Better-Auth inserts into users without a hashed_password value (passwords
are stored in the accounts table). This was causing a NOT NULL constraint
violation and 422 FAILED_TO_CREATE_USER on sign-up.
Revision ID: 003_make_users_hashed_password_nullable
Resolves: CAR-172
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Avoids ERR_CONNECTION_REFUSED in deployed environments where
VITE_AUTH_URL is not set at build time. Empty-string fallback
routes auth requests to same origin, which the HTTPRoute forwards
to the auth service.
cc @cpfarhood
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Register sends display_name instead of name
- Register/Login handle TokenResponse (access_token, not token)
- Fetch /auth/me after register/login to populate user object
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Add build-and-push-auth job dependency and tag update to deploy-dev:
- build-and-push-auth: add outputs.calver_tag for downstream jobs
- deploy-dev: needs both build-and-push and build-and-push-auth
- deploy-dev: set auth image tag in dev overlay via kustomize
Refs: CAR-138
Co-authored-by: Barcode Betty <barcode-betty@paperclip.ing>
Co-authored-by: Paperclip <noreply@paperclip.ing>
Co-authored-by: cartsnitch-ceo[bot] <269712056+cartsnitch-ceo[bot]@users.noreply.github.com>
* fix(ci): install kustomize in deploy-dev job
Add imranismail/setup-kustomize@v2 step so the deploy-dev job can
run kustomize edit set image without a "command not found" error.
Also fix the working-directory so cd infra is used consistently rather
than a relative path that resolved outside the checked-out infra repo.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
* fix(ci): correct kustomize image name and tag in deploy-dev
- Remove '=' rename syntax which strips the GHCR registry prefix
- Use calver_tag output from build-and-push instead of github.sha
- Update commit message to reflect the correct tag
Co-Authored-By: Paperclip <noreply@paperclip.ing>
* fix(ci): add path: infra to checkout step so cd infra succeeds
CTO review feedback: actions/checkout@v4 must specify path: infra
so that subsequent 'cd infra' commands resolve to the checked-out
infra repository, not the cartsnitch repo root.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
* fix(ci): cd into overlay dir before kustomize edit set image
CTO review feedback: kustomize edit set image operates on the
kustomization.yaml in the current working directory. Since the
target file is at infra/apps/overlays/dev/kustomization.yaml, the
step must cd there before running kustomize.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
---------
Co-authored-by: Barcode Betty <noreply@paperclip.ing>
Co-authored-by: Stockboy Steve <stockboy-steve@paperclip.ing>
Co-authored-by: cartsnitch-ceo[bot] <269712056+cartsnitch-ceo[bot]@users.noreply.github.com>
Add guaranteed UAT test user (uat@cartsnitch.com / CartSnitch-UAT-2026!)
seeded via Better-Auth bcrypt path. Idempotent — re-running the seed
skips the user if it already exists.
- Add 002_better_auth_tables Alembic migration (sessions, accounts,
verifications tables + email_verified/image on users)
- Add bcrypt>=4.0,<6.0 to [seed] extra (CTO feedback: was bcrypt>=0.15,<1.0
which matches zero installable versions)
- Fix account_id to use str(UAT_USER_ID) to match migration convention
(CTO feedback: was using UAT_EMAIL which was inconsistent)
- Document credentials in common/README.md under Test Users
Co-Authored-By: Paperclip <noreply@paperclip.ing>
The auth Dockerfile runs npm ci --omit=dev in the production stage
but there was no lock file, causing Docker build to fail.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Pre-existing test failure from Phase 1 better-auth migration.
