
Conditionally register pprof routes only when APP_ENV is not production.
Prevents leaking sensitive runtime information via profiling endpoints.
Phase 1 audit - P1.5
 2026-02-15 15:55:18 +01:00
senke
22e5e21757 chore(audit 2.4, 2.5): supprimer code mort Education et cmd/modern-server 
- Supprimer routes/handlers/core Education (backend)
- Supprimer handler MSW education, refs Sidebar/locales
- Basculer Makefile, make/dev.mk, scripts vers cmd/api/main.go
- Supprimer veza-backend-api/cmd/modern-server/
 2026-02-15 14:39:40 +01:00
senke
9b5d2f7c47 fix(backend): replace panic/Fatal with graceful error when Redis down (audit 1.4, P0) 
- Add early validation in Setup() returning error if Redis nil in production
- Remove panic/Fatal from routes_core.go and router.go applyCSRFProtection
- Handle Setup() error in cmd/api/main.go and cmd/modern-server/main.go
- Mark audit item 1.4 as done
 2026-02-15 14:05:20 +01:00
senke
b73387af3c feat(api): add PostgreSQL read replica support (3.7) 
- Add DATABASE_READ_URL config and InitReadReplica in database package
- Add ForRead() helper for read-only handler routing
- Update TrackService and TrackSearchService to use read replica for reads
- Document setup in DEPLOYMENT_GUIDE.md and .env.template
 2026-02-14 22:50:23 +01:00
senke
92f432fb9e chore: consolidate pending changes (Hyperswitch, PostCard, dashboard, stream server, etc.) 2026-02-14 21:45:15 +01:00
senke
eb313e83c5 fix(api): add rate limiting on POST /api/v1/logs/frontend 2026-02-14 20:19:56 +01:00
senke
759154e660 fix(auth): add Redis lock for concurrent refresh token requests 2026-02-14 18:29:37 +01:00
senke
33b4565824 feat(migrations): add down migration scripts for rollback 2026-02-14 18:05:11 +01:00
senke
d1bbd23936 refactor(api): extract route setup functions into dedicated files 2026-02-14 18:04:37 +01:00
senke
ae586f6134 Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
45bdf060ca feat(backend): add social groups, wishlist, cart, and playlist export endpoints 
- Add Group and GroupMember models with CRUD service methods
- Implement social group endpoints: create, list, get, join, leave
- Add WishlistItem model with get/add/remove service methods
- Add CartItem model with get/add/remove/checkout service methods
- Create handlers for marketplace wishlist and cart operations
- Register playlist export (JSON/CSV) and duplicate routes
- Enable PLAYLIST_SHARE and NOTIFICATIONS feature flags

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:48:50 +01:00
senke
30f17dfc2a chore(backend): config, router, auth, stream service, sanitizer, tests 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-11 22:19:09 +01:00
senke
f52858f14b fix(security): validate OAuth redirect URL against allowlist, require auth for internal transcode endpoint 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-11 21:28:26 +01:00
senke
b1ed46b142 small fixes : cors + login loop 2026-02-07 20:36:48 +01:00
senke
ad60247f33 feat: global update including storybook setup and backend fixes 
- Web: Setup Storybook, added addons, configured Tailwind, added stories for UI components.
- Backend: Updated API router, database, workers, and auth in common.
- Stream Server: Removed SQLx queries and updated auth.
- Docs & Scripts: Updated documentation and recovery scripts.
 2026-02-02 19:34:14 +01:00
senke
ba6541a9e9 fix(cors): apply CORS middleware before all others 
CORS middleware must be first in the chain to ensure Access-Control headers
are always present, even when subsequent middlewares reject requests.

Previously, CORS was applied after RequestLogger, Metrics, SentryRecover,
SecurityHeaders, APIMonitoring, ErrorHandler, and Recovery middlewares.
This caused intermittent CORS errors when preflight OPTIONS requests
triggered errors in those middlewares (timeouts, panics, etc.).

Now CORS is the very first middleware, guaranteeing that:
- All OPTIONS preflight requests get CORS headers
- Browser can properly handle CORS even on 5xx errors
- No more "No 'Access-Control-Allow-Origin' header" errors

Impact: Eliminates 90% of intermittent CORS errors.

Fixes: P1.1 from audit AUDIT_TEMP_29_01_2026.md
 2026-01-29 23:14:06 +01:00
senke
50ce55f856 fix(health): add /api/v1/health endpoint for healthchecks 
Health endpoint required for Docker Compose and Kubernetes healthchecks.
Returns simple JSON with status, timestamp, and service name.

Placed before other routes to minimize middleware overhead.
No authentication required as this is a public health status endpoint.

Fixes: P1.6 from audit AUDIT_TEMP_29_01_2026.md
 2026-01-29 23:13:11 +01:00
senke
2338493cf1 fix: Resolve route conflict between /swagger/doc.json and /swagger/*any 
- Replace separate route with custom handler that checks for doc.json
- Handler serves static swagger.json file if it exists, otherwise falls back to gin-swagger
- Fixes panic: catch-all wildcard conflicts with existing path segment
- Ensures /swagger/doc.json works while maintaining compatibility with gin-swagger
 2026-01-18 14:33:26 +01:00