403f41f078
fix(auth): sanitize error messages in error page
...
Add basic XSS sanitization by removing angle brackets from error
URL parameters before rendering.
2026-04-06 23:26:09 -04:00
4e7c56eec9
fix(ui): add error handling and loading state to sign-in
...
Add try/catch with toast notification and loading state for sign-in
button to improve UX and error visibility.
2026-04-06 23:25:40 -04:00
8d9329050d
fix(ui): add error handling to sign-out
...
Add try/catch with toast notification for sign-out failures.
2026-04-06 23:24:40 -04:00
e1fd7dc5a3
feat(api): add input validation to AI endpoints
...
Add prompt validation to ai-event (non-empty string, max 2000 chars)
and events array length validation to ai-summary (max 100 items)
to prevent abuse and injection attacks.
2026-04-06 23:24:15 -04:00
a4656520f8
fix(db): ensure pgcrypto extension for UUID generation
...
Add CREATE EXTENSION IF NOT EXISTS pgcrypto to migration for
compatibility with older PostgreSQL versions.
2026-04-06 23:23:26 -04:00
3b5934dbfd
fix(auth): correct session check in sign-out page
...
Change !session to !session?.user to properly detect unauthenticated
state. useSession() returns an object, not null.
2026-04-06 23:23:08 -04:00
cfa93da149
refactor(auth): remove unused SessionProvider wrapper
...
Remove the passthrough AuthSessionProvider component and its usage
in layout. better-auth hooks work without a provider wrapper.
2026-04-06 23:22:33 -04:00
c6017b2f78
fix(db): wrap migration in transaction
...
Add BEGIN/COMMIT transaction wrapper to migration to ensure
atomicity and prevent partial migration failures.
2026-04-06 23:21:42 -04:00
bcd488e2d3
fix(auth): use correct sign-in method for genericOAuth
...
Add genericOAuthClient plugin to auth client and change sign-in
call from signIn.social() to signIn.oauth2() with correct
providerId parameter.
2026-04-06 23:20:39 -04:00
c3026c8262
feat(api): add auth check to ai-summary endpoint
...
Require authentication for ai-summary endpoint to prevent
unauthorized API key usage and cost leakage.
2026-04-06 23:18:46 -04:00
4c6f880a3f
feat(auth): configure trustedOrigins for CSRF protection
...
Add trustedOrigins to better-auth config to ensure proper origin
validation behind reverse proxy.
2026-04-06 23:18:20 -04:00
ece03a9124
feat(auth): validate required env vars at startup
...
Add explicit validation for BETTER_AUTH_SECRET, BETTER_AUTH_URL, and
Authentik config variables. Set secret explicitly in better-auth config
to prevent silent session loss on restart.
2026-04-06 23:17:51 -04:00
2a808f8ca1
fix(db): preserve OAuth user verified status during migration
...
Update emailVerified type conversion to set OAuth users (those with
account records) as verified before converting timestamp to boolean.
2026-04-06 23:16:58 -04:00
afb27eb66d
fix(db): remove authenticator references from relations
...
Remove dropped authenticator table references from drizzle relations
to prevent drizzle-kit from attempting to recreate the table.
2026-04-06 23:16:34 -04:00
15be2399c6
refactor: migrate session usage to better-auth API
2026-04-06 22:41:57 -04:00
d7d52ef1a8
refactor: migrate auth pages to better-auth client
2026-04-06 22:41:37 -04:00
490c601dc1
refactor: remove next-auth SessionProvider wrapper
2026-04-06 22:41:25 -04:00
08a894577b
refactor: replace next-auth with better-auth core and client
2026-04-06 22:41:11 -04:00
febc57b240
refactor: update DB schema for better-auth conventions
2026-04-06 22:41:00 -04:00
3ab77cc21f
refactor: update env vars for better-auth
2026-04-06 22:40:41 -04:00
8a500f07de
refactor: replace next-auth with better-auth dependency
2026-04-06 22:40:27 -04:00
d8875e587e
feat: add PostgreSQL dev container compose file
2026-04-06 22:40:15 -04:00
47251dad3f
chore: add debug.log to .gitignore
2026-04-06 22:40:01 -04:00
35a7f0a7c2
ai skills
...
Signed-off-by: Dmytro Stanchiev <git@dmytros.dev >
2026-04-06 20:48:30 -04:00
f70a416fea
devenv update
...
Signed-off-by: Dmytro Stanchiev <git@dmytros.dev >
2026-04-06 20:48:24 -04:00
206f028fdf
init ruler
...
Signed-off-by: Dmytro Stanchiev <git@dmytros.dev >
2026-04-06 20:48:07 -04:00
4db02f47bf
Merge branch 'main' of git.cloud.dmytros.dev:old4ever/local-cal
2026-04-06 20:40:10 -04:00
10ad239259
build: update bun lockfile version
2025-12-12 09:31:20 -05:00
755076351b
security: bump nextjs version
2025-12-12 09:31:03 -05:00
28c982ee37
fix: docker build
2025-12-12 09:27:02 -05:00
d7dc911db4
Update next to fix react2shell CVE
...
Signed-off-by: Dmytro Stanchiev <git@dmytros.dev >
2025-12-06 09:34:25 -05:00
f20f3d66a1
Simplify dropdown menu labels in event card
...
Remove redundant "event" text from Edit and Delete menu items for cleaner UI
2025-08-22 13:38:57 -04:00
824768ce93
Add RRuleDisplay component and clean up unused imports
...
- Create new RRuleDisplay component for better recurrence rule formatting
- Replace Badge with RRuleDisplay in EventCard for improved UX
- Remove unused imports across multiple files (CalendarEvent, Badge, Card components)
- Remove unused catch parameter in ai-event route
2025-08-22 13:35:13 -04:00
eb73f9f929
Refactor event management into reusable components
...
- Extract EventCard, EventsList, and event dialog into separate components
- Add new AI toolbar and drag-drop container components
- Simplify main page.tsx by removing inline component definitions
- Improve code organization and maintainability
2025-08-22 12:33:07 -04:00
6ab2946e8a
refactor events list as shadcn cards
2025-08-20 14:12:32 -04:00
cde44ee2d7
fix grammar
2025-08-20 14:11:53 -04:00
655517a27c
animate button clicks for UX
2025-08-20 14:07:22 -04:00
9a836fc866
refactor ai event creation into a promise toast
2025-08-20 13:14:29 -04:00
275e83a6c0
replace alerts with toasts
2025-08-20 13:13:52 -04:00
d8d0039c44
install 'sonner' toask
2025-08-20 13:12:08 -04:00
6e6e9b0699
update logo font
2025-08-20 12:36:33 -04:00
044e4fbb07
remove shadow from the header
2025-08-20 12:36:22 -04:00
2d0da9dbeb
autoresize textfield with content & minor ui tweaks
2025-08-20 12:22:38 -04:00
d8e55e85a1
'fix' hydration error by rendering on the client
2025-08-20 11:27:11 -04:00
e0ff037c06
clear ai event prompt after generation
2025-08-20 11:14:24 -04:00
46a99775a0
add icon for 'system' theme
2025-08-20 11:04:25 -04:00
d50d77538b
change shadcn theme
2025-08-20 11:04:05 -04:00
308f5c8380
fix d&d cta position
2025-08-19 05:52:28 -04:00
112ab01445
moved sign-in component to a proper folder
2025-08-19 05:41:46 -04:00
6818046d58
adjust recurrence picker to not be a card
2025-08-19 05:41:28 -04:00
