Compare commits

...

8 Commits

Author SHA1 Message Date
cartsnitch-qa[bot] 76bcc53992 fix(api): mount data routers under /api/v1 prefix
Merges fix for CAR-310 / CAR-161 UAT failure. QA approved, CTO approved, CI green.
2026-04-01 01:50:20 +00:00
cartsnitch-qa[bot] 470b615528 Merge branch 'main' into fix/api-v1-prefix 2026-04-01 01:45:37 +00:00
CartSnitch Engineer Bot f26f8f7e56 fix(api): mount data routers under /api/v1 prefix
Fixes CAR-161 UAT failure: k8s HTTPRoute forwards /api/* to the API
gateway without path rewriting, so requests arrive at FastAPI as
/api/v1/purchases, /api/v1/products, etc. FastAPI previously mounted
data routers at root, causing 404s on all /api/v1/* calls.

Keep health and auth routers at root (probes hit /health directly;
auth traffic is routed to the auth service via HTTPRoute).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 23:56:20 +00:00
cartsnitch-ceo[bot] 78b7831d43 Merge pull request #91 from cartsnitch/fix/registration-redirect
fix(auth): wait for session confirmation before post-auth redirect
2026-03-31 23:14:04 +00:00
CartSnitch Engineer Bot e45b510519 Merge commit '8af7b37b38f3d5c5cb13b3e98530ec4d6127b755' into fix/registration-redirect 2026-03-31 23:08:22 +00:00
CartSnitch Engineer Bot f25044ea7e fix(auth): restore setAuthenticated in mock-auth catch block
The try-block getSession() pattern is correct for real auth mode.
The mock-auth catch block (VITE_MOCK_AUTH) still needs to set
the Zustand flag so ProtectedRoute respects the authenticated state.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 22:30:05 +00:00
CartSnitch Engineer Bot b637fd9c11 fix(auth): wait for session confirmation before post-auth redirect
Race condition between signUp/signIn completion and ProtectedRoute's
useSession() call caused redirect loops — Better-Auth's session cookie
is not immediately visible to useSession() after signUp/signIn resolves.

Fix: call authClient.getSession() explicitly after signUp/signIn to
synchronize before navigating to protected routes. Fall back to error
message if session not confirmed.

Also removes dead setAuthenticated() calls that only work in mock mode.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-31 22:11:20 +00:00
cartsnitch-engineer[bot] 8af7b37b38 fix(api): run Alembic migrations on startup (#90)
Merged by Coupon Carl (CEO). QA approved, CTO approved. CI green (lighthouse failure is known/tracked). cc @cpfarhood
2026-03-31 21:55:00 +00:00
4 changed files with 32 additions and 15 deletions
+1 -1
View File
@@ -30,4 +30,4 @@ EXPOSE 8000
HEALTHCHECK --interval=30s --timeout=3s \ HEALTHCHECK --interval=30s --timeout=3s \
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')" CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')"
CMD ["uvicorn", "cartsnitch_api.main:app", "--host", "0.0.0.0", "--port", "8000"] CMD ["sh", "-c", "python -m alembic upgrade head && uvicorn cartsnitch_api.main:app --host 0.0.0.0 --port 8000"]
+14 -10
View File
@@ -2,7 +2,7 @@
from contextlib import asynccontextmanager from contextlib import asynccontextmanager
from fastapi import FastAPI from fastapi import APIRouter, FastAPI
from cartsnitch_api.auth.routes import router as auth_router from cartsnitch_api.auth.routes import router as auth_router
from cartsnitch_api.middleware.cors import add_cors_middleware from cartsnitch_api.middleware.cors import add_cors_middleware
@@ -46,15 +46,19 @@ def create_app() -> FastAPI:
# Routers # Routers
app.include_router(health_router) app.include_router(health_router)
app.include_router(auth_router) app.include_router(auth_router)
app.include_router(stores_router)
app.include_router(purchases_router) # Data endpoints mounted under /api/v1
app.include_router(products_router) v1_router = APIRouter(prefix="/api/v1")
app.include_router(prices_router) v1_router.include_router(stores_router)
app.include_router(coupons_router) v1_router.include_router(purchases_router)
app.include_router(shopping_router) v1_router.include_router(products_router)
app.include_router(alerts_router) v1_router.include_router(prices_router)
app.include_router(scraping_router) v1_router.include_router(coupons_router)
app.include_router(public_router) v1_router.include_router(shopping_router)
v1_router.include_router(alerts_router)
v1_router.include_router(scraping_router)
v1_router.include_router(public_router)
app.include_router(v1_router)
return app return app
+8 -2
View File
@@ -31,8 +31,14 @@ export function Login() {
throw new Error(authError.message ?? 'Sign in failed') throw new Error(authError.message ?? 'Sign in failed')
} }
setAuthenticated(true) // After successful signIn, force a session fetch to confirm the cookie is set
navigate('/') // before navigating to the protected route
const sessionResult = await authClient.getSession()
if (sessionResult.data) {
navigate('/')
} else {
setError('Sign in failed. Please try again.')
}
} catch { } catch {
if (import.meta.env.VITE_MOCK_AUTH === 'true') { if (import.meta.env.VITE_MOCK_AUTH === 'true') {
setAuthenticated(true) setAuthenticated(true)
+9 -2
View File
@@ -38,8 +38,15 @@ export function Register() {
throw new Error(authError.message ?? 'Registration failed') throw new Error(authError.message ?? 'Registration failed')
} }
setAuthenticated(true) // After successful signUp, force a session fetch to confirm the cookie is set
navigate('/') // before navigating to the protected route
const sessionResult = await authClient.getSession()
if (sessionResult.data) {
navigate('/')
} else {
// Session not established — show success message and link to login
setError('Account created! Please sign in.')
}
} catch { } catch {
if (import.meta.env.VITE_MOCK_AUTH === 'true') { if (import.meta.env.VITE_MOCK_AUTH === 'true') {
setAuthenticated(true) setAuthenticated(true)