senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
1889 commits 37 branches 94 tags 1.5 GiB
Commit graph

139 commits

Author SHA1 Message Date
senke
5e4291ecba feat(auth): add ephemeral stream-token endpoint for HLS and WebSocket authentication 
SEC-03: TokenStorage.getAccessToken() returns null with httpOnly cookies.
New POST /api/v1/auth/stream-token returns a 5-min JWT compatible with
both stream server (Claims struct) and chat server (JwtClaims struct).
Frontend hlsService and websocket updated to use fetchStreamToken() fallback.
 2026-02-22 17:28:00 +01:00
senke
bab3f38c4a feat(marketplace): add license revoked_at migration 2026-02-22 16:18:01 +01:00
senke
166acc6069 chore(backend): add PDF library for invoices 
feat(marketplace): add invoice generation service and download endpoint
 2026-02-22 16:11:42 +01:00
senke
85daf595a8 feat(marketplace): add create and list reviews endpoints 2026-02-22 16:06:18 +01:00
senke
0adc212719 feat(seller): add GET /sell/stats/evolution, top-products, sales, SalesEvolutionChart, real commerceService 2026-02-22 14:21:21 +01:00
senke
1fef428ce0 feat(marketplace): add migration 098 product_licenses, ProductLicense model, GET /licenses/mine 2026-02-22 14:16:24 +01:00
senke
31a27e4724 feat(marketplace): add playable preview and image gallery to ProductDetailView 2026-02-22 14:14:38 +01:00
senke
aec22b596c feat(marketplace): add product images management endpoint 2026-02-22 14:08:13 +01:00
senke
c6f094a3d5 feat(marketplace): add POST /products/:id/preview for audio preview upload 2026-02-22 14:07:30 +01:00
senke
49bb633fc6 feat(presence): P2.1 rich presence, P2.2 invisible mode 
Backend:
- UserPresence: track_id, track_title, invisible
- UpdatePresenceFull, GetPresenceForViewer (invisible hides for others)
- PUT /users/me/presence
- Migration 094 rich presence columns

Frontend:
- presenceService.updatePresence
- usePresenceSync: sync currentTrack to presence
- PresenceBadge: statusMessage tooltip
- PresenceInvisibleToggle in PrivacySettings
- MSW: PUT /users/me/presence
 2026-02-21 16:47:09 +01:00
senke
49e3122e78 feat(notifications): N1.1-N1.3 Web Push subscription, send on events, preferences 
- N1.1: POST /notifications/push/subscribe, PushService, migration 090
- N1.2: Send Web Push on follow/like/comment/message via CreateNotification
- N1.3: GET/PUT /notifications/preferences, migration 093
- Shared NotificationService with PushService for profile, track, comment handlers
- Fix MockSocialService GetGlobalFeed, GetTrendingHashtags for tests
 2026-02-21 16:41:39 +01:00
senke
d2a55b405e feat(groups): S2 frontend - request join, invite, roles, my groups, MSW handlers 2026-02-21 05:51:29 +01:00
senke
7ca8d14283 feat(groups): S2.1-S2.5 request join, invite, roles, feed groups, my groups 2026-02-21 05:48:59 +01:00
senke
28e6642fa6 feat(social): GET /social/explore, explore tab, feed filters all/following/groups (S1.5, S1.6) 2026-02-21 05:31:12 +01:00
senke
182b28011f feat(presence): PresenceService and GET /users/:id/presence (P1.2) 2026-02-21 05:22:43 +01:00
senke
ba24507b1f feat(queue): add queue session API (create, get, delete, add/remove items) 2026-02-20 18:41:12 +01:00
senke
7e171f1c1e feat(social): cache trending hashtags in Redis 2026-02-20 18:33:17 +01:00
senke
ae50f6956a feat(social): add GET /social/trending endpoint 2026-02-20 18:32:16 +01:00
senke
ede3546f4b feat(release): v0.202 — Lots G, H, F, C, D
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details
Frontend CI / test (push) Failing after 0s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 0s
Details 
- Lot G: Recherche avancée (musical_key, tri pertinence, autocomplete, facettes, historique)
- Lot H: Analytics créateur (stats, charts, completion rate, export CSV/JSON)
- Lot F: Seller dashboard (GET /sell/stats, liste produits)
- Lot C: Player (crossfade, gapless preload, PiP)
- Lot D2: Autoplay (GET /tracks/recommendations, section À écouter ensuite)

