Compare commits

...

23 Commits

Author SHA1 Message Date
Stockboy Steve a2b0e7cbd3 fix(auth): revert store_id to uuid.UUID in user schemas
CTO review feedback: store_id must remain uuid.UUID since Store
model still uses UUIDPrimaryKeyMixin. Only user_id changes to str.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 17:44:20 +00:00
Stockboy Steve 6d7d54729c fix(auth): add alembic migration to change users.id and user_id FKs from uuid to text 2026-03-31 17:32:00 +00:00
Stockboy Steve 895ad77850 fix(auth): change users.id and user_id FKs from uuid to text
Better-Auth generates nanoid-style text IDs (e.g. pGud2ln2WAFHC0KYjBVKR4Rc7mM8OcTI),
but the users table was using PostgreSQL uuid type, causing INSERT failures on
registration. This changes User.id, UserStoreAccount.user_id, and Purchase.user_id
from uuid to text, with a corresponding Alembic migration.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 17:15:31 +00:00
cartsnitch-ci[bot] 5f1570e6d2 fix(auth): re-add session table model mapping
Better-Auth defaults to singular "session" table with camelCase
columns, but our DB uses plural "sessions" with snake_case columns
(migration 002). Add modelName and field mappings to match the
existing pattern for user, account, and verification models.

Fixes: 401 on login and 422 on registration.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 15:23:45 +00:00
cartsnitch-ci[bot] 96c0f89a03 chore: trigger CI after rebase
Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:47:17 +00:00
Barcode Betty 0f8aa2fe47 fix(ci): address CTO review feedback on PR #64
- Fix refs_heads_main typo → refs/heads/main in build-and-push-auth metadata
- Fix ci(ev) typo → ci(dev) in deploy-dev commit message
- Add preview server step before lhci autorun in lighthouse job

Addresses: CAR-199

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:43:45 +00:00
Barcode Betty 6903c7dde3 fix(lighthouse): use warn for preset audit assertions + add robots.txt
Per CTO guidance, override preset per-audit assertions to warn:
- errors-in-console: warn (browser dev errors, not prod blockers)
- network-dependency-tree-insight: warn (existing perf debt)
- robots-txt: warn (existing SEO gap)
- unused-javascript: warn (existing perf debt)

Add public/robots.txt so the robots-txt audit passes at warn level.
These are known gaps to address post-merge, not merge blockers.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:43:45 +00:00
Barcode Betty 2946ac8dc5 fix(lighthouse): install Chromium system deps via --with-deps
Playwright Chromium binary was missing libnspr4.so and other
system libraries. Use `npx playwright install --with-deps chromium`
to install Chromium along with all required system dependencies.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:43:45 +00:00
Barcode Betty 6717e105f4 fix(lighthouse): set LHCI_CHROME_PATH via runtime discovery
- Re-add Playwright Chromium install (LHCI needs a Chrome binary)
- Use `find` at runtime to locate Playwright's chrome binary:
  CHROME_PATH=$(find /home/runner/.cache/ms-playwright -name chrome ...)
- Pass to LHCI via LHCI_CHROME_PATH env var so LHCI does
  not try (and fail) to auto-download Puppeteer's Chromium

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:43:45 +00:00
Barcode Betty 01ea36c5aa fix(lighthouse): use staticDistDir, drop Playwright dependency
- lighthouserc.json: replace startServerCommand:npm-run-preview
  with staticDistDir:./dist so LHCI serves files directly
- CI workflow: remove Playwright/Chromium install step and
  LHCI_CHROME_PATH env var (LHCI bundles its own Puppeteer)
- LHCI now uses its built-in static server + bundled Chromium

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:43:45 +00:00
Stockboy Steve 0bb4b7d183 fix(lighthouse): set LHCI_CHROME_PATH and lower thresholds per CTO feedback
- Set LHCI_CHROME_PATH to Playwright chromium binary path so LHCI
  healthcheck can find Chrome
- Lower thresholds: performance=0.5, accessibility=0.7 (error), seo=0.7
- SEO threshold was missing, now added
2026-03-31 04:43:45 +00:00
Barcode Betty 7b9194a152 fix(ci): install Chromium via playwright instead of missing action
browser-actions/chromium@v3 does not exist. Switch to using
npm install -g playwright && npx playwright install chromium.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:43:45 +00:00
Barcode Betty ca8cf2a80a fix(ci): install Chromium before running Lighthouse CI
lhci autorun requires Chrome to be present on the runner. This was
causing the lighthouse job to fail with "Chrome installation not found".

