Skip to content

auth, WS, mailing, files, migrations, docker optimizations, tests #6

Merged
tryb3l merged 288 commits intomainfrom
BT/unstable
Apr 6, 2026
Merged

auth, WS, mailing, files, migrations, docker optimizations, tests #6
tryb3l merged 288 commits intomainfrom
BT/unstable

Conversation

@tryb3l
Copy link
Copy Markdown
Owner

@tryb3l tryb3l commented Apr 6, 2026

List of changes:

  • Added password reset endpoints for request initiation, validation, and confirmation.
  • Integrated email-based password reset with verification using nodemailer for SMTP support.
  • Enhanced validation constraints for password reset tokens, including cooldown suppression and failure tracking.
  • Updated the database schema to include a credentialsVersion for password validity tracking.
  • Implemented migrations for sparse indexes and backfills credentialsVersion.
  • Added integration tests to cover various password reset scenarios.
  • Updated dotenv configuration to incorporate new SMTP settings.

tryb3l and others added 30 commits January 7, 2025 15:52
@tryb3l
update note schemas
b7ce05b
@tryb3l
update user schemas
f24daf2
@tryb3l
update schemas to include JSON Schema draft-07 and add required prope…
e473cbe 
…rties; refactor test paths and add run-tests script
@tryb3l
add error handling for note retrieval; update user role in setup; imp…
d21a654 
…lement basic smoke tests and user detail retrieval tests
@tryb3l
remove debug leftover files
2477294
@tryb3l
update dependencies
e8b01a8
@tryb3l
refactored plugins, enhanced token verification and error handlings. …
a5f9085 
…update CORS and rate limit plugins. improved user management methods
@tryb3l
update endpoints, route methods
77e396d
@tryb3l
refactor schemas
b3b56c4
@tryb3l
updated endpoints, added custom rate limiters
8c94683
@tryb3l
updated exception handlers for specific endpoints, schema refs etc
b2e5b57
@tryb3l
added graceful shutdown for app.js
8322b1b
@tryb3l
added auth tweaks in swagger plugin
c11f2ef
@tryb3l
update dependencies
ddf1f51
@tryb3l
fix note data source usage in route handlers
9dc6a02
@tryb3l
update Mongo docker image, enhance test setup with improved logging a…
edad53b 
…nd error handling
@tryb3l
remove debug leftovers
6843ffc
@tryb3l
refactor routes to use fastify.notesDataSource and add data wrapp…
5af0ced 
…er in responses
@tryb3l
small tweaks
9b675c7
@tryb3l
refactor tests, use node test runner
93f8b83
@tryb3l
unskip tests
acf5974
@tryb3l
Add more test cases, data generators etc
d0c5a3f
@tryb3l
refactor login tests to use node:test and improve assertions
08cfe78
@tryb3l
refactor tests, use node runner, add more TC's
b22f71a
@tryb3l
refactor tests, add more TC's
b81e08d
@tryb3l
refactor tests
246f554
@tryb3l
refactor tests. fix updatenote issue
4e63091
@tryb3l
extend assertions
bfce0b4
@tryb3l
add test
b5a94e8
@tryb3l
refactor data-creator and setup-user: replace generateKey with fastGe…
ea4b878 
…nerate, improve MongoDB connection handling
tryb3l added 29 commits April 6, 2026 18:09
@tryb3l
update CORS allowedHeaders and modify auth routes response schema
4c57222
@tryb3l
add integration tests for CSRF protection, header-only model, logout,…
1429337 
… refresh, and soft delete functionality
@tryb3l
add migration step to dev environment setup in makefile
1d5ab2c
@tryb3l
simplify structure and update to use recommended settings
08d4641
@tryb3l
add migration setup and live notes WebSocket functionality
758aed0
@tryb3l
update CI workflow
0e196b3
@tryb3l
update logger options and add websocket plugin with event bus support
a54a6ca
@tryb3l
update fastify-metrics to version 13.1.0
bec4b2a
@tryb3l
implement audit logging, password complexity, cache invalidation, and…
cc74a90 
… performance optimizations with new database indices and resource management.
@tryb3l
implement audit logging, cache invalidation, and performance indexing…
5cb68f1 
… to address API review findings
@tryb3l
implement audit logging and automated cache invalidation, and restric…
2263389 
…t authentication for soft-deleted users
@tryb3l
implement file attachments, fix pagination defaults, and add audit an…
dc66ce5 
…d cache-invalidation plugins
@tryb3l
improve cache invalidation logic to include POST requests and impro…
3541ac7 
…ve `note ID` retrieval from query parameters. add filtering utility for note queries
@tryb3l
add expires_in field to access token response, implement file downloa…
4380ca0 
…d route, and enhance user profile update and deletion functionality
@tryb3l
add integration tests for user and note deletion, user update, and fi…
f66d01f 
…le upload functionalities
@tryb3l
add nodemailer dependency for email handling
ebee30d
@tryb3l
add mailer plugin for email handling and update config to include SMT…
e4c931d 
…P settings
@tryb3l
add migration for sparse password reset index and backfill credential…
cd4b2b1 
…sVersion
@tryb3l
add session invalidation checks for credentials version mismatch in a…
8eb6444 
…uthentication and refresh token verification
@tryb3l
add password reset functionality with request, validation, and confir…
dec7a4c 
…mation endpoints. including related schemas and integration tests
@tryb3l
add credentialsVersion to user data and implement password reset meth…
3e567b6 
…ods in users plugin. update register schema and setup utility to include email
@tryb3l
add SMTP configuration properties to dotenv schema
6b4437d
@tryb3l
update fastify-metrics
147dd95
@tryb3l
- Updated header only authentication tests to clearly specify expecte…
cf6a48c 
…d outcomes for access tokens in cookies and Authorization headers.

- Introduced utility functions for  refresh cookies and CSRF context in login and logout tests.
- Enhanced password reset tests with additional scenarios for cooldown suppression and token reuse validation.
- Improved refresh token tests to ensure proper rotation and rejection of stale tokens.
- Streamlined user registration tests by creating a helper function for user registration.
- Added file upload utility functions to simplify file handling in notes tests.
- Refactored webSocket tests for notes to improve readability and maintainability, including user creation and message handling.
- Consolidated user deletion tests to verify token invalidation after self deletion.
@tryb3l
Implement password reset functionality with enhanced validation, cool…
b813b7d 
…down, and failure tracking; update dotenv schema for new configuration properties.
@tryb3l
Refactor password reset service calls to include request context. upd…
994a46a 
…ate live notes route to use socket instead of connection object for websocket handling.
@tryb3l
improve test setup, add environment support and Mongo URL retrieval. …
77d348b 
…refactor helper functions for better modularity.
@tryb3l
Refactor test environment configuration to utilize environment variab…
d7f2441 
…les for mongo url and JWT secrets. update registration tests to use dynamic mongo urls
@tryb3l
Merge remote-tracking branch 'origin/BT/unstable' into BT/unstable
68d3451
@tryb3l tryb3l merged commit 652ba58 into main Apr 6, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tryb3l