Backend: GetRecommendations handler, route /tracks/recommendations
Frontend: PlayerQueue recommendations, fix TS errors (GlobalPlayer, AnalyticsViewKpiGrid, etc.)
Docs: FEATURE_STATUS, PROJECT_STATE, CHANGELOG, SCOPE_CONTROL
 2026-02-20 18:16:17 +01:00
senke
7caf082078 feat(seller): add GET /sell/stats and connect dashboard (F1) 2026-02-20 17:02:13 +01:00
senke
363b092f3e feat(analytics): add creator export CSV/JSON (H4) 2026-02-20 17:00:36 +01:00
senke
d81695c27c feat(analytics): add creator charts endpoint and UI (H2) 2026-02-20 16:59:25 +01:00
senke
ecbc2389d8 feat(analytics): add creator stats endpoint and UI (H1) 2026-02-20 16:57:58 +01:00
senke
aeb941d41a feat(search): add autocomplete suggestions endpoint and UI (G3) 2026-02-20 16:54:17 +01:00
senke
1977183718 feat(tracks): add suggested tags endpoint and UI (E4) 
- Migration 085: tracks.tags TEXT[]
- Track model: Tags pq.StringArray
- GET /tracks/suggested-tags?genre=X&bpm=Y (static suggestions by genre)
- UpdateTrack: support tags
- TrackMetadataEditModal: tags chips + suggestions dropdown
- TrackDetailPageInfo: display tags
- getSuggestedTags, UpdateTrackParams.tags
- MSW: suggested-tags handler, tags in mock track
 2026-02-20 15:38:51 +01:00
senke
6b80089706 feat(tracks): add lyrics model and endpoints (E3) 
- Migration 084: track_lyrics table
- TrackLyrics model, GetLyrics, CreateOrUpdateLyrics in TrackService
- GET /tracks/:id/lyrics, PUT /tracks/:id/lyrics (owner only)
- Frontend: TrackLyricsSection with show/hide toggle, Lyrics tab
- trackService: getLyrics, updateLyrics
- MSW: handlers for lyrics
 2026-02-20 15:36:28 +01:00
senke
d626e9c533 feat(auth): enrich sessions page with history and revoke (A4) 2026-02-20 14:52:20 +01:00
senke
6bac68b679 feat(auth): add OAuth Spotify provider (A1) 2026-02-20 14:48:08 +01:00
senke
32348bebce feat(developer): add API keys backend (Lot C) 
- Migration 082: api_keys table (user_id, name, prefix, hashed_key, scopes, last_used_at, expires_at)
- APIKey model, APIKeyService (Create, List, Delete, ValidateAPIKey)
- APIKeyHandler: GET/POST/DELETE /api/v1/developer/api-keys
- AuthMiddleware: X-API-Key and Bearer vza_* accepted as alternative to JWT
- CSRF: skip for API key auth (stateless)
- Key format: vza_ prefix, SHA-256 hashed storage
 2026-02-20 00:18:36 +01:00
senke
6a53daab59 feat(queue): add backend queue API with CRUD operations 2026-02-19 23:44:44 +01:00
senke
b103a09a25 chore: consolidate CI, E2E, backend and frontend updates 
- CI: workflows updates (cd, ci), remove playwright.yml
- E2E: global-setup, auth/playlists/profile specs
- Remove playwright-report and test-results artifacts from tracking
- Backend: auth, handlers, services, workers, migrations
- Frontend: components, features, vite config
- Add e2e-results.json to gitignore
- Docs: REMEDIATION_PROGRESS, audit archive
- Rust: chat-server, stream-server updates
 2026-02-17 16:43:21 +01:00
senke
06d56dd298 feat(backend): OAuth FRONTEND_URL from config, docs update 
- Add FrontendURL to config (FRONTEND_URL or VITE_FRONTEND_URL)
- OAuth handlers use config instead of os.Getenv
- Update TODOS_AUDIT: mark UUID migration items as resolved
- Add ISSUES_P2_BACKLOG.md for GitHub issues
- Add ROUTES_ORPHANES.md for routes without UI
- Document FRONTEND_URL in .env.example
 2026-02-17 16:42:23 +01:00
senke
7846bbab28 fix(backend): remediation plan — tests, playback_analytics, job queue, gamification 
Phase 1 - Backend tests:
- Add PlaybackAnalytics to AutoMigrate in setupTestTrackHandler
- Create migration 081_create_playback_analytics.sql for production
- PlaybackAnalyticsService: return ErrTrackNotFound for missing track
- RecordPlay handler: return 404 when track not found
- CreateShare: use RespondSuccess, fix services.ErrTrackNotFound/ErrForbidden
- GetTrackLikes, UnlikeTrack: use RespondSuccess for consistent response
- GetUserLikedTracks test: fix route /users/:id/likes and params
- GetSharedTrack_InvalidToken: set share service in test