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:43:45 +00:00
cartsnitch-engineer[bot] 5bb0a5817b feat(ci): add Lighthouse CI performance checks 2026-03-31 04:43:45 +00:00
cartsnitch-engineer[bot] 2444219f75 feat(ci): add Lighthouse CI configuration 2026-03-31 04:43:45 +00:00
Barcode Betty c707caea41 fix: use same-origin default for auth URL instead of localhost
Avoids ERR_CONNECTION_REFUSED in deployed environments where
VITE_AUTH_URL is not set at build time. Empty-string fallback
routes auth requests to same origin, which the HTTPRoute forwards
to the auth service.

cc @cpfarhood

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 04:43:45 +00:00
cartsnitch-engineer[bot] 30d670a257 feat(ci): add auth image tag update to deploy-dev (#57)
Add build-and-push-auth job dependency and tag update to deploy-dev:
- build-and-push-auth: add outputs.calver_tag for downstream jobs
- deploy-dev: needs both build-and-push and build-and-push-auth
- deploy-dev: set auth image tag in dev overlay via kustomize

Refs: CAR-138

Co-authored-by: Barcode Betty <barcode-betty@paperclip.ing>
Co-authored-by: Paperclip <noreply@paperclip.ing>
Co-authored-by: cartsnitch-ceo[bot] <269712056+cartsnitch-ceo[bot]@users.noreply.github.com>
2026-03-30 09:59:41 +00:00
cpfarhood-k8s[bot] cfa4d8fa91 test 2026-03-30 00:50:51 +00:00
cartsnitch-engineer[bot] 39e8d5c9f9 fix(ci): install kustomize in deploy-dev job (#55)
* fix(ci): install kustomize in deploy-dev job

Add imranismail/setup-kustomize@v2 step so the deploy-dev job can
run kustomize edit set image without a "command not found" error.

Also fix the working-directory so cd infra is used consistently rather
than a relative path that resolved outside the checked-out infra repo.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

* fix(ci): correct kustomize image name and tag in deploy-dev

- Remove '=' rename syntax which strips the GHCR registry prefix
- Use calver_tag output from build-and-push instead of github.sha
- Update commit message to reflect the correct tag

Co-Authored-By: Paperclip <noreply@paperclip.ing>

* fix(ci): add path: infra to checkout step so cd infra succeeds

CTO review feedback: actions/checkout@v4 must specify path: infra
so that subsequent 'cd infra' commands resolve to the checked-out
infra repository, not the cartsnitch repo root.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

* fix(ci): cd into overlay dir before kustomize edit set image

CTO review feedback: kustomize edit set image operates on the
kustomization.yaml in the current working directory. Since the
target file is at infra/apps/overlays/dev/kustomization.yaml, the
step must cd there before running kustomize.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

---------

Co-authored-by: Barcode Betty <noreply@paperclip.ing>
Co-authored-by: Stockboy Steve <stockboy-steve@paperclip.ing>
Co-authored-by: cartsnitch-ceo[bot] <269712056+cartsnitch-ceo[bot]@users.noreply.github.com>
2026-03-30 00:28:20 +00:00
cartsnitch-ceo[bot] 44c475265e Merge pull request #56 from cartsnitch/feat/uat-seed-user
feat: add dedicated UAT seed user with known credentials
2026-03-29 21:57:26 +00:00
cartsnitch-ceo[bot] 8e1f61214c Merge branch 'main' into feat/uat-seed-user 2026-03-29 21:54:43 +00:00
cartsnitch-ceo[bot] fb1c5fb929 fix: align auth client basePath with server config
fix: align auth client basePath with server config
2026-03-29 21:48:27 +00:00
Barcode Betty 75be08ccf3 feat: add dedicated UAT seed user with known credentials
Add guaranteed UAT test user (uat@cartsnitch.com / CartSnitch-UAT-2026!)
seeded via Better-Auth bcrypt path. Idempotent — re-running the seed
skips the user if it already exists.

