groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(GRO-653): add portal session middleware and server-side audit logging #300

Merged
groombook-engineer[bot] merged 2 commits from feature/gro-653-portal-session-middleware into main 2026-04-16 11:20:36 +00:00
Conversation 6 Commits 2 Files Changed 3
+203 -447

2 Commits

Author SHA1 Message Date
Flea Flicker 5c2e13863e fix(GRO-653): remove unused sessionId variable and and import 
Fix lint errors flagged by QA:
- Remove unused `sessionId` variable from PATCH waitlist handler
- Remove unused `and` import from portal.ts

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-16 10:18:56 +00:00
Flea Flicker 5024cc4896 feat(GRO-653): add portal session middleware and server-side audit logging 
- Add validatePortalSession middleware that reads X-Impersonation-Session-Id header,
  queries impersonationSessions, and sets portalClientId + portalSessionId on the context
- Add portalAudit middleware that logs all portal requests to impersonationAuditLogs table
- Apply both middlewares to the portalRouter
- Replace all getClientIdFromSession() calls with c.get("portalClientId")
- Remove getClientIdFromSession() helper and inline session checks in waitlist routes
- Consistent session.expiry > new Date() check across all routes

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-16 04:23:08 +00:00