igm/publisher-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
98 Commits 2 Branches 0 Tags
d824cf411654fc5c4482b34cc1b2701bfa7bd0a3
Commit Graph

4 Commits

Author SHA1 Message Date
RevIQ
1bf05465c3 Replace void returns with { success: true } across all API endpoints 
- Add successResponseSchema to common.ts for explicit success responses
- Update all auth, me, orgs, and admin procedures to return { success: true }
- Update contract.ts to use successResponseSchema instead of z.void()
- Add ast-grep rule to prevent future z.void() usage in contracts
- Add build:packages script to root package.json
- Fix test file lint errors with eslint-disable comments

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 16:30:22 +08:00
RevIQ
ddd7c0c03b Add generateSecureBase58Token to shared utils with login_ prefix 
- Create packages/utils/src/generate-base58-token.ts with typed prefix support
- Function returns `${TPrefix}${string}` for type-safe prefixed tokens
- Add isBase58() validator and parseBase58Token() helper
- Add comprehensive tests (13 test cases)

- Update login request tokens to use "login_" prefix
- Fix login-password.ts to not replace token (cookie/DB mismatch bug)
- Migrate all token generation from generateSecureToken (hex) to
  generateSecureBase58Token (base58)
- Remove duplicate token generation from api-server/utils/crypto.ts

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 19:31:30 +08:00
RevIQ
3eb44adf05 Fix TypeScript and lint errors 
- Add missing reqHeaders/resHeaders to webauthn test context
- Fix Session.id type from number to string in test
- Remove unnecessary Number() conversion in countOwners

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 17:01:22 +08:00
RevIQ
9cf95095c3 Implement Workstream J: Org procedures (backend) 
Add complete organization management procedures:
- orgs.list, create, get, update, delete, leave
- orgs.members.list, updateRole, remove
- orgs.invites.list, create, cancel, accept
- orgs.sites.list

Key features:
- Role-based access control (owner > admin > member)
- Transaction-protected owner count checks to prevent race conditions
- Privilege escalation prevention (only owners can invite owners)
- Graceful constraint violation handling with friendly error messages
- Email sending for org invitations

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 16:50:29 +08:00