qzl/social-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
92 Commits 2 Branches 0 Tags
ce8cd1d31f3f217becf466587840bef05bcb13c9
Commit Graph

92 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
qzl ce8cd1d31f fix: address CRITICAL security issues - permission escalation and encoding inconsistency 2026-02-28 12:40:40 +08:00
qzl 173d91086f test: add calendar sharing tests and update API docs 2026-02-28 12:28:45 +08:00
qzl 7a49783156 feat: add share calendar API 2026-02-28 12:15:59 +08:00
qzl 709ae5ab73 feat: add inbox messages module for calendar invitations 2026-02-28 12:09:34 +08:00
qzl 9b48939de8 fix: address code review issues and improve code quality 
- Add owner_id check in repository delete operation
- Fix time range validation for partial updates
- Wrap pre-query in try/except for consistent error handling
- Use default_factory instead of mutable defaults
- Add max_length constraint for timezone field
- Remove unused dependencies and empty validators
- Extract magic numbers to constants
- Simplify update logic with model_dump
 2026-02-28 11:34:49 +08:00
qzl 50b38de488 feat: add schedule items CRUD API 
- Add ScheduleItem Pydantic schemas with metadata support
- Add repository layer with CRUD operations
- Add service layer with authorization
- Add FastAPI router with all endpoints
- Add unit and integration tests
- Update API documentation
 2026-02-28 11:34:49 +08:00
qzl dbd3f68dd4 test: add invite code validation tests and fix migration rollback 
- Add TestInviteCodeSignup integration tests for valid/invalid invite codes
- Fix migration downgrade: avoid dropping trigger dependency
- Add DB CHECK constraint for invite_codes.code format
- Update runtime-route.md with invite_code documentation
- Update runtime-runbook.md with change log
 2026-02-28 10:56:09 +08:00
qzl 3d6ae7695f refactor: 优化日历状态管理与首页输入框,添加API客户端抽象 2026-02-27 18:36:21 +08:00
qzl 80d04688fc feat: add invite code feature (create, validate, referrer tracking) 2026-02-27 17:27:55 +08:00
qzl e4e995854d feat: 实现密码重置功能与用户搜索API,优化注册登录流程 
- 新增忘记密码页面与重置密码确认流程(前端+后端)
- 修复注册验证码页登录跳转路由
- 新增用户搜索API(按邮箱查询)
- 简化infra脚本,统一为app.sh
- 补充密码重置与用户API测试覆盖
- 更新runtime文档与AGENTS配置
 2026-02-27 15:22:42 +08:00
qzl 0d4811fee5 docs: add invite code design and backlog for user_agents trigger 2026-02-27 11:10:44 +08:00
qzl 76853452f6 chore: commit remaining workspace updates 
include AGENTS guidance updates, plan doc replacements, and utility script changes left in working tree
 2026-02-26 17:59:30 +08:00
qzl f3d08a7fcf refactor: remove legacy migration revisions 
drop obsolete alembic history replaced by the new split social schema migration chain
 2026-02-26 17:58:49 +08:00
qzl 6641eba9df feat: split initial social schema migration chain 
replace monolithic migration with ordered scripts, include profiles/sessions in migration, and verify full downgrade/upgrade cycle for clean Supabase bootstrap
 2026-02-26 17:58:37 +08:00
qzl 2994cc708c fix: update E2E tests for RESTful endpoints 2026-02-26 14:43:52 +08:00
qzl 8e493ae7fd docs: add runtime route documentation and AGENTS.md rule 2026-02-26 14:37:51 +08:00
qzl d635d9a5e0 refactor(frontend): adapt to RESTful API routes 2026-02-26 14:28:58 +08:00
qzl 5b8b584013 test: verify signup_start response only contains email 2026-02-26 14:12:39 +08:00
qzl 2709d88c68 test: update integration tests for RESTful routes 2026-02-26 14:08:10 +08:00
qzl 3cab7b03f7 refactor: Phase 2 - rename routes to RESTful style 2026-02-26 13:41:32 +08:00
qzl 4b707c7da1 fix: add missing get_user_repository function 2026-02-26 13:36:34 +08:00
