cs_betty/api

Fork 0

forked from cartsnitch/api

Commit Graph

Author	SHA1	Message	Date
Pawla Abdul	c127fe2b2e	fix(api): add fresh-DB guards to migrations 002, 005, and 006 - 002: wrap add_column calls in has_table("users") guard - 005: add has_table + column-existence guard before add_column - 006: add has_table + column + default-existence guard before alter_column Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-04-04 16:39:27 +00:00
Pawla Abdul	5c8fe9a62b	fix(api): make alembic migrations idempotent for fresh databases - 001: guard has_table check; skip if session_data already TEXT - 002: guard each ADD COLUMN / CREATE TABLE; guard password migration - 003: guard has_table; guard nullable check - 004: guard has_table; skip if users.id already TEXT - env.py: add Base.metadata.create_all after run_migrations to bootstrap fresh DBs - api/user.py: make hashed_password nullable; add email_verified, image, email_inbound_token fields Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-04-04 16:28:29 +00:00
Coupon Carl	906d7023a9	feat: migrate authentication to Better-Auth (Phase 1) Replace hand-rolled JWT auth with Better-Auth session-based authentication. - Scaffold auth/ Node.js service with Better-Auth, bcrypt password compat, Postgres adapter mapped to existing users table - Add Alembic migration (002) creating sessions, accounts, verifications tables and migrating password hashes to accounts table - Update FastAPI auth dependency to validate sessions via shared DB (supports both cookie and Bearer token) - Remove registration/login/refresh endpoints from API gateway (now handled by Better-Auth service) - Update frontend to use better-auth/react client with httpOnly cookies (no tokens in localStorage or memory) - Rewrite auth store, Login, Register, Dashboard, Settings, ProtectedRoute to use session-based auth - Update all tests to create sessions directly in DB instead of JWT tokens Resolves CAR-27 See plan: CAR-26#document-plan Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-28 04:46:10 +00:00

Author

SHA1

Message

Date

Pawla Abdul

c127fe2b2e

fix(api): add fresh-DB guards to migrations 002, 005, and 006

- 002: wrap add_column calls in has_table("users") guard
- 005: add has_table + column-existence guard before add_column
- 006: add has_table + column + default-existence guard before alter_column

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-04 16:39:27 +00:00

Pawla Abdul

5c8fe9a62b

fix(api): make alembic migrations idempotent for fresh databases

- 001: guard has_table check; skip if session_data already TEXT
- 002: guard each ADD COLUMN / CREATE TABLE; guard password migration
- 003: guard has_table; guard nullable check
- 004: guard has_table; skip if users.id already TEXT
- env.py: add Base.metadata.create_all after run_migrations to bootstrap fresh DBs
- api/user.py: make hashed_password nullable; add email_verified, image, email_inbound_token fields

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-04 16:28:29 +00:00

Coupon Carl

906d7023a9

feat: migrate authentication to Better-Auth (Phase 1)

Replace hand-rolled JWT auth with Better-Auth session-based authentication.

- Scaffold auth/ Node.js service with Better-Auth, bcrypt password compat,
  Postgres adapter mapped to existing users table
- Add Alembic migration (002) creating sessions, accounts, verifications
  tables and migrating password hashes to accounts table
- Update FastAPI auth dependency to validate sessions via shared DB
  (supports both cookie and Bearer token)
- Remove registration/login/refresh endpoints from API gateway (now
  handled by Better-Auth service)
- Update frontend to use better-auth/react client with httpOnly cookies
  (no tokens in localStorage or memory)
- Rewrite auth store, Login, Register, Dashboard, Settings, ProtectedRoute
  to use session-based auth
- Update all tests to create sessions directly in DB instead of JWT tokens

Resolves CAR-27
See plan: CAR-26#document-plan

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-03-28 04:46:10 +00:00

3 Commits