admin/shop-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
396 Commits 1 Branch 0 Tags
0bfff541a3c68453a199cfb13c9d7d6a2d321c70
Commit Graph

195 Commits

Author SHA1 Message Date
Kirill 8ed2f0e9ba fix: simplify title and status message in 403 page 2026-05-23 11:01:37 +05:00
Kirill e22f084940 feat: add IP gate plugin with SITE_ACCESS_IPS env var support 2026-05-23 11:00:02 +05:00
Kirill 7e5ed9cefa пва 2026-05-22 23:44:48 +05:00
Kirill bb78782b39 пва 2026-05-22 23:22:29 +05:00
Kirill d60270336e пва 2026-05-22 23:03:03 +05:00
Kirill f0af519ec1 fix: VK OAuth uses short UUID state + in-memory PKCE store instead of JWT 2026-05-22 21:02:33 +05:00
Kirill 9d7e7949b9 feat: migrate VK OAuth to VK ID flow with PKCE 2026-05-22 20:54:48 +05:00
Kirill bead725036 fix: strip trailing slash from SERVER_PUBLIC_URL to prevent double-slash in OAuth redirect_uri 2026-05-22 20:31:02 +05:00
Kirill caa9b926e3 пва 2026-05-22 20:20:08 +05:00
Kirill 0f2ac862de feat: add WB_PVZ (Wildberries pickup) delivery carrier 2026-05-22 19:51:34 +05:00
Kirill 3d0dbdd0a5 пва 2026-05-22 19:41:47 +05:00
Kirill 20e4b1e0ab feat: latin-only slugs, server-side avatar generation, remove unused User fields 2026-05-22 19:32:30 +05:00
Kirill 02c7d7ba36 fix: review avatar uses authorId instead of displayName, show reviews for hidden products 2026-05-22 19:14:22 +05:00
Kirill 4381121f25 feat: register SSE routes in server 2026-05-22 18:38:48 +05:00
Kirill e2a04d04a3 fix: add safeWrite guard and error handler for SSE socket 2026-05-22 18:37:55 +05:00
Kirill 5127d4a093 feat: add SSE route with EventBus bridge and tests 2026-05-22 18:33:49 +05:00
Kirill 55dc58cff8 fix: gate ADMIN_EMAIL test with explicit skip 2026-05-22 18:25:22 +05:00
Kirill 6b89f42269 test: add SSE route tests (TDD red) 2026-05-22 18:23:11 +05:00
Kirill 8fb01126b8 пва 2026-05-22 17:47:22 +05:00
Kirill bc85fa8e84 пва 2026-05-22 17:44:42 +05:00
Kirill c903db439d fix(auth): enable register tab switching 2026-05-22 15:59:38 +05:00
Kirill f39d4e82ff пва 2026-05-22 15:36:39 +05:00
Kirill 2b5c7fff5e fix(server): remove duplicate registerAuthRoutes call 2026-05-22 15:31:35 +05:00
Kirill b3b539b6fb fix(api): register auth routes 
Add missing registerAuthRoutes call in registerApiRoutes to enable
POST /api/auth/request-code, /verify-code, /register, /login,
/forgot-password, /reset-password, and PATCH /api/me/profile routes
 2026-05-22 15:21:55 +05:00
Kirill 49f24d7482 split auth.js into focused modules (Task 3) 
- auth-session.js: GET /api/me, GET /api/me/auth-methods
- auth-password.js: POST /api/me/password, POST /api/me/change-password
- auth-oauth.js: DELETE /api/me/oauth/:provider
- auth.js: kept only /api/auth/* routes + /api/me/profile
- api.js: registers new auth route modules
- tests split to separate files per module
 2026-05-22 15:19:30 +05:00
Kirill d79d02d5d1 refactor: remove email change functionality 2026-05-22 14:20:11 +05:00
Kirill ad43ff98b6 feat: add password change and reset via email code 2026-05-22 14:12:29 +05:00
Kirill 22282c5f4e fix: accept token as query param in authenticate, pass token to oauth link URL 2026-05-22 13:52:48 +05:00
Kirill d51266446f fix(client): remove global borderWidth change on outlined button hover 2026-05-22 13:49:31 +05:00
Kirill e468625cfc chore: fix type errors, move textAlign/fontWeight to sx 2026-05-22 13:28:45 +05:00
Kirill eb30640b49 feat: load Outfit font from static files 2026-05-22 13:18:21 +05:00
Kirill 669b9aa45d test commit 2026-05-22 12:51:41 +05:00
Kirill b2ccc2a256 chore: fix lint issues, remove unused hasAvatar 2026-05-22 12:27:20 +05:00
Kirill be65f2330e refactor(client): remove avatarType, add auth effects, simplify UserAvatar 2026-05-22 12:08:41 +05:00
Kirill 6bedf0b28a test(server): add password auth and account methods tests 2026-05-22 11:57:11 +05:00
Kirill abb14a49e0 feat(server): add auth-methods, set-password, unlink-oauth endpoints 2026-05-22 11:47:46 +05:00
Kirill c9fa05b7bf feat(server): add oauth link routes for account binding 2026-05-22 11:45:12 +05:00
Kirill 5f180fffaf refactor(server): oauth only email, remove profile requests, support account linking state 2026-05-22 11:41:40 +05:00
Kirill bb7b40ac45 fix(server): remove all avatarType references after DB column drop 2026-05-22 11:36:11 +05:00
Kirill c3e4f5bdd2 feat(server): add POST /api/auth/register and /api/auth/login 
- Add register endpoint with email/password validation, bcrypt hashing
- Add login endpoint with rate limiting per IP (5 attempts/min)
- Add helper functions: validatePassword, hashPassword, comparePassword, isAdminEmail
- Add checkLoginRateLimit for brute-force protection
- Add bcrypt dependency
- Remove avatarType column from User (migration)
 2026-05-22 11:26:00 +05:00
Kirill f6729210db feat: public admin avatar endpoint, real admin avatar in user chat 2026-05-21 21:50:07 +05:00
Kirill c5775c7f5d test commit 2026-05-21 21:17:06 +05:00
Kirill e09fe7211a fix: type-only import for UpdateProfileParams 2026-05-21 21:12:29 +05:00
Kirill 57da755ea1 feat: real user avatars in reviews, conditional product link 2026-05-21 21:10:49 +05:00
Kirill 7e7bade80c feat: avatars in order messages 2026-05-21 21:05:22 +05:00
Kirill 7a9e44bc5c fix: rename name to displayName in AdminUser type and page 2026-05-21 20:58:50 +05:00
Kirill 2751332356 feat: avatar column in admin users table 2026-05-21 20:52:43 +05:00
Kirill 52290e162e fix: use mutation variables in onSuccess, fix null displayName handling 2026-05-21 20:42:59 +05:00
Kirill 0dfa428931 feat: add admin settings page for display name and avatar editing 2026-05-21 20:28:35 +05:00
Kirill d056399b3b test commit 2026-05-21 14:32:45 +05:00