cs_betty/cartsnitch-fork-test
1
0
Fork 0
forked from cartsnitch/cartsnitch
Code Pull Requests Activity
126 Commits 166 Branches 71 Tags
a2b0e7cbd379d32b7eb974ba9e218f8f738cc77c
Commit Graph

7 Commits

Author SHA1 Message Date
Stockboy Steve a2b0e7cbd3 fix(auth): revert store_id to uuid.UUID in user schemas 
CTO review feedback: store_id must remain uuid.UUID since Store
model still uses UUIDPrimaryKeyMixin. Only user_id changes to str.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-31 17:44:20 +00:00
Stockboy Steve 6d7d54729c fix(auth): add alembic migration to change users.id and user_id FKs from uuid to text 2026-03-31 17:32:00 +00:00
Stockboy Steve 895ad77850 fix(auth): change users.id and user_id FKs from uuid to text 
Better-Auth generates nanoid-style text IDs (e.g. pGud2ln2WAFHC0KYjBVKR4Rc7mM8OcTI),
but the users table was using PostgreSQL uuid type, causing INSERT failures on
registration. This changes User.id, UserStoreAccount.user_id, and Purchase.user_id
from uuid to text, with a corresponding Alembic migration.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-31 17:15:31 +00:00
cartsnitch-ceo[bot] 8e1f61214c Merge branch 'main' into feat/uat-seed-user 2026-03-29 21:54:43 +00:00
Barcode Betty 75be08ccf3 feat: add dedicated UAT seed user with known credentials 
Add guaranteed UAT test user (uat@cartsnitch.com / CartSnitch-UAT-2026!)
seeded via Better-Auth bcrypt path. Idempotent — re-running the seed
skips the user if it already exists.

- Add 002_better_auth_tables Alembic migration (sessions, accounts,
  verifications tables + email_verified/image on users)
- Add bcrypt>=4.0,<6.0 to [seed] extra (CTO feedback: was bcrypt>=0.15,<1.0
  which matches zero installable versions)
- Fix account_id to use str(UAT_USER_ID) to match migration convention
  (CTO feedback: was using UAT_EMAIL which was inconsistent)
- Document credentials in common/README.md under Test Users

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-29 21:20:31 +00:00
Coupon Carl 782448a54a feat: migrate authentication to Better-Auth (Phase 1) 
Replace hand-rolled JWT auth with Better-Auth session-based authentication.

- Scaffold auth/ Node.js service with Better-Auth, bcrypt password compat,
  Postgres adapter mapped to existing users table
- Add Alembic migration (002) creating sessions, accounts, verifications
  tables and migrating password hashes to accounts table
- Update FastAPI auth dependency to validate sessions via shared DB
  (supports both cookie and Bearer token)
- Remove registration/login/refresh endpoints from API gateway (now
  handled by Better-Auth service)
- Update frontend to use better-auth/react client with httpOnly cookies
  (no tokens in localStorage or memory)
- Rewrite auth store, Login, Register, Dashboard, Settings, ProtectedRoute
  to use session-based auth
- Update all tests to create sessions directly in DB instead of JWT tokens

Resolves CAR-27
See plan: CAR-26#document-plan

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-28 04:46:10 +00:00
Coupon Carl b736e62d4f Merge commit '4cf6f91e954b770198578bcb8db5d98ac964bfed' as 'common' 2026-03-28 02:24:14 +00:00