- Add 002_better_auth_tables Alembic migration (sessions, accounts,
  verifications tables + email_verified/image on users)
- Add bcrypt>=4.0,<6.0 to [seed] extra (CTO feedback: was bcrypt>=0.15,<1.0
  which matches zero installable versions)
- Fix account_id to use str(UAT_USER_ID) to match migration convention
  (CTO feedback: was using UAT_EMAIL which was inconsistent)
- Document credentials in common/README.md under Test Users

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-29 21:20:31 +00:00
15 changed files with 290 additions and 59 deletions
+37 -5
View File
@@ -46,6 +46,31 @@ jobs:
- name: Run tests - name: Run tests
run: npx vitest run run: npx vitest run
lighthouse:
runs-on: runners-cartsnitch
needs: [test]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "20"
cache: npm
- run: npm ci
- run: npm run build
- name: Install Chromium for Lighthouse
run: |
npm install -g playwright
npx playwright install --with-deps chromium
- name: Start preview server
run: |
npm run preview &
npx wait-on http://localhost:4173/ --timeout 30000
- name: Run Lighthouse CI
run: |
CHROME_PATH=$(find /home/runner/.cache/ms-playwright -name chrome -type f 2>/dev/null | head -1)
npm install -g @lhci/cli
LHCI_CHROME_PATH="$CHROME_PATH" lhci autorun
build-and-push: build-and-push:
runs-on: runners-cartsnitch runs-on: runners-cartsnitch
needs: [lint, test] needs: [lint, test]
@@ -111,6 +136,8 @@ jobs:
build-and-push-auth: build-and-push-auth:
runs-on: runners-cartsnitch runs-on: runners-cartsnitch
needs: [lint, test] needs: [lint, test]
outputs:
calver_tag: ${{ steps.calver.outputs.version }}
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
@@ -161,7 +188,7 @@ jobs:
deploy-dev: deploy-dev:
runs-on: runners-cartsnitch runs-on: runners-cartsnitch
needs: [build-and-push] needs: [build-and-push, build-and-push-auth]
if: github.event_name == 'push' && github.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
steps: steps:
- name: Generate GitHub App token - name: Generate GitHub App token
@@ -179,20 +206,25 @@ jobs:
repository: cartsnitch/infra repository: cartsnitch/infra
token: ${{ steps.app-token.outputs.token }} token: ${{ steps.app-token.outputs.token }}
ref: main ref: main
path: infra
- name: Install kubectl - name: Install kubectl
uses: azure/setup-kubectl@v4 uses: azure/setup-kubectl@v4
- name: Install kustomize
uses: imranismail/setup-kustomize@v2
- name: Update dev overlay image tag - name: Update dev overlay image tag
working-directory: apps/overlays/dev
run: | run: |
cd infra/apps/overlays/dev
kustomize edit set image ghcr.io/cartsnitch/cartsnitch:${{ needs.build-and-push.outputs.calver_tag }} kustomize edit set image ghcr.io/cartsnitch/cartsnitch:${{ needs.build-and-push.outputs.calver_tag }}
kustomize edit set image ghcr.io/cartsnitch/auth:${{ needs.build-and-push-auth.outputs.calver_tag }}
- name: Commit and push to infra - name: Commit and push to infra
run: | run: |
cd apps/overlays/dev cd infra
git config user.name "cartsnitch-ci[bot]" git config user.name "cartsnitch-ci[bot]"
git config user.email "cartsnitch-ci[bot]@users.noreply.github.com" git config user.email "cartsnitch-ci[bot]@users.noreply.github.com"
git add kustomization.yaml git add apps/overlays/dev/kustomization.yaml
git commit -m "ci(dev): update cartsnitch image to ${{ needs.build-and-push.outputs.calver_tag }}" git commit -m "ci(dev): update cartsnitch and auth images to ${{ needs.build-and-push.outputs.calver_tag }}"
git push origin main git push origin main
+1 -45
View File
@@ -1,45 +1 @@
# CartSnitch Monorepo # CartSnitch
CartSnitch is a self-hosted grocery price intelligence platform. This repo consolidates the core services and the flagship frontend PWA.
## Services
| Directory | Service | Purpose |
