Pre-beta audit remediation: security, features, UX, tests#102
Open
Pre-beta audit remediation: security, features, UX, tests#102
Conversation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…, types Fixes 8 issues from spec review: - Migration 00009 → 00031 (correct sequence) - Server action moved to src/app/(auth)/signup/actions.ts (colocated) - CSP update for PostHog host documented - Beta gate clarified: allowed emails can still reach signup form - WaitlistForm colocated with signup page - shouldSendEmail() exclusion documented - Server-side PostHog client (analytics-server.ts) specified - DbWaitlist type addition to database.ts documented Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Reviewed and fixed: reordered analytics before PostHog provider, CSP reads env var instead of hardcoding, removed dead code, added test env cleanup. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Guards use IS NOT NULL AND != pattern to handle Vercel server actions where auth.uid() may be NULL — blocks only when auth context is present but caller does not match the target user or couple. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move password-based login and signup from direct client-side Supabase Auth calls to server actions with IP-based rate limiting (10/15min for login, 5/hour for signup). Includes Zod validation and full test coverage. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add forgot-password and reset-password pages with server actions, Zod validation, IP-based rate limiting, and email enumeration protection. Includes unit tests and "Forgot password?" link on the login page. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds a server action with Zod validation, rate limiting (3/hour), and password re-verification before calling admin.deleteUser. Wires a two-step DeleteAccountPanel UI (Danger Zone card) below DataExportPanel in the Data & Privacy settings tab, with 5 unit tests all passing. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace all hardcoded gray-*/blue-* Tailwind classes in login and signup pages with semantic theme tokens (bg-muted/50, bg-card, text-foreground, text-muted-foreground, border-input, bg-primary, text-primary-foreground, etc.) so both pages render correctly in dark mode. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace hardcoded light-mode color classes (text-gray-*, bg-white, bg-gray-50, border-gray-*, bg-pink-50, text-pink-*) with semantic theme tokens (text-foreground, text-muted-foreground, bg-card, bg-muted/50, border-border, border-input, bg-primary/5, text-primary) so the check-in page renders correctly in dark mode. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add aria-required, autocomplete, role="alert", aria-live, aria-describedby, and aria-busy attributes to login and signup forms for screen reader and autofill support. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…uctive actions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implements the joinWaitlist server action in src/app/(auth)/signup/actions.ts and adds sendWaitlistConfirmation to src/lib/email/send.ts, with 10 unit tests covering validation errors, rate limiting, duplicate suppression, happy path, DB failure, and non-blocking Resend/email failures. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
29 tests covering all mutations in useCheckInMutations — startCheckIn, completeCheckIn, abandonCheckIn, saveMoodDraft (debounce), note CRUD, action item CRUD, and sync dispatch calls. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add happy path, auth, DB error, and edge case tests for joinCouple, leaveCouple, createInvite, resendInvite, getInviteStatusByToken, and acceptInvite — bringing couples.test.ts to 37 tests total. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…tPanel in settings test Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ew signup components Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ax-lines Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ax-lines Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Comprehensive remediation of all findings from the pre-open-beta security and quality audit. 22 commits across 6 phases:
Phase 1: Critical Security Fixes
auth.uid()guards tocreate_couple_for_user,update_couple_setting,convert_request_to_reminder(with NULL-safe handling for Vercel server actions)public = false, switched to signed URLs with legacy URL backward compatibilityPhase 2: Missing Features
Phase 3: UX Polish
bg-gray-50/text-gray-900with semantic theme tokens(app)route without onearia-required,aria-invalid,aria-live,autocompleteattributesconfirm()in love-languages, added confirmation to notes bulk delete and request deletePhase 4: Test Coverage (~120 new tests)
joinWaitlistserver actioncleanup-storagecron jobbookends-reducer(50 tests, all 12 action types)useCheckInMutations(29 tests)couples.tsremaining functions (24 tests for 6 functions)Phase 5: Performance
couple_idcolumns + other frequently-queried FKs for RLS query performancePhase 6: Cleanup
subscriptionstable admin-only write intent#main-contenttarget for skip-to-content linkDB Migrations (4 new)
00032_secure_rpc_functions.sql00033_private_milestone_photos.sql00034_add_foreign_key_indexes.sql00035_document_subscriptions_table.sqlManual Step Required
Enable Leaked Password Protection in Supabase Dashboard → qc-production → Auth → Settings
Test plan
🤖 Generated with Claude Code