From 23d8fd77927bdcd3aeb8f74b2fd34bd4e468da0f Mon Sep 17 00:00:00 2001 From: RevIQ Date: Fri, 9 Jan 2026 15:48:40 +0800 Subject: [PATCH] Update workstream completion status in initial-app.md Mark completed tasks across all phases: - Phase 1 (A, B, C): All foundation tasks complete - Phase 2 (D, E): All auth and WebAuthn procedures complete - Phase 2 (F): Passkey management (F4) complete - Phase 2 (G): Email helpers stubbed (G3-G5) - Phase 4 (K): All admin procedures complete - Phase 5 (N1-N16): All CLI commands complete Co-Authored-By: Claude Opus 4.5 --- docs/initial-app.md | 98 ++++++++++++++++++++++----------------------- 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/docs/initial-app.md b/docs/initial-app.md index e126777..23a535b 100644 --- a/docs/initial-app.md +++ b/docs/initial-app.md @@ -2197,23 +2197,23 @@ All Phase 1 tasks can run in parallel. #### Workstream A: Database & Schema -- [ ] **A1**: Create dbmate migration `001_initial_schema.sql` with all tables, enums, indexes -- [ ] **A2**: Set up `@publisher-dashboard/db-schema` package with kysely-codegen -- [ ] **A3**: Set up `@publisher-dashboard/db` package with Kysely client +- [x] **A1**: Create dbmate migration `001_initial_schema.sql` with all tables, enums, indexes +- [x] **A2**: Set up `@publisher-dashboard/db-schema` package with kysely-codegen +- [x] **A3**: Set up `@publisher-dashboard/db` package with Kysely client #### Workstream B: API Contract -- [ ] **B1**: Create `@publisher-dashboard/api-contract` package structure -- [ ] **B2**: Define Zod schemas for all input/output types (auth, user, org, admin) -- [ ] **B3**: Define oRPC contract with all procedure signatures +- [x] **B1**: Create `@publisher-dashboard/api-contract` package structure +- [x] **B2**: Define Zod schemas for all input/output types (auth, user, org, admin) +- [x] **B3**: Define oRPC contract with all procedure signatures #### Workstream C: Project Infrastructure -- [ ] **C1**: Initialize monorepo with workspace config (`package.json`, `bun.lockb`) -- [ ] **C2**: Set up `apps/api-server` with Bun.serve entry point -- [ ] **C3**: Set up `apps/publisher-dashboard` SvelteKit project with TanStack Query -- [ ] **C4**: Set up `apps/cli` with stricli framework -- [ ] **C5**: Create `devenv.nix` with scripts and environment variables +- [x] **C1**: Initialize monorepo with workspace config (`package.json`, `bun.lockb`) +- [x] **C2**: Set up `apps/api-server` with Bun.serve entry point +- [x] **C3**: Set up `apps/publisher-dashboard` SvelteKit project with TanStack Query +- [x] **C4**: Set up `apps/cli` with stricli framework +- [x] **C5**: Create `devenv.nix` with scripts and environment variables --- @@ -2223,25 +2223,25 @@ All Phase 1 tasks can run in parallel. _Depends on: A3, B3, C2_ -- [ ] **D1**: Implement auth middleware (session cookie + API key header) -- [ ] **D2**: Implement `auth.signup` (email + password or passkey) -- [ ] **D3**: Implement `auth.createLoginRequest` with device/geo capture -- [ ] **D4**: Implement `auth.loginPassword` (trusted vs untrusted device flow) -- [ ] **D5**: Implement `auth.loginPasswordConfirm` (email link handler) -- [ ] **D6**: Implement `auth.loginIfRequestIsCompleted` (polling + session creation) -- [ ] **D7**: Implement `auth.logout` -- [ ] **D8**: Implement `auth.verifyEmail` and `auth.resendVerificationEmail` -- [ ] **D9**: Implement `auth.forgotPassword` and `auth.resetPassword` +- [x] **D1**: Implement auth middleware (session cookie + API key header) +- [x] **D2**: Implement `auth.signup` (email + password or passkey) +- [x] **D3**: Implement `auth.createLoginRequest` with device/geo capture +- [x] **D4**: Implement `auth.loginPassword` (trusted vs untrusted device flow) +- [x] **D5**: Implement `auth.loginPasswordConfirm` (email link handler) +- [x] **D6**: Implement `auth.loginIfRequestIsCompleted` (polling + session creation) +- [x] **D7**: Implement `auth.logout` +- [x] **D8**: Implement `auth.verifyEmail` and `auth.resendVerificationEmail` +- [x] **D9**: Implement `auth.forgotPassword` and `auth.resetPassword` #### Workstream E: WebAuthn Procedures (Backend) _Depends on: A3, B3, C2_ _Can run parallel to D_ -- [ ] **E1**: Implement `auth.webauthn.createRegistrationOptions` -- [ ] **E2**: Implement `auth.webauthn.verifyRegistration` -- [ ] **E3**: Implement `auth.webauthn.createAuthenticationOptions` -- [ ] **E4**: Implement `auth.webauthn.verifyAuthentication` +- [x] **E1**: Implement `auth.webauthn.createRegistrationOptions` +- [x] **E2**: Implement `auth.webauthn.verifyRegistration` +- [x] **E3**: Implement `auth.webauthn.createAuthenticationOptions` +- [x] **E4**: Implement `auth.webauthn.verifyAuthentication` #### Workstream F: User Procedures (Backend) @@ -2250,7 +2250,7 @@ _Depends on: D1 (auth middleware)_ - [ ] **F1**: Implement `me.get` and `me.setupProfile` - [ ] **F2**: Implement `me.updateProfile` - [ ] **F3**: Implement `me.setPassword` -- [ ] **F4**: Implement `me.listPasskeys`, `me.createPasskey`, `me.renamePasskey`, `me.deletePasskey` +- [x] **F4**: Implement `me.listPasskeys`, `me.createPasskey`, `me.renamePasskey`, `me.deletePasskey` - [ ] **F5**: Implement `me.listSessions`, `me.revokeSession`, `me.revokeAllSessions` - [ ] **F6**: Implement `me.getDeviceInfo`, `me.trustDevice`, `me.listTrustedDevices`, `me.untrustDevice`, `me.revokeAllTrustedDevices` - [ ] **F7**: Implement `me.delete` (account deletion) @@ -2262,9 +2262,9 @@ _Can run parallel to D, E, F_ - [ ] **G1**: Set up Postmark client with env config - [ ] **G2**: Create email templates (verification, password reset, login confirmation, org invite) -- [ ] **G3**: Implement `sendVerificationEmail()` helper -- [ ] **G4**: Implement `sendPasswordResetEmail()` helper -- [ ] **G5**: Implement `sendLoginConfirmationEmail()` helper +- [~] **G3**: Implement `sendVerificationEmail()` helper _(stubbed - console.log only)_ +- [~] **G4**: Implement `sendPasswordResetEmail()` helper _(stubbed - console.log only)_ +- [~] **G5**: Implement `sendLoginConfirmationEmail()` helper _(stubbed - console.log only)_ - [ ] **G6**: Implement `sendOrgInviteEmail()` helper --- @@ -2316,11 +2316,11 @@ _Depends on: D1 (auth middleware)_ _Depends on: D1 (auth middleware), J1_ _Can run parallel to J2-J6_ -- [ ] **K1**: Implement superuser middleware -- [ ] **K2**: Implement `admin.orgs.*` procedures -- [ ] **K3**: Implement `admin.users.*` procedures -- [ ] **K4**: Implement `admin.orgs.addSite`, `admin.orgs.removeSite` -- [ ] **K5**: Implement `admin.auth.completeLogin` (dev helper) +- [x] **K1**: Implement superuser middleware +- [x] **K2**: Implement `admin.orgs.*` procedures +- [x] **K3**: Implement `admin.users.*` procedures +- [x] **K4**: Implement `admin.orgs.addSite`, `admin.orgs.removeSite` +- [x] **K5**: Implement `admin.auth.completeLogin` (dev helper) #### Workstream L: Org Pages (Frontend) @@ -2349,47 +2349,47 @@ _Can run parallel to L_ _Depends on: C4_ -- [ ] **N1**: Set up stricli CLI structure with command routing -- [ ] **N2**: Implement config file handling (`~/.config/reviq/credentials.json`) -- [ ] **N3**: Implement API client wrapper for CLI (reads token from config) +- [x] **N1**: Set up stricli CLI structure with command routing +- [x] **N2**: Implement config file handling (`~/.config/reviq/credentials.json`) +- [x] **N3**: Implement API client wrapper for CLI (reads token from config) #### Workstream N-Bootstrap: CLI Bootstrap (Direct DB) _Depends on: A3, N1, N2_ -- [ ] **N4**: Implement `reviq bootstrap` - create superuser with password -- [ ] **N5**: Implement `reviq bootstrap` - create "reviq" org with user as owner -- [ ] **N6**: Implement `reviq bootstrap` - generate API token and save to config +- [x] **N4**: Implement `reviq bootstrap` - create superuser with password +- [x] **N5**: Implement `reviq bootstrap` - create "reviq" org with user as owner +- [x] **N6**: Implement `reviq bootstrap` - generate API token and save to config #### Workstream N-Auth: CLI Auth Commands _Depends on: N1, N2, N3, D1-D9_ -- [ ] **N7**: Implement `reviq auth login` (open browser, poll for token, save to config) -- [ ] **N8**: Implement `reviq auth logout` (revoke token, delete from config) -- [ ] **N9**: Implement `reviq auth status` (show current user, API URL, config path) +- [x] **N7**: Implement `reviq auth login` (open browser, poll for token, save to config) +- [x] **N8**: Implement `reviq auth logout` (revoke token, delete from config) +- [x] **N9**: Implement `reviq auth status` (show current user, API URL, config path) #### Workstream N-User: CLI User Commands _Depends on: N3, K3_ -- [ ] **N10**: Implement `reviq user create --email --name [--org --role]` -- [ ] **N11**: Implement `reviq user confirm-email --email` (dev helper) +- [x] **N10**: Implement `reviq user create --email --name [--org --role]` +- [x] **N11**: Implement `reviq user confirm-email --email` (dev helper) #### Workstream N-Admin: CLI Admin Commands _Depends on: N3, K5_ -- [ ] **N12**: Implement `reviq admin complete-login --email` (dev helper) +- [x] **N12**: Implement `reviq admin complete-login --email` (dev helper) #### Workstream N-Org: CLI Org Commands _Depends on: N3, K2, K4_ -- [ ] **N13**: Implement `reviq org create --owner --name` -- [ ] **N14**: Implement `reviq org list` -- [ ] **N15**: Implement `reviq org add-site --org --domain` -- [ ] **N16**: Implement `reviq org remove-site --org --domain` +- [x] **N13**: Implement `reviq org create --owner --name` +- [x] **N14**: Implement `reviq org list` +- [x] **N15**: Implement `reviq org add-site --org --domain` +- [x] **N16**: Implement `reviq org remove-site --org --domain` #### Workstream N-Completions: CLI Shell Completions