|-----------|---------|---------|
| `/` (root) | **Frontend** | React 18 PWA — mobile-first price intelligence UI |
| `api/` | **API Gateway** | FastAPI — frontend-facing REST API |
| `common/` | **Common** | Shared Python models, schemas, Alembic migrations |
| `receiptwitness/` | **ReceiptWitness** | Purchase ingestion via retailer scrapers |
## Quick Start
### Frontend (root)
```bash
npm install
npm run dev # http://localhost:5173
npm run build # production build
npm run test # unit tests (Vitest)
```
### Python Services
Each Python service uses [uv](https://github.com/astral-sh/uv) and has its own `pyproject.toml`:
```bash
cd api # or common / receiptwitness
uv sync
uv run pytest
```
## Development Workflow
- **Never push directly to main.** Always open a PR from a feature branch.
- Branch naming: `feature/<description>` or `fix/<description>`
- Conventional commits: `feat:`, `fix:`, `refactor:`, `docs:`, `chore:`
## Architecture
For full details see [CLAUDE.md](./CLAUDE.md) or the per-service `CLAUDE.md` in each subdirectory.
CartSnitch is a polyrepo-style monorepo: each service can be built and deployed independently, but sharing code between `common/` and the other Python services is done via local path dependencies in `pyproject.toml`.
@@ -0,0 +1,53 @@
"""Change users.id and FK columns from uuid to text.
Better-Auth generates nanoid-style text IDs (e.g. pGud2ln2WAFHC0KYjBVKR4Rc7mM8OcTI),
but the users table was using PostgreSQL uuid type, causing INSERT failures.
Revision ID: 003_fix_user_id_text
Revises: 002_better_auth_tables
Create Date: 2026-03-31
"""
import sqlalchemy as sa
from sqlalchemy import text
from alembic import op
revision = "003_fix_user_id_text"
down_revision = "002_better_auth_tables"
branch_labels = None
depends_on = None
def upgrade() -> None:
# Step 1: Drop FK constraints that reference users.id
op.execute(text("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"))
op.execute(text("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey"))
# Step 2: Alter users.id from uuid to text
op.alter_column("users", "id", existing_type=sa.UUID(), type_=sa.Text(), existing_nullable=False, postgresql_using="id::text")
# Step 3: Alter user_store_accounts.user_id from uuid to text
op.alter_column("user_store_accounts", "user_id", existing_type=sa.UUID(), type_=sa.Text(), existing_nullable=False, postgresql_using="user_id::text")
# Step 4: Alter purchases.user_id from uuid to text
op.alter_column("purchases", "user_id", existing_type=sa.UUID(), type_=sa.Text(), existing_nullable=False, postgresql_using="user_id::text")
# Step 5: Re-add FK constraints
op.execute(text("ALTER TABLE user_store_accounts ADD CONSTRAINT user_store_accounts_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id)"))
op.execute(text("ALTER TABLE purchases ADD CONSTRAINT purchases_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id)"))
def downgrade() -> None:
# Drop FK constraints
op.execute(text("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey"))
op.execute(text("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"))
# Alter back to UUID
op.alter_column("purchases", "user_id", existing_type=sa.Text(), type_=sa.UUID(), existing_nullable=False, postgresql_using="user_id::uuid")
op.alter_column("user_store_accounts", "user_id", existing_type=sa.Text(), type_=sa.UUID(), existing_nullable=False, postgresql_using="user_id::uuid")
op.alter_column("users", "id", existing_type=sa.Text(), type_=sa.UUID(), existing_nullable=False, postgresql_using="id::uuid")
# Re-add FK constraints
op.execute(text("ALTER TABLE user_store_accounts ADD CONSTRAINT user_store_accounts_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id)"))