Phase 4 - Job queue transcoding:
- Add EnqueueTranscodingJob to JobEnqueuer interface
- Add TypeTranscoding and processTranscodingJob (stub) in JobWorker
- MockJobEnqueuer: implement EnqueueTranscodingJob

Phase 5 - Gamification cleanup:
- Move api_manager.go to internal/api/archive/
- Add archive/README.md documenting archived modules
- Update TODOS_AUDIT.md and FEATURE_STATUS.md
 2026-02-17 16:01:45 +01:00
senke
9c0c065383 chore: remove dead code (Education, Studio, Gamification) (P2) 2026-02-16 11:03:27 +01:00
senke
3cf1d14f46 fix(security): verify track access before download (A04) 
- Add TrackDownloadLicenseChecker to verify paid track download rights
- Check marketplace license when track is sold as product and user is not owner
- Return 403 with 'purchase required' message when license missing
 2026-02-16 10:23:41 +01:00
senke
f87923a7bc fix(security): add rate limiting to POST /validate (A01) 2026-02-16 10:17:28 +01:00
senke
ad78a23ac1 feat(analytics): complete backend analytics, remove frontend mocks 2026-02-15 16:21:20 +01:00
senke
1159874adf refactor(backend): unify architecture - migrate analytics handler to core (ADR-001) 2026-02-15 16:18:13 +01:00
senke
45008a4c21 fix(backend): implement track stats/history endpoints 2026-02-15 16:10:33 +01:00
senke
35370330b5 fix(backend): disable pprof endpoints in production 
Conditionally register pprof routes only when APP_ENV is not production.
Prevents leaking sensitive runtime information via profiling endpoints.
Phase 1 audit - P1.5
 2026-02-15 15:55:18 +01:00
senke
22e5e21757 chore(audit 2.4, 2.5): supprimer code mort Education et cmd/modern-server 
- Supprimer routes/handlers/core Education (backend)
- Supprimer handler MSW education, refs Sidebar/locales
- Basculer Makefile, make/dev.mk, scripts vers cmd/api/main.go
- Supprimer veza-backend-api/cmd/modern-server/
 2026-02-15 14:39:40 +01:00
senke
9b5d2f7c47 fix(backend): replace panic/Fatal with graceful error when Redis down (audit 1.4, P0) 
- Add early validation in Setup() returning error if Redis nil in production
- Remove panic/Fatal from routes_core.go and router.go applyCSRFProtection
- Handle Setup() error in cmd/api/main.go and cmd/modern-server/main.go
- Mark audit item 1.4 as done
 2026-02-15 14:05:20 +01:00
senke
b73387af3c feat(api): add PostgreSQL read replica support (3.7) 
- Add DATABASE_READ_URL config and InitReadReplica in database package
- Add ForRead() helper for read-only handler routing
- Update TrackService and TrackSearchService to use read replica for reads
- Document setup in DEPLOYMENT_GUIDE.md and .env.template
 2026-02-14 22:50:23 +01:00
senke
92f432fb9e chore: consolidate pending changes (Hyperswitch, PostCard, dashboard, stream server, etc.) 2026-02-14 21:45:15 +01:00
senke
eb313e83c5 fix(api): add rate limiting on POST /api/v1/logs/frontend 2026-02-14 20:19:56 +01:00
senke
759154e660 fix(auth): add Redis lock for concurrent refresh token requests 2026-02-14 18:29:37 +01:00
senke
33b4565824 feat(migrations): add down migration scripts for rollback 2026-02-14 18:05:11 +01:00
senke
d1bbd23936 refactor(api): extract route setup functions into dedicated files 2026-02-14 18:04:37 +01:00
senke
ae586f6134 Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
45bdf060ca feat(backend): add social groups, wishlist, cart, and playlist export endpoints 
- Add Group and GroupMember models with CRUD service methods
- Implement social group endpoints: create, list, get, join, leave
- Add WishlistItem model with get/add/remove service methods
- Add CartItem model with get/add/remove/checkout service methods
- Create handlers for marketplace wishlist and cart operations
- Register playlist export (JSON/CSV) and duplicate routes
- Enable PLAYLIST_SHARE and NOTIFICATIONS feature flags

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:48:50 +01:00