qzl 04726b42cb refactor: Phase 1 - rename and simplify backend schemas 2026-02-26 13:33:02 +08:00
qzl c6eb58d8da docs: add RESTful API refactor design and plan 2026-02-26 13:18:36 +08:00
qzl cc7a70d793 fix(auth): correct resend response type and improve error messages 2026-02-26 12:13:50 +08:00
qzl 11666e6492 fix(auth): validation toast and rate limit adjustment 2026-02-26 12:07:40 +08:00
qzl 56bee56415 fix(auth): fixed width resend button with border 2026-02-26 11:59:22 +08:00
qzl 76620cde6f style(auth): simplify resend button to text link style 2026-02-26 11:53:06 +08:00
qzl d6113416c6 fix(auth): trigger AuthLoggedOut event on logout 2026-02-26 11:45:59 +08:00
qzl d50a1a0f8e fix(auth): show validation error toast on register form 2026-02-26 11:40:49 +08:00
qzl b80b9e795d fix(auth): allow immediate resend on first send failure 2026-02-26 11:31:35 +08:00
qzl a6fbf70ad5 fix(auth): reset state properly in sendCodeSilently 2026-02-26 11:28:33 +08:00
qzl 4f9889bb3f fix(auth): set failure status on sendCodeSilently error 2026-02-26 11:25:51 +08:00
qzl 8294c67d27 docs: cleanup old plans and add new design docs 2026-02-26 11:21:27 +08:00
qzl 656b2a1793 fix(auth): improve error toast trigger condition 2026-02-26 11:18:56 +08:00
qzl 74dc44b0b0 feat(auth): add toast feedback for code sending 2026-02-26 11:15:49 +08:00
qzl 8235ac5cd9 fix(auth): improve resendCode with status tracking and return value 2026-02-26 11:12:04 +08:00
qzl d1e224ece4 fix(auth): reset countdown after resend and add sending state 2026-02-26 11:06:16 +08:00
qzl 25b8a2b569 feat(auth): improve resend button style with countdown 2026-02-26 11:02:30 +08:00
qzl 1f253c54e9 feat(auth): add countdown timer for resend button 2026-02-26 10:58:29 +08:00
qzl deba6cc435 fix(auth): add navigation debounce for register next button 2026-02-26 10:52:44 +08:00
qzl 8f8b6ac263 feat(auth): optimistic navigation to verification screen 2026-02-26 10:48:48 +08:00
qzl 8e8bcfa4f5 fix(auth): prevent concurrent sendCodeSilently and add edge case tests 2026-02-26 10:46:16 +08:00
qzl 175da2a8b7 feat(auth): add sendCodeSilently with isSending state 2026-02-26 10:37:02 +08:00
qzl c9e91e7849 docs: add register verification UX optimization design 2026-02-26 10:27:54 +08:00
qzl 443977be9b fix(security): enforce defensive RLS for agent chat tables 
Close Supabase advisor findings by enabling RLS and deny-by-default policies on new public agent-chat tables. Clarify backend RLS governance and incident runbook steps to prevent config-drift regressions.
 2026-02-25 18:04:05 +08:00
qzl a88e42babd Merge branch 'feature/flutter-auth' into dev 2026-02-25 18:00:12 +08:00
qzl e20b1905cb fix(apps): consolidate FormzInput validators and fix login screen 
- Move FormzInput validators to core/form_inputs/form_inputs.dart
- Fix login_screen.dart syntax error (missing 'class' keyword)
- Remove unused _isLoading field
- Fix unnecessary const keywords
- Update login_cubit and register_cubit imports
- Remove duplicate FormzInput definitions from register_cubit
- Add Toast and Banner UI feedback system
- Remove legacy login/register screens (login_code, login_email, login_password, register_step2)
- Remove unused warning_banner widget
- Update tests for new error messages and DI setup
 2026-02-25 18:00:02 +08:00
qzl aa30054d64 docs(runtime): optimize runbook for ops workflow 2026-02-25 17:21:20 +08:00
qzl 36131cc001 docs: add runtime runbook optimization design 2026-02-25 17:12:43 +08:00
qzl 890de969cc merge: combine local dev updates into dev 2026-02-25 17:05:04 +08:00