op.execute(text("ALTER TABLE purchases ADD CONSTRAINT purchases_user_id_fkey FOREIGN KEY (user_id) REFERENCES users(id)"))
+9
View File
@@ -36,6 +36,15 @@ export const auth = betterAuth({
}, },
session: { session: {
modelName: "sessions",
fields: {
userId: "user_id",
expiresAt: "expires_at",
ipAddress: "ip_address",
userAgent: "user_agent",
createdAt: "created_at",
updatedAt: "updated_at",
},
expiresIn: 60 * 60 * 24 * 7, // 7 days expiresIn: 60 * 60 * 24 * 7, // 7 days
updateAge: 60 * 60 * 24, // refresh after 1 day updateAge: 60 * 60 * 24, // refresh after 1 day
cookieCache: { cookieCache: {
+28
View File
@@ -0,0 +1,28 @@
# CartSnitch Common
Shared models, schemas, and utilities for CartSnitch services.
## Test Users
The following users are seeded by `cartsnitch-seed` and can be used for local development and UAT.
| Email | Password | Display Name | Notes |
|---|---|---|---|
| `uat@cartsnitch.com` | `CartSnitch-UAT-2026!` | UAT Tester | Primary UAT account. Use for regression testing in the CartSnitch frontend. Created by the seed runner via Better-Auth's bcrypt path — credentials work against the live auth service. Idempotent; re-running the seed skips this user if it already exists. |
### Running the Seed
```bash
# Install with seed dependencies
pip install -e "cartsnitch-common[seed]"
# Run (requires CARTSNITCH_DATABASE_URL_SYNC)
CARTSNITCH_DATABASE_URL_SYNC=postgresql://user:pass@localhost:5432/cartsnitch \
cartsnitch-seed
```
### Architecture
- **Models** live in `src/cartsnitch_common/models/`
- **Alembic migrations** run via the `api` service (`api/alembic/`)
- **Seed runner** runs via `cartsnitch-seed` (installed as a package entry point)
@@ -0,0 +1,61 @@
"""Change users.id and user_id FKs from uuid to text.
Revision ID: 003_fix_user_id_text
Revises:
Create Date: 2026-03-31
"""
from typing import Sequence, Union
import sqlalchemy as sa
from alembic import op
revision: str = "003_fix_user_id_text"
down_revision: Union[str, None] = None
branch_labels: Union[str, Sequence[str], None] = None
depends_on: Union[str, Sequence[str], None] = None
def upgrade() -> None:
# Drop FK constraints first
op.execute("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey")
op.execute("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey")
# Alter users.id from uuid to text
op.execute("ALTER TABLE users ALTER COLUMN id TYPE text USING id::text")
# Alter user_id columns from uuid to text
op.execute("ALTER TABLE user_store_accounts ALTER COLUMN user_id TYPE text USING user_id::text")
op.execute("ALTER TABLE purchases ALTER COLUMN user_id TYPE text USING user_id::text")
# Re-add FK constraints
op.execute(
"ALTER TABLE user_store_accounts ADD CONSTRAINT user_store_accounts_user_id_fkey "
"FOREIGN KEY (user_id) REFERENCES users(id)"
)
op.execute(
"ALTER TABLE purchases ADD CONSTRAINT purchases_user_id_fkey "
"FOREIGN KEY (user_id) REFERENCES users(id)"
)
def downgrade() -> None:
# Drop FK constraints
op.execute("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey")
op.execute("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey")
# Alter back to uuid
op.execute("ALTER TABLE users ALTER COLUMN id TYPE uuid USING id::uuid")
op.execute("ALTER TABLE user_store_accounts ALTER COLUMN user_id TYPE uuid USING user_id::uuid")
op.execute("ALTER TABLE purchases ALTER COLUMN user_id TYPE uuid USING user_id::uuid")
# Re-add FK constraints
op.execute(
"ALTER TABLE user_store_accounts ADD CONSTRAINT user_store_accounts_user_id_fkey "
"FOREIGN KEY (user_id) REFERENCES users(id)"
)
op.execute(
"ALTER TABLE purchases ADD CONSTRAINT purchases_user_id_fkey "
"FOREIGN KEY (user_id) REFERENCES users(id)"
)
+1
View File
@@ -27,6 +27,7 @@ dev = [
] ]
seed = [ seed = [
"faker>=33.0,<34.0", "faker>=33.0,<34.0",
"bcrypt>=4.0,<6.0",
] ]