Dashboard calls authClient.useSession() which makes an unresolved
async call in test environment. Mock it to return null session
(isPending: false) so the unauthenticated UI renders correctly.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Keep both build-and-push-auth (Phase 1 auth migration) and
deploy-dev (main CI addition) jobs as they are independent.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
The deploy-dev job fails because actions/create-github-app-token@v1 defaults to
the current repository. Adding owner + repositories scopes the token to include
cartsnitch/infra so the subsequent checkout step succeeds.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Use --data-raw with properly formatted multi-line JSON instead of
a single-line escaped -d string. This ensures newlines in the
description are correctly interpreted.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Add deploy-dev job to update the dev overlay image tag in cartsnitch/infra
via kustomize after a successful main build. Add trigger-uat job to create
a Paperclip UAT issue assigned to Rollback Rhonda after dev deploy succeeds.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
The auth Deployment in cartsnitch/infra (PR #83) references
ghcr.io/cartsnitch/auth:latest, but no CI job builds that image.
Add a build-and-push-auth job that builds auth/Dockerfile and pushes
to ghcr.io/cartsnitch/auth with the same CalVer + sha tagging scheme.
Fixes the ImagePullBackOff blocker when FluxCD reconciles the auth
Deployment in cartsnitch-dev.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Remove hardcoded fallback secret that allowed sessions to be
signed with a well-known value if the env var was unset.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- stores.md: replace "secure loyalty program integration" with honest
description of automated scraper pulling from store loyalty portals
- privacy.md: replace all "loyalty program" / "read-only connection"
language with accurate description of automated scraper architecture
- how-it-works.md: describe scraper architecture honestly; clarify
USDA FoodData Central is historical baseline reference only, not
part of live tracking; remove "(yet)" from receipt statement
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Replace hand-rolled JWT auth with Better-Auth session-based authentication.
- Scaffold auth/ Node.js service with Better-Auth, bcrypt password compat,
Postgres adapter mapped to existing users table
- Add Alembic migration (002) creating sessions, accounts, verifications
tables and migrating password hashes to accounts table
- Update FastAPI auth dependency to validate sessions via shared DB
(supports both cookie and Bearer token)
- Remove registration/login/refresh endpoints from API gateway (now
handled by Better-Auth service)
- Update frontend to use better-auth/react client with httpOnly cookies
(no tokens in localStorage or memory)
- Rewrite auth store, Login, Register, Dashboard, Settings, ProtectedRoute
to use session-based auth
- Update all tests to create sessions directly in DB instead of JWT tokens
Resolves CAR-27
See plan: CAR-26#document-plan
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Removes quantity qualifier from two instances since pre-beta coverage
is not verified. per QA and CEO review comments on PR #42.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Critical fixes:
- stores.md: Correct supported retailers to Meijer, Kroger, Target.
Remove Safeway (never scoped). Replace named Coming Soon list with
generic demand-based evaluation language.
- privacy.md: Replace all OAuth/API claims with accurate language
describing read-only headless browser access to loyalty portals.
- about.md: Remove "price gouging on our roadmap" claim.
Clarify USDA FoodData Central is reference data only, not a source
of price data.
- blog/price-gouging-vs-shrinkflation.md: Remove roadmap claim.
Remove implication that price gouging detection is coming.
- methodology.md: Fix cereal example math — 16.2% → 16.1%.
Use raw values per the stated formula. Clarify USDA FoodData
Central role for package sizing baselines only.
- how-it-works.md: Correct retailers. Remove "(yet)" from receipt
claim. Clarify USDA FoodData Central is reference data.
Important fixes:
- press-kit.md: Correct supported stores. Remove USDA FoodData Central
from dollar-cost attribution — reattribute to CartSnitch analysis of
manufacturer packaging data.
- app-store-listing.md: Remove "thousands of products" claims
(pre-launch beta, quantity unverified).
- social/launch-day-posts.md: Remove "thousands of products" claim.
Correct retailer list.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
USDA FoodData Central is a nutrient composition database, not a price
analysis tool. Cannot be cited as a source for household shrinkflation
cost estimates.
Replaced with "CartSnitch analysis of manufacturer packaging data" and
clarified "publicly available manufacturer packaging data" throughout.
Added trailing newline to end of file.
Fixes CTO review feedback on PR #39.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Barcode Betty
Stockboy Steve
Savannah Savings
Chris Farhood