9bfcb02c25
feat(stats): /lessons-progress and /due routes + heatmap default 52 weeks
2026-05-21 07:00:50 +02:00
754f8b6fc6
feat(sessions): startDueSession + POST /api/sessions/due
2026-05-21 07:00:00 +02:00
fb25f48f04
feat(stats): lessons-progress and due-overview services
2026-05-21 06:58:30 +02:00
f9912a7a8d
feat(search): /api/search route
2026-05-21 06:56:44 +02:00
b1e5d5f276
feat(search): global search service with library/marketplace + cards
2026-05-21 06:55:35 +02:00
aab1b4fdc2
docs: implementation plan for sub-project C — UX extensions (20 tasks)
2026-05-21 02:40:32 +02:00
cdd54d3745
docs: spec for sub-project C — UX extensions
2026-05-21 02:31:23 +02:00
c04b857c10
test(e2e): multi-user sharing + subscribe + practice flow
2026-05-21 00:42:52 +02:00
44622442de
feat(frontend): marketplace route
2026-05-21 00:40:31 +02:00
9fdadca529
feat(dashboard): subscriptions section
2026-05-21 00:39:36 +02:00
6a65c5cf96
feat(frontend): marketplace page with subscribe + fork
2026-05-21 00:38:20 +02:00
3356767d21
feat(admin): visibility toggle, fork/unsubscribe, readonly CardTable for subscribers
2026-05-21 00:36:51 +02:00
7eabd667ce
feat(frontend): lesson badges + marketplace nav link
2026-05-21 00:34:31 +02:00
01f7df3735
feat(frontend): API for visibility/fork/subscribe/marketplace/curated
2026-05-21 00:32:50 +02:00
4d4001e202
test(ownership): multi-user integration coverage
2026-05-21 00:31:23 +02:00
5822dbc8ae
feat(app): mount sharing routes + post-migration backfill
2026-05-21 00:28:29 +02:00
fb95ccd772
feat(routes): thread userId through routes + visibility/fork/curated endpoints
2026-05-21 00:26:49 +02:00
181a757323
refactor(marketplace): substring-only q filter, fix test to use real substring
2026-05-21 00:24:01 +02:00
9dcce76f01
feat(marketplace): list shared roots with filters + sort + pagination
2026-05-21 00:23:10 +02:00
4339728326
feat(fork): subtree fork service + tests
2026-05-21 00:19:46 +02:00
f378c0fdb0
feat(subs): subscribe/unsubscribe/list service + routes
2026-05-21 00:17:16 +02:00
28321c6f84
feat(stats): per-user filtering across all aggregations
2026-05-21 00:15:24 +02:00
a0c11d8e21
feat(sessions): per-user sessions and progress
2026-05-21 00:13:15 +02:00
2d37aee32c
feat(cards): permission-aware CRUD
2026-05-21 00:11:00 +02:00
9aaba94b95
feat(lessons): ownership-aware CRUD + tree filtering + visibility/curated
2026-05-21 00:09:32 +02:00
66363b8094
feat(perms): canRead/canEdit with ancestor walk + tests
2026-05-21 00:07:05 +02:00
262ac8b162
feat(shared): ownership types and marketplace schemas
2026-05-21 00:05:01 +02:00
a872560477
feat(db): ownership columns and lesson_subscriptions table
2026-05-21 00:03:24 +02:00
18fadc44f3
docs: implementation plan for sub-project B — ownership & sharing (20 TDD tasks)
2026-05-20 23:57:31 +02:00
a85d4afa4f
docs: spec for sub-project B — ownership & sharing
2026-05-20 23:46:29 +02:00
e27c1ca06c
chore(auth): non-blocking follow-ups from final review
...
- /api/stats: add verifyCsrf middleware (defense-in-depth; no-op for GETs)
- VerifyEmailPage: useRef guard to prevent React StrictMode double-fire of
the single-use verify token in dev
- router.tsx: route-level code splitting via React.lazy + Suspense; initial
bundle drops from 397 KB to 224 KB with per-route chunks (0.3–14 KB each)
- e2e: wait for verify-email completion before login; bump Account-menu
timeout to handle Vite cold-chunk compile
2026-05-20 23:27:52 +02:00
5739b6d941
test(e2e): register+verify smoke and admin invite flow via Mailpit
2026-05-20 23:19:56 +02:00
28bb903b93
feat(frontend): router with auth boundary, role guard, and all auth pages
2026-05-20 23:12:59 +02:00
117cd52e3e
feat(frontend): admin users page (invite, role, activate, send-reset)
2026-05-20 23:11:53 +02:00
88ba0a790c
feat(frontend): profile page (display name, email, change password)
2026-05-20 23:10:28 +02:00
1850cd78f5
feat(frontend): VerifyEmail + ForgotPassword + ResetPassword + AcceptInvite pages
2026-05-20 23:09:04 +02:00
4e15d8b59d
feat(frontend): Login + Register pages
2026-05-20 23:07:19 +02:00
6f921ae44e
feat(frontend): AuthBoundary, RoleGuard, UserMenu + Layout integration
2026-05-20 23:05:36 +02:00
bd74098786
feat(frontend): authStore (Zustand)
2026-05-20 23:03:43 +02:00
eb540c2cd8
feat(frontend): API client CSRF support + auth and admin-users API modules
2026-05-20 23:02:47 +02:00
00e69a8d90
chore: docker-compose mailpit, env.example, README auth section
2026-05-20 23:01:18 +02:00
bb0d9d7d01
feat(auth): wire auth middleware in app, protect all /api endpoints
2026-05-20 23:00:20 +02:00
9ca025f128
feat(auth): admin user management service, routes, and integration tests
2026-05-20 22:58:29 +02:00
70658556aa
feat(auth): /api/auth routes + integration tests (pending wiring)
2026-05-20 22:56:10 +02:00
574e3de0e8
feat(auth): currentUser, requireAuth, requireRole middleware
2026-05-20 22:53:31 +02:00
c9d593984d
feat(auth): named rate limiters (skip in tests)
2026-05-20 22:52:42 +02:00
0b62aad7d8
feat(auth): cookies helpers and CSRF middleware
2026-05-20 22:51:42 +02:00
1ba2cab2e8
feat(auth): email service with stub fallback + html templates
2026-05-20 22:50:22 +02:00
4ef3eaae52
feat(auth): server-side auth sessions with rolling expiry
2026-05-20 22:48:39 +02:00
04fbe6e9c3
feat(auth): token service with single-use, hashed storage
2026-05-20 22:47:02 +02:00
