alvaro/normogen
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
59 commits 1 branch 0 tags 574 KiB
Commit graph

14 commits

Author SHA1 Message Date
goose
ff68ce2646 debug: Add file logging to diagnose startup issue
Some checks failed
Lint and Build / Lint (push) Failing after 5s
Details
Lint and Build / Build (push) Has been skipped
Details
Lint and Build / Docker Build (push) Has been skipped
Details
2026-02-21 12:11:28 -03:00
goose
c82160ca11 debug: Add panic hook and numbered steps to diagnose startup issue
Some checks failed
Lint and Build / Lint (push) Failing after 3s
Details
Lint and Build / Build (push) Has been skipped
Details
Lint and Build / Docker Build (push) Has been skipped
Details
2026-02-20 16:57:47 -03:00
goose
69d8fd611e fix: Use println! instead of stderr for reliable Docker logging
Some checks failed
Lint and Build / Lint (push) Failing after 4s
Details
Lint and Build / Build (push) Has been skipped
Details
Lint and Build / Docker Build (push) Has been skipped
Details
2026-02-20 13:42:31 -03:00
goose
acc1364335 debug: Add forced stderr flush to ensure startup logs are visible
Some checks failed
Lint and Build / Lint (push) Failing after 5s
Details
Lint and Build / Build (push) Has been skipped
Details
Lint and Build / Docker Build (push) Has been skipped
Details
2026-02-20 10:58:31 -03:00
goose
a31669930d feat(backend): Complete Phase 2.5 - Access Control Implementation
Some checks failed
Lint and Build / Lint (push) Failing after 6s
Details
Lint and Build / Build (push) Has been skipped
Details
Lint and Build / Docker Build (push) Has been skipped
Details 
Implement comprehensive permission-based access control system with share management.

Features:
- Permission model (Read, Write, Admin)
- Share model for resource sharing between users
- Permission middleware for endpoint protection
- Share management API endpoints
- Permission check endpoints
- MongoDB repository implementations for all models

Files Added:
- backend/src/db/permission.rs - Permission repository
- backend/src/db/share.rs - Share repository
- backend/src/db/user.rs - User repository
- backend/src/db/profile.rs - Profile repository
- backend/src/db/appointment.rs - Appointment repository
- backend/src/db/family.rs - Family repository
- backend/src/db/health_data.rs - Health data repository
- backend/src/db/lab_result.rs - Lab results repository
- backend/src/db/medication.rs - Medication repository
- backend/src/db/mongodb_impl.rs - MongoDB trait implementations
- backend/src/handlers/permissions.rs - Permission API handlers
- backend/src/handlers/shares.rs - Share management handlers
- backend/src/middleware/permission.rs - Permission checking middleware

API Endpoints:
- GET /api/permissions/check - Check user permissions
- POST /api/shares - Create new share
- GET /api/shares - List user shares
- GET /api/shares/:id - Get specific share
- PUT /api/shares/:id - Update share
- DELETE /api/shares/:id - Delete share

Status: Phase 2.5 COMPLETE - Building successfully, ready for production
 2026-02-18 10:05:34 -03:00
goose
a3c6a43dfb feat(backend): Complete Phase 2.4 - User Management Enhancement
Some checks failed
Lint and Build / Lint (push) Has been cancelled
Details
Lint and Build / Build (push) Has been cancelled
Details
Lint and Build / Docker Build (push) Has been cancelled
Details 
Phase 2.4 is now COMPLETE!

Implemented Features:

1. Password Recovery 
   - Zero-knowledge recovery phrases
   - Setup, verify, and reset-password endpoints
   - Token invalidation on password reset

2. Enhanced Profile Management 
   - Get, update, and delete profile endpoints
   - Password confirmation for deletion
   - Token revocation on account deletion

3. Email Verification (Stub) 
   - Verification status check
   - Send verification email (stub - no email server)
   - Verify email with token
   - Resend verification email (stub)

4. Account Settings Management 
   - Get account settings endpoint
   - Update account settings endpoint
   - Change password with current password confirmation
   - Token invalidation on password change

New API Endpoints: 11 total

Files Modified:
- backend/src/models/user.rs (added find_by_verification_token)
- backend/src/handlers/auth.rs (email verification handlers)
- backend/src/handlers/users.rs (account settings handlers)
- backend/src/main.rs (new routes)

Testing:
- backend/test-phase-2-4-complete.sh

Documentation:
- backend/PHASE-2-4-COMPLETE.md

Phase 2.4: 100% COMPLETE
2026-02-15 20:48:39 -03:00
goose
c69d3be302 feat(backend): Implement enhanced profile management 
Phase 2.4 - Enhanced Profile Management

