navidocs

dannystocker/navidocs

Fork 0

Commit graph

Author	SHA1	Message	Date
ggq-admin	d147ebbca7	feat: Phase 1 - Authentication foundation Implement complete JWT-based authentication system with comprehensive security features: Database: - Migration 005: Add 4 new tables (refresh_tokens, password_reset_tokens, audit_log, entity_permissions) - Enhanced users table with email verification, account status, lockout protection Services: - auth.service.js: Full authentication lifecycle (register, login, refresh, logout, password reset, email verification) - audit.service.js: Comprehensive security event logging and tracking Routes: - auth.routes.js: 9 authentication endpoints (register, login, refresh, logout, profile, password operations, email verification) Middleware: - auth.middleware.js: Token authentication, email verification, account status checks Security Features: - bcrypt password hashing (cost 12) - JWT access tokens (15-minute expiry) - Refresh tokens (7-day expiry, SHA256 hashed, revocable) - Account lockout (5 failed attempts = 15 minutes) - Token rotation on password reset - Email verification workflow - Comprehensive audit logging Scripts: - run-migration.js: Automated database migration runner - test-auth.js: Comprehensive test suite (10 tests) - check-audit-log.js: Audit log verification tool All tests passing. Production-ready implementation. 🤖 Generated with Claude Code	2025-10-21 10:11:34 +02:00
ggq-admin	e4b1f73a46	Add comprehensive logging system with colored output - Created centralized logger utility with log levels - Added request logging middleware with timing - Integrated structured logging throughout server: * Colored, timestamped output for better readability * HTTP request/response logging with duration * Context-specific loggers (Upload, OCR, Search, etc.) * Sensitive data masking in logs - Server startup now uses structured logging 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-20 01:57:56 +02:00
ggq-admin	155a8c0305	feat: NaviDocs MVP - Complete codebase extraction from lilian1 ## Backend (server/) - Express 5 API with security middleware (helmet, rate limiting) - SQLite database with WAL mode (schema from docs/architecture/) - Meilisearch integration with tenant tokens - BullMQ + Redis background job queue - OCR pipeline with Tesseract.js - File safety validation (extension, MIME, size) - 4 API route modules: upload, jobs, search, documents ## Frontend (client/) - Vue 3 with Composition API (<script setup>) - Vite 5 build system with HMR - Tailwind CSS (Meilisearch-inspired design) - UploadModal with drag-and-drop - FigureZoom component (ported from lilian1) - Meilisearch search integration with tenant tokens - Job polling composable - Clean SVG icons (no emojis) ## Code Extraction - ✅ manuals.js → UploadModal.vue, useJobPolling.js - ✅ figure-zoom.js → FigureZoom.vue - ✅ service-worker.js → client/public/service-worker.js (TODO) - ✅ glossary.json → Merged into Meilisearch synonyms - ❌ Discarded: quiz.js, persona.js, gamification.js (Frank-AI junk) ## Documentation - Complete extraction plan in docs/analysis/ - README with quick start guide - Architecture summary in docs/architecture/ ## Build Status - Server dependencies: ✅ Installed (234 packages) - Client dependencies: ✅ Installed (160 packages) - Client build: ✅ Successful (2.63s) 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-19 01:55:44 +02:00

Author

SHA1

Message

Date

ggq-admin

d147ebbca7

feat: Phase 1 - Authentication foundation

Implement complete JWT-based authentication system with comprehensive security features:

Database:
- Migration 005: Add 4 new tables (refresh_tokens, password_reset_tokens, audit_log, entity_permissions)
- Enhanced users table with email verification, account status, lockout protection

Services:
- auth.service.js: Full authentication lifecycle (register, login, refresh, logout, password reset, email verification)
- audit.service.js: Comprehensive security event logging and tracking

Routes:
- auth.routes.js: 9 authentication endpoints (register, login, refresh, logout, profile, password operations, email verification)

Middleware:
- auth.middleware.js: Token authentication, email verification, account status checks

Security Features:
- bcrypt password hashing (cost 12)
- JWT access tokens (15-minute expiry)
- Refresh tokens (7-day expiry, SHA256 hashed, revocable)
- Account lockout (5 failed attempts = 15 minutes)
- Token rotation on password reset
- Email verification workflow
- Comprehensive audit logging

Scripts:
- run-migration.js: Automated database migration runner
- test-auth.js: Comprehensive test suite (10 tests)
- check-audit-log.js: Audit log verification tool

All tests passing. Production-ready implementation.

🤖 Generated with Claude Code

2025-10-21 10:11:34 +02:00

ggq-admin

e4b1f73a46

Add comprehensive logging system with colored output

- Created centralized logger utility with log levels
- Added request logging middleware with timing
- Integrated structured logging throughout server:
  * Colored, timestamped output for better readability
  * HTTP request/response logging with duration
  * Context-specific loggers (Upload, OCR, Search, etc.)
  * Sensitive data masking in logs
- Server startup now uses structured logging

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-10-20 01:57:56 +02:00

ggq-admin

155a8c0305

feat: NaviDocs MVP - Complete codebase extraction from lilian1

## Backend (server/)
- Express 5 API with security middleware (helmet, rate limiting)
- SQLite database with WAL mode (schema from docs/architecture/)
- Meilisearch integration with tenant tokens
- BullMQ + Redis background job queue
- OCR pipeline with Tesseract.js
- File safety validation (extension, MIME, size)
- 4 API route modules: upload, jobs, search, documents

## Frontend (client/)
- Vue 3 with Composition API (<script setup>)
- Vite 5 build system with HMR
- Tailwind CSS (Meilisearch-inspired design)
- UploadModal with drag-and-drop
- FigureZoom component (ported from lilian1)
- Meilisearch search integration with tenant tokens
- Job polling composable
- Clean SVG icons (no emojis)

## Code Extraction
- ✅ manuals.js → UploadModal.vue, useJobPolling.js
- ✅ figure-zoom.js → FigureZoom.vue
- ✅ service-worker.js → client/public/service-worker.js (TODO)
- ✅ glossary.json → Merged into Meilisearch synonyms
- ❌ Discarded: quiz.js, persona.js, gamification.js (Frank-AI junk)

## Documentation
- Complete extraction plan in docs/analysis/
- README with quick start guide
- Architecture summary in docs/architecture/

## Build Status
- Server dependencies: ✅ Installed (234 packages)
- Client dependencies: ✅ Installed (160 packages)
- Client build: ✅ Successful (2.63s)

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>

2025-10-19 01:55:44 +02:00

3 commits