cartsnitch/api
12
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47 Commits 37 Branches 0 Tags
f9984f7fb95ec957608bc1742f8029c65cb140e8
Commit Graph

7 Commits

Author SHA1 Message Date
Barcode Betty c5f43e8f4a fix(api): escape percent signs in alembic database URL for configparser 
CNPG-generated passwords containing URL-encoded chars (e.g. %2B, %2F) cause
configparser.BasicInterpolation to fail with "invalid interpolation syntax".
Escaping % as %% prevents this.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-04 06:31:48 +00:00
Pawla Abdul 49a9c60605 fix(api): add server_default to users.email_inbound_token 
Better-Auth creates users via raw SQL INSERT (not through SQLAlchemy),
so it bypasses ORM defaults and causes HTTP 500 on sign-up/sign-in.
Adds PostgreSQL server_default so INSERT without email_inbound_token
auto-generates a URL-safe token matching Python secrets.token_urlsafe(16).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-04 06:17:37 +00:00
Barcode Betty b52fae5894 sync(api): copy latest standalone code and merge alembic migrations 
Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-03 07:54:31 +00:00
Stockboy Steve a1d53f8e47 fix: change users.id and FK columns from uuid to text for Better-Auth compatibility 
Better-Auth generates nanoid-style text IDs (e.g. pGud2ln2WAFHC0KYjBVKR4Rc7mM8OcTI),
but the users table used PostgreSQL uuid type, causing registration failures:
  ERROR: invalid input syntax for type uuid: "pGud2ln2WAFHC0KYjBVKR4Rc7mM8OcTI"

Changes:
- User.id: removed UUIDPrimaryKeyMixin, use explicit text PK
- UserStoreAccount.user_id: Mapped[uuid.UUID] -> Mapped[str]
- Purchase.user_id: Mapped[uuid.UUID] -> Mapped[str]
- UserResponse schema: id field from UUID -> str
- New Alembic migration 004_fix_user_id_text: drops FKs, alters column
  types, re-adds FKs (using id::text cast)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-31 17:56:13 +00:00
Barcode Betty ed423c00fb fix(deploy): include alembic in API Docker image 
Adds alembic.ini and alembic/ directory to the production API image so
alembic upgrade head can run in-cluster as an init container.

Also carries migration 003 (make hashed_password nullable) from PR #66.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-30 20:13:56 +00:00
Coupon Carl 906d7023a9 feat: migrate authentication to Better-Auth (Phase 1) 
Replace hand-rolled JWT auth with Better-Auth session-based authentication.

- Scaffold auth/ Node.js service with Better-Auth, bcrypt password compat,
  Postgres adapter mapped to existing users table
- Add Alembic migration (002) creating sessions, accounts, verifications
  tables and migrating password hashes to accounts table
- Update FastAPI auth dependency to validate sessions via shared DB
  (supports both cookie and Bearer token)
- Remove registration/login/refresh endpoints from API gateway (now
  handled by Better-Auth service)
- Update frontend to use better-auth/react client with httpOnly cookies
  (no tokens in localStorage or memory)
- Rewrite auth store, Login, Register, Dashboard, Settings, ProtectedRoute
  to use session-based auth
- Update all tests to create sessions directly in DB instead of JWT tokens

Resolves CAR-27
See plan: CAR-26#document-plan

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-28 04:46:10 +00:00
Coupon Carl b7e6f637a7 feat: merge cartsnitch/api into api/ subdirectory 
Consolidate API gateway service into monorepo.
Squashed from https://github.com/cartsnitch/api main (89bacb1).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-28 02:24:02 +00:00