fb95ccd772
feat(routes): thread userId through routes + visibility/fork/curated endpoints
2026-05-21 00:26:49 +02:00
181a757323
refactor(marketplace): substring-only q filter, fix test to use real substring
2026-05-21 00:24:01 +02:00
9dcce76f01
feat(marketplace): list shared roots with filters + sort + pagination
2026-05-21 00:23:10 +02:00
4339728326
feat(fork): subtree fork service + tests
2026-05-21 00:19:46 +02:00
f378c0fdb0
feat(subs): subscribe/unsubscribe/list service + routes
2026-05-21 00:17:16 +02:00
28321c6f84
feat(stats): per-user filtering across all aggregations
2026-05-21 00:15:24 +02:00
a0c11d8e21
feat(sessions): per-user sessions and progress
2026-05-21 00:13:15 +02:00
2d37aee32c
feat(cards): permission-aware CRUD
2026-05-21 00:11:00 +02:00
9aaba94b95
feat(lessons): ownership-aware CRUD + tree filtering + visibility/curated
2026-05-21 00:09:32 +02:00
66363b8094
feat(perms): canRead/canEdit with ancestor walk + tests
2026-05-21 00:07:05 +02:00
262ac8b162
feat(shared): ownership types and marketplace schemas
2026-05-21 00:05:01 +02:00
a872560477
feat(db): ownership columns and lesson_subscriptions table
2026-05-21 00:03:24 +02:00
18fadc44f3
docs: implementation plan for sub-project B — ownership & sharing (20 TDD tasks)
2026-05-20 23:57:31 +02:00
a85d4afa4f
docs: spec for sub-project B — ownership & sharing
2026-05-20 23:46:29 +02:00
e27c1ca06c
chore(auth): non-blocking follow-ups from final review
...
- /api/stats: add verifyCsrf middleware (defense-in-depth; no-op for GETs)
- VerifyEmailPage: useRef guard to prevent React StrictMode double-fire of
the single-use verify token in dev
- router.tsx: route-level code splitting via React.lazy + Suspense; initial
bundle drops from 397 KB to 224 KB with per-route chunks (0.3–14 KB each)
- e2e: wait for verify-email completion before login; bump Account-menu
timeout to handle Vite cold-chunk compile
2026-05-20 23:27:52 +02:00
5739b6d941
test(e2e): register+verify smoke and admin invite flow via Mailpit
2026-05-20 23:19:56 +02:00
28bb903b93
feat(frontend): router with auth boundary, role guard, and all auth pages
2026-05-20 23:12:59 +02:00
117cd52e3e
feat(frontend): admin users page (invite, role, activate, send-reset)
2026-05-20 23:11:53 +02:00
88ba0a790c
feat(frontend): profile page (display name, email, change password)
2026-05-20 23:10:28 +02:00
1850cd78f5
feat(frontend): VerifyEmail + ForgotPassword + ResetPassword + AcceptInvite pages
2026-05-20 23:09:04 +02:00
4e15d8b59d
feat(frontend): Login + Register pages
2026-05-20 23:07:19 +02:00
6f921ae44e
feat(frontend): AuthBoundary, RoleGuard, UserMenu + Layout integration
2026-05-20 23:05:36 +02:00
bd74098786
feat(frontend): authStore (Zustand)
2026-05-20 23:03:43 +02:00
eb540c2cd8
feat(frontend): API client CSRF support + auth and admin-users API modules
2026-05-20 23:02:47 +02:00
00e69a8d90
chore: docker-compose mailpit, env.example, README auth section
2026-05-20 23:01:18 +02:00
bb0d9d7d01
feat(auth): wire auth middleware in app, protect all /api endpoints
2026-05-20 23:00:20 +02:00
9ca025f128
feat(auth): admin user management service, routes, and integration tests
2026-05-20 22:58:29 +02:00
70658556aa
feat(auth): /api/auth routes + integration tests (pending wiring)
2026-05-20 22:56:10 +02:00
574e3de0e8
feat(auth): currentUser, requireAuth, requireRole middleware
2026-05-20 22:53:31 +02:00
c9d593984d
feat(auth): named rate limiters (skip in tests)
2026-05-20 22:52:42 +02:00
0b62aad7d8
feat(auth): cookies helpers and CSRF middleware
2026-05-20 22:51:42 +02:00
1ba2cab2e8
feat(auth): email service with stub fallback + html templates
2026-05-20 22:50:22 +02:00
4ef3eaae52
feat(auth): server-side auth sessions with rolling expiry
2026-05-20 22:48:39 +02:00
04fbe6e9c3
feat(auth): token service with single-use, hashed storage
2026-05-20 22:47:02 +02:00
0e6bc8c640
feat(auth): password hashing service
2026-05-20 22:45:21 +02:00
afd51571c5
feat(shared): add auth types and zod schemas
2026-05-20 22:44:08 +02:00
7c5600cdef
feat(db): add users, sessions_auth, auth_tokens tables
2026-05-20 22:42:07 +02:00
ee7ca9187a
docs: implementation plan for sub-project A — auth & roles (22 TDD tasks)
2026-05-20 22:32:38 +02:00
dce6809893
docs: spec for sub-project A — auth & roles
2026-05-20 22:16:41 +02:00
b984e83e2b
feat(frontend): apply UI/UX design system - purple/green palette, gradient buttons, 3D flip, polished pages
...
Applied ui-ux-pro-max design system recommendations:
- Tailwind theme: study purple primary + correct green accent
- Inter + Plus Jakarta Sans typography
- Glassmorphic surfaces with soft shadows and mesh background
- Real 3D card flip with spring physics + answer feedback flash
- Gradient stat cards, progress bar, animated done screen with score ring
- Polished Layout, Dashboard, Admin, AdminLesson, CardTable, ImportDialog, PracticeSetup, Practice, PracticeDone
- E2E smoke updated for new accessible names
2026-05-20 21:48:47 +02:00
9300af2820
docs: readme with quickstart
2026-05-20 21:30:27 +02:00
f88b4d57de
test(e2e): playwright smoke for create→practice flow
2026-05-20 21:29:51 +02:00
b1992d0dad
feat(frontend): resume active session prompt
2026-05-20 21:26:09 +02:00
f1abb64573
feat(frontend): settings page with dark mode and defaults
2026-05-20 21:24:12 +02:00
289a58fac0
feat(frontend): dashboard and stats pages
2026-05-20 21:22:44 +02:00
2444e2400f
feat(frontend): practice setup, session and done flow
2026-05-20 21:20:30 +02:00
16a7cc6ad6
feat(frontend): admin card management with excel import/export
2026-05-20 21:17:55 +02:00
1fd31e1001
feat(frontend): admin lesson tree CRUD
2026-05-20 21:15:54 +02:00
1d501ee50a
feat(frontend): zustand stores for settings, lessons, session
2026-05-20 21:14:20 +02:00
1c977c4743
feat(frontend): API client modules + backend GET /api/cards/:id
2026-05-20 21:12:38 +02:00
