pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity

update beans and postgres mount path
All checks were successful
CI / backend-tests (push) Successful in 27s
Details
CI / frontend-tests (push) Successful in 29s
Details

Browse Source
This commit is contained in:
Julian Tabel
2026-03-21 12:51:35 +01:00
parent 7e7c5e7536
commit a12958ae32
6 changed files with 64 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.beans/nuzlocke-tracker-3mwb--fix-typescript-build-errors-in-runencounterstsx.md Normal file
View File

@@ -0,0 +1,13 @@
---
# nuzlocke-tracker-3mwb
title: Fix TypeScript build errors in RunEncounters.tsx
status: completed
type: bug
priority: normal
created_at: 2026-03-21T11:24:09Z
updated_at: 2026-03-21T11:25:37Z
---
Two TS errors blocking production build:\n1. Line 693: `(typeof bossResults)[number]` fails because bossResults is `BossResult[] | undefined`\n2. Line 1601: Parameter 'tm' implicitly has 'any' type
## Summary of Changes\n\nFixed two TypeScript errors in RunEncounters.tsx:\n1. Used explicit `BossResult` type instead of `(typeof bossResults)[number]`\n2. Added `BossResultTeamMember` type annotation to `tm` parameter\n\nPR: #71

13
.beans/nuzlocke-tracker-7y9z--fix-test-failures-from-admin-auth-changes.md Normal file
View File

@@ -0,0 +1,13 @@
---
# nuzlocke-tracker-7y9z
title: Fix test failures from admin auth changes
status: completed
type: bug
priority: normal
created_at: 2026-03-21T10:33:32Z
updated_at: 2026-03-21T10:39:18Z
---
After adding require_admin to admin endpoints, tests fail:\n1. test_pokemon.py: Write endpoints return 401 because tests use unauthenticated client instead of admin client\n2. test_runs.py: mock_auth_user has id='test-user-123' which is not a valid UUID, causing ValueError in UUID(user.id)\n\nFix: add admin_override fixture, admin_client fixture, use valid UUