Claude
c0486e3f4d
[SESSION-3] Add organization timeline feature
...
- Database: activity_log table with indexes
- Backend: Activity logger service + timeline API
- Frontend: Timeline.vue with date grouping and filtering
- Integration: Upload route logs activity
- UI: Modern timeline with infinite scroll
Backend changes:
- migrations/010_activity_timeline.sql: Activity log schema
- services/activity-logger.js: Log events to timeline
- routes/timeline.js: GET /api/organizations/:orgId/timeline
- routes/upload.js: Integrate activity logging
- index.js: Register timeline route
Frontend changes:
- views/Timeline.vue: Timeline component with date grouping
- router.js: Add /timeline route with auth
- views/HomeView.vue: Add Timeline navigation button
Features:
- Reverse chronological event feed
- Date grouping (Today, Yesterday, This Week, etc.)
- Event type filtering (uploads, maintenance, etc.)
- Infinite scroll pagination
- User attribution
- Links to source documents
Resolves: Timeline feature spec
2025-11-13 12:38:02 +00:00
ggq-admin
04c7230046
feat: Phase 3 - Admin settings system with encryption
...
Implement system-wide configuration management with encrypted storage for sensitive data:
Database:
- Migration 006: system_settings table with encryption support
- Migration 007: is_system_admin flag for users table
Services:
- settings.service.js: Configuration management with AES-256-GCM encryption
- getSetting, setSetting, deleteSetting
- Category-based organization
- Auto-encrypt/decrypt sensitive values
- Email configuration testing
Routes:
- settings.routes.js: 8 admin-only endpoints (CRUD settings, categories, test email)
Middleware:
- requireSystemAdmin: Verify system admin privileges (via SYSTEM_ADMIN_EMAILS env var or is_system_admin flag)
Default Settings:
- Email: SMTP configuration (host, port, credentials)
- Security: Email verification, password rules, lockout settings
- General: App name, support email, file size limits
Encryption:
- AES-256-GCM authenticated encryption
- Prevents tampering
- Per-setting encryption flag
- Secure key management via SETTINGS_ENCRYPTION_KEY env var
Environment:
- .env.example: Template for all required configuration
- Added SETTINGS_ENCRYPTION_KEY and SYSTEM_ADMIN_EMAILS
Production-ready admin configuration panel.
🤖 Generated with Claude Code
2025-10-21 10:12:10 +02:00
ggq-admin
d147ebbca7
feat: Phase 1 - Authentication foundation
...
Implement complete JWT-based authentication system with comprehensive security features:
Database:
- Migration 005: Add 4 new tables (refresh_tokens, password_reset_tokens, audit_log, entity_permissions)
- Enhanced users table with email verification, account status, lockout protection
Services:
- auth.service.js: Full authentication lifecycle (register, login, refresh, logout, password reset, email verification)
- audit.service.js: Comprehensive security event logging and tracking
Routes:
- auth.routes.js: 9 authentication endpoints (register, login, refresh, logout, profile, password operations, email verification)
Middleware:
- auth.middleware.js: Token authentication, email verification, account status checks
Security Features:
- bcrypt password hashing (cost 12)
- JWT access tokens (15-minute expiry)
- Refresh tokens (7-day expiry, SHA256 hashed, revocable)
- Account lockout (5 failed attempts = 15 minutes)
- Token rotation on password reset
- Email verification workflow
- Comprehensive audit logging
Scripts:
- run-migration.js: Automated database migration runner
- test-auth.js: Comprehensive test suite (10 tests)
- check-audit-log.js: Audit log verification tool
All tests passing. Production-ready implementation.
🤖 Generated with Claude Code
2025-10-21 10:11:34 +02:00