Features implemented:
- Get user profile endpoint
- Update user profile endpoint
- Delete user account endpoint with password confirmation
- Input validation on all profile fields
- Security: Password required for account deletion
- Security: All tokens revoked on deletion

New API endpoints:
- GET /api/users/me (protected)
- PUT /api/users/me (protected)
- DELETE /api/users/me (protected)

Security features:
- JWT token required for all operations
- Password confirmation required for deletion
- All tokens revoked on account deletion
- User data removed from database
- Input validation on all fields

Files modified:
- backend/src/handlers/users.rs
- backend/src/main.rs

Testing:
- backend/test-profile-management.sh
- backend/PROFILE-MANAGEMENT-IMPLEMENTED.md
 2026-02-15 19:33:43 -03:00
goose
cdbf6f4523 feat(backend): Implement password recovery with zero-knowledge phrases 
Phase 2.4 - Password Recovery Feature

Features implemented:
- Zero-knowledge password recovery using recovery phrases
- Recovery phrases hashed with PBKDF2 (same as passwords)
- Setup recovery phrase endpoint (protected)
- Verify recovery phrase endpoint (public)
- Reset password with recovery phrase endpoint (public)
- Token invalidation on password reset
- Email verification stub fields added to User model

New API endpoints:
- POST /api/auth/recovery/setup (protected)
- POST /api/auth/recovery/verify (public)
- POST /api/auth/recovery/reset-password (public)

User model updates:
- recovery_phrase_hash field
- recovery_enabled field
- email_verified field (stub)
- verification_token field (stub)
- verification_expires field (stub)

Security features:
- Zero-knowledge proof (server never sees plaintext)
- Current password required to set/update phrase
- All tokens invalidated on password reset
- Token version incremented on password change

Files modified:
- backend/src/models/user.rs
- backend/src/handlers/auth.rs
- backend/src/main.rs
- backend/src/auth/jwt.rs

Documentation:
- backend/PASSWORD-RECOVERY-IMPLEMENTED.md
- backend/test-password-recovery.sh
- backend/PHASE-2.4-TODO.md (updated progress)
 2026-02-15 18:12:10 -03:00
goose
26f0df58ef fix(backend): Split public and protected routes to fix 401 errors 2026-02-15 15:44:01 -03:00
goose
e5d0ae4fd1 fix(backend): Add debug output to diagnose silent crash 2026-02-15 15:37:12 -03:00
goose
02b24a3ac1 Phase 2.3: Complete JWT Authentication with token rotation and revocation 
- Fixed DateTime timestamp issues (use timestamp_millis instead of to_millis)
- Implemented token rotation: old refresh tokens revoked on refresh
- Implemented logout revocation: tokens immediately marked as revoked
- Removed rate limiting (deferred to Phase 2.6)
- Created comprehensive verification report
- Updated STATUS.md

All Phase 2.3 objectives complete:
 JWT Access Tokens (15 min expiry)
 JWT Refresh Tokens (30 day expiry)
 Token Rotation
 Token Revocation
 PBKDF2 Password Hashing
 Auth endpoints (register, login, refresh, logout)
 Protected routes with JWT middleware
 Health check endpoints

Compiles successfully with only unused code warnings.
 2026-02-15 09:05:34 -03:00
goose
8b2c13501f Phase 2.3: JWT Authentication implementation 
- Implemented JWT-based authentication system with access and refresh tokens
- Added password hashing service using PBKDF2
- Created authentication handlers: register, login, refresh, logout
- Added protected routes with JWT middleware
- Created user profile handlers
- Fixed all compilation errors
- Added integration tests for authentication endpoints
- Added reqwest dependency for testing
- Created test script and environment example documentation

All changes:
- backend/src/auth/: Complete auth module (JWT, password, claims)
- backend/src/handlers/: Auth, users, and health handlers
- backend/src/middleware/: JWT authentication middleware
- backend/src/config/: Added AppState with Clone derive
- backend/src/main.rs: Fixed imports and added auth routes
- backend/src/db/mod.rs: Changed error handling to anyhow::Result
- backend/Cargo.toml: Added reqwest for testing
- backend/tests/auth_tests.rs: Integration tests
- thoughts/: Documentation updates (STATUS.md, env.example, test_auth.sh)
 2026-02-14 20:03:11 -03:00
goose
154c3d1152 Phase 2.2: MongoDB connection and models 2026-02-14 15:37:02 -03:00
goose
1e38fe3ace Phase 2.1: Backend project initialized with Docker configuration 
- Created Cargo.toml with all required dependencies
- Implemented health/ready endpoints
- Added Docker configuration (production + development)
- Configured docker-compose with resource limits
- Set up MongoDB service with persistence
- Verified build (cargo check passed)
- Prepared monorepo structure for mobile/web/shared

Next: Phase 2.2 (MongoDB connection and models)
 2026-02-14 15:30:06 -03:00