[project.scripts] [project.scripts]
@@ -32,7 +32,7 @@ class Purchase(UUIDPrimaryKeyMixin, TimestampMixin, Base):
__tablename__ = "purchases" __tablename__ = "purchases"
user_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("users.id"), nullable=False) user_id: Mapped[str] = mapped_column(ForeignKey("users.id"), nullable=False)
store_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("stores.id"), nullable=False) store_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("stores.id"), nullable=False)
store_location_id: Mapped[uuid.UUID | None] = mapped_column(ForeignKey("store_locations.id")) store_location_id: Mapped[uuid.UUID | None] = mapped_column(ForeignKey("store_locations.id"))
receipt_id: Mapped[str] = mapped_column(String(200), nullable=False) receipt_id: Mapped[str] = mapped_column(String(200), nullable=False)
+3 -2
View File
@@ -15,11 +15,12 @@ if TYPE_CHECKING:
from cartsnitch_common.models.store import Store from cartsnitch_common.models.store import Store
class User(UUIDPrimaryKeyMixin, TimestampMixin, Base): class User(TimestampMixin, Base):
"""Application user.""" """Application user."""
__tablename__ = "users" __tablename__ = "users"
id: Mapped[str] = mapped_column(Text, primary_key=True)
email: Mapped[str] = mapped_column(String(255), nullable=False, unique=True) email: Mapped[str] = mapped_column(String(255), nullable=False, unique=True)
hashed_password: Mapped[str] = mapped_column(String(255), nullable=False) hashed_password: Mapped[str] = mapped_column(String(255), nullable=False)
display_name: Mapped[str | None] = mapped_column(String(100)) display_name: Mapped[str | None] = mapped_column(String(100))
@@ -37,7 +38,7 @@ class UserStoreAccount(UUIDPrimaryKeyMixin, TimestampMixin, Base):
__tablename__ = "user_store_accounts" __tablename__ = "user_store_accounts"
__table_args__ = (UniqueConstraint("user_id", "store_id", name="uq_user_store_account"),) __table_args__ = (UniqueConstraint("user_id", "store_id", name="uq_user_store_account"),)
user_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("users.id"), nullable=False) user_id: Mapped[str] = mapped_column(ForeignKey("users.id"), nullable=False)
store_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("stores.id"), nullable=False) store_id: Mapped[uuid.UUID] = mapped_column(ForeignKey("stores.id"), nullable=False)
# WARNING: Contains retailer session cookies/tokens. Encryption-at-rest # WARNING: Contains retailer session cookies/tokens. Encryption-at-rest
# required before production deployment (e.g., pgcrypto or app-level encryption). # required before production deployment (e.g., pgcrypto or app-level encryption).
@@ -40,7 +40,7 @@ class PurchaseItemRead(BaseModel):
class PurchaseCreate(BaseModel): class PurchaseCreate(BaseModel):
user_id: uuid.UUID user_id: str
store_id: uuid.UUID store_id: uuid.UUID
store_location_id: uuid.UUID | None = None store_location_id: uuid.UUID | None = None
receipt_id: str receipt_id: str
@@ -58,7 +58,7 @@ class PurchaseRead(BaseModel):
model_config = {"from_attributes": True} model_config = {"from_attributes": True}
id: uuid.UUID id: uuid.UUID
user_id: uuid.UUID user_id: str
store_id: uuid.UUID store_id: uuid.UUID
store_location_id: uuid.UUID | None store_location_id: uuid.UUID | None
receipt_id: str receipt_id: str
+3 -3
View File
@@ -17,7 +17,7 @@ class UserCreate(BaseModel):
class UserRead(BaseModel): class UserRead(BaseModel):
model_config = {"from_attributes": True} model_config = {"from_attributes": True}
id: uuid.UUID id: str
email: str email: str
display_name: str | None display_name: str | None
created_at: datetime created_at: datetime
@@ -25,7 +25,7 @@ class UserRead(BaseModel):
class UserStoreAccountCreate(BaseModel): class UserStoreAccountCreate(BaseModel):
