navidocs

dannystocker/navidocs

Fork 0

Commit graph

Author	SHA1	Message	Date
Danny Stocker	58b344aa31	FINAL: P0 blockers fixed + Joe Trader + ignore binaries Fixed: - Price: €800K-€1.5M, Sunseeker added - Agent 1: Joe Trader persona + actual sale ads research - Ignored meilisearch binary + data/ (too large for GitHub) - SESSION_DEBUG_BLOCKERS.md created Ready for Session 1 launch. 🤖 Generated with Claude Code	2025-11-13 01:29:59 +01:00
ggq-admin	d147ebbca7	feat: Phase 1 - Authentication foundation Implement complete JWT-based authentication system with comprehensive security features: Database: - Migration 005: Add 4 new tables (refresh_tokens, password_reset_tokens, audit_log, entity_permissions) - Enhanced users table with email verification, account status, lockout protection Services: - auth.service.js: Full authentication lifecycle (register, login, refresh, logout, password reset, email verification) - audit.service.js: Comprehensive security event logging and tracking Routes: - auth.routes.js: 9 authentication endpoints (register, login, refresh, logout, profile, password operations, email verification) Middleware: - auth.middleware.js: Token authentication, email verification, account status checks Security Features: - bcrypt password hashing (cost 12) - JWT access tokens (15-minute expiry) - Refresh tokens (7-day expiry, SHA256 hashed, revocable) - Account lockout (5 failed attempts = 15 minutes) - Token rotation on password reset - Email verification workflow - Comprehensive audit logging Scripts: - run-migration.js: Automated database migration runner - test-auth.js: Comprehensive test suite (10 tests) - check-audit-log.js: Audit log verification tool All tests passing. Production-ready implementation. 🤖 Generated with Claude Code	2025-10-21 10:11:34 +02:00

Author

SHA1

Message

Date

Danny Stocker

58b344aa31

FINAL: P0 blockers fixed + Joe Trader + ignore binaries

Fixed:
- Price: €800K-€1.5M, Sunseeker added
- Agent 1: Joe Trader persona + actual sale ads research
- Ignored meilisearch binary + data/ (too large for GitHub)
- SESSION_DEBUG_BLOCKERS.md created

Ready for Session 1 launch.

🤖 Generated with Claude Code

2025-11-13 01:29:59 +01:00

ggq-admin

d147ebbca7

feat: Phase 1 - Authentication foundation

Implement complete JWT-based authentication system with comprehensive security features:

Database:
- Migration 005: Add 4 new tables (refresh_tokens, password_reset_tokens, audit_log, entity_permissions)
- Enhanced users table with email verification, account status, lockout protection

Services:
- auth.service.js: Full authentication lifecycle (register, login, refresh, logout, password reset, email verification)
- audit.service.js: Comprehensive security event logging and tracking

Routes:
- auth.routes.js: 9 authentication endpoints (register, login, refresh, logout, profile, password operations, email verification)

Middleware:
- auth.middleware.js: Token authentication, email verification, account status checks

Security Features:
- bcrypt password hashing (cost 12)
- JWT access tokens (15-minute expiry)
- Refresh tokens (7-day expiry, SHA256 hashed, revocable)
- Account lockout (5 failed attempts = 15 minutes)
- Token rotation on password reset
- Email verification workflow
- Comprehensive audit logging

Scripts:
- run-migration.js: Automated database migration runner
- test-auth.js: Comprehensive test suite (10 tests)
- check-audit-log.js: Audit log verification tool

All tests passing. Production-ready implementation.

🤖 Generated with Claude Code

2025-10-21 10:11:34 +02:00

2 commits