Auth package has its own test runner (node --test) configured.
Exclude auth directory from root vitest to prevent no-test-suite error.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Add node:test suite for auth health endpoint covering:
- 200 with db=reachable when pool.connect succeeds
- 503 with db=unreachable when pool.connect throws
- 503 with db=unreachable when query times out
- Add test script to auth/package.json
- Merge dev to resolve 3-commit divergence
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Changed text-gray-400 to text-gray-500 in Dashboard, StoreComparison,
Purchases, Settings, Alerts, and Coupons pages
- text-gray-500 (#6b7280) has 4.6:1 contrast ratio on white, meeting WCAG AA
- text-gray-400 (#99a1af) only had 2.6:1, failing axe-core accessibility checks
Co-authored-by: Test User <test@example.com>
Co-authored-by: Paperclip <noreply@paperclip.ing>
Use PostgreSQL @> operator for UPC lookup in match_by_upc instead of
loading all products into memory. This eliminates OOM risk at scale.
Also add GIN index on normalized_products.upc_variants for fast
JSON containment lookups.
CO-ROM-NOTE: Append this line exactly in merge commits.
Co-authored-by: Barcode Betty <barcode.betty@cartsnitch.com>
Co-authored-by: Paperclip <noreply@paperclip.ing>
- Refactor database.py to use init_db()/close_db() lifecycle
- Add create_db_engine() with pool_size=10, max_overflow=20, pool_pre_ping=True
- Replace cache.py stub with real Redis client using redis.asyncio
- Implement init_redis()/close_redis() with graceful error handling
- Replace no-op lifespan in main.py with proper startup/shutdown
- Enhance health endpoint to check DB and Redis connectivity
- Add tests for database, cache, and health endpoint lifecycle
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Restore import { Resend } from 'resend'
- Restore resend and fromEmail constants
- Restore emailVerification block with sendOnSignUp, autoSignInAfterVerification, and sendVerificationEmail
- Change health endpoint timeout from 2s to 3s
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Export pool from auth.ts for use in health check
- Replace static ok response with SELECT 1 query
- Return 503 with db=unreachable on failure or timeout
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Replace React Router navigate() with window.location.href = '/' after
successful sign-in. Better-Auth's useSession() hasn't updated its
internal cache when navigate() fires, causing ProtectedRoute to see a
null session and redirect back to /login. A full page reload
reinitializes useSession() with fresh cookie-backed session state.
Also remove the VITE_MOCK_AUTH fallback block that used
setAuthenticated() since the mock auth flow now goes through the same
window.location.href path.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Guard the infra commit step in deploy-dev and deploy-uat jobs with
`git diff --cached --quiet` to prevent CI failure when kustomization
has no actual image tag changes.
Refs: CAR-674
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Add emailVerification.sendVerificationEmail config to auth/src/auth.ts
using Resend to send verification emails on sign-up
- Add resend npm package to auth/package.json
- Update auth/.env.example with RESEND_API_KEY and FROM_EMAIL
- Create VerifyEmail.tsx page with token verification flow,
spinner UX, success/Error states, and resend option
- Update Register.tsx to redirect to /verify-email after signup
instead of auto-navigating to dashboard
- Add /verify-email route to App.tsx
- Frontend shows 'check your email' step after registration
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Promotes UAT to main including PR #209 (N+1 UPC query fix with SQL containment).
UAT regression: passed (Deal Dottie)
Security review: passed (Stockboy Steve)
CI required checks: all green
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Add rate_limit_auth_requests (5/min) and rate_limit_auth_window_seconds (60) settings
- Add rate_limit_redis_enabled flag for opt-in Redis usage
- Refactor _SlidingWindowCounter into InMemorySlidingWindow class
- Add RedisSlidingWindow using sorted sets with fallback to in-memory
- Add third _auth_strict_limiter for POST /auth/* paths (5 req/min)
- Add protocol-based backend selection at module load time
- Update tests for auth strict limiter and Redis fallback behavior
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Chris Farhood
cartsnitch-engineer[bot]