user_id: uuid.UUID user_id: str
store_id: uuid.UUID store_id: uuid.UUID
session_data: dict | None = None session_data: dict | None = None
status: AccountStatus = AccountStatus.ACTIVE status: AccountStatus = AccountStatus.ACTIVE
@@ -35,7 +35,7 @@ class UserStoreAccountRead(BaseModel):
model_config = {"from_attributes": True} model_config = {"from_attributes": True}
id: uuid.UUID id: uuid.UUID
user_id: uuid.UUID user_id: str
store_id: uuid.UUID store_id: uuid.UUID
status: AccountStatus status: AccountStatus
session_expires_at: datetime | None session_expires_at: datetime | None
@@ -2,8 +2,10 @@
import random import random
import time import time
import uuid
from typing import Any from typing import Any
import bcrypt
from faker import Faker from faker import Faker
from sqlalchemy import text from sqlalchemy import text
from sqlalchemy.orm import Session from sqlalchemy.orm import Session
@@ -184,6 +186,65 @@ def run_seed(
session.commit() session.commit()
_seed_uat_user(session)
elapsed = time.monotonic() - t0 elapsed = time.monotonic() - t0
_log("") _log("")
_log(f"Seed complete in {elapsed:.1f}s") _log(f"Seed complete in {elapsed:.1f}s")
# ---------------------------------------------------------------------------
# UAT seed user
# ---------------------------------------------------------------------------
UAT_EMAIL = "uat@cartsnitch.com"
UAT_PASSWORD = "CartSnitch-UAT-2026!"
UAT_DISPLAY_NAME = "UAT Tester"
UAT_USER_ID = uuid.UUID("00000000-0000-0000-0000-000000000001")
def _seed_uat_user(session: Session) -> None:
"""Insert or verify the dedicated UAT test user.
The user is created via Better-Auth's bcrypt hashing path so credentials
work against the live auth service. Idempotent — skips if the user already
exists.
"""
existing = session.execute(
text("SELECT id FROM users WHERE email = :email"),
{"email": UAT_EMAIL},
).fetchone()
if existing is not None:
_log(f"UAT user {UAT_EMAIL} already exists — skipping")
return
password_hash = bcrypt.hashpw(UAT_PASSWORD.encode(), bcrypt.gensalt()).decode()
session.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hashed_password, :display_name, true, now(), now())"
),
{
"id": str(UAT_USER_ID),
"email": UAT_EMAIL,
"hashed_password": password_hash,
"display_name": UAT_DISPLAY_NAME,
},
)
session.execute(
text(
"INSERT INTO accounts (id, user_id, account_id, provider_id, password, created_at, updated_at) "
"VALUES (gen_random_uuid()::text, :user_id, :account_id, 'credential', :password, now(), now())"
),
{
"user_id": str(UAT_USER_ID),
"account_id": str(UAT_USER_ID),
"password": password_hash,
},
)
session.commit()
_log(f"UAT user {UAT_EMAIL} created")
+25
View File
@@ -0,0 +1,25 @@
{
"ci": {
"collect": {
"staticDistDir": "./dist",
"url": ["http://localhost:4173/"],
"numberOfRuns": 1
},
"assert": {
"preset": "lighthouse:no-pwa",
"assertions": {
"categories:performance": ["warn", { "minScore": 0.5 }],
"categories:accessibility": ["error", { "minScore": 0.7 }],
"categories:best-practices": ["warn", { "minScore": 0.8 }],
"categories:seo": ["warn", { "minScore": 0.7 }],
"errors-in-console": ["warn"],
"network-dependency-tree-insight": ["warn"],
"robots-txt": ["warn"],
"unused-javascript": ["warn"]
}
},
"upload": {
"target": "temporary-public-storage"
}
}
}
+4
View File
@@ -0,0 +1,4 @@
User-agent: *
Allow: /
Sitemap: https://cartsnitch.com/sitemap.xml
+1 -1
View File
@@ -1,7 +1,7 @@
import { createAuthClient } from "better-auth/react" import { createAuthClient } from "better-auth/react"
export const authClient = createAuthClient({ export const authClient = createAuthClient({
baseURL: import.meta.env.VITE_AUTH_URL ?? "http://localhost:3001", baseURL: import.meta.env.VITE_AUTH_URL || "",
basePath: "/auth", basePath: "/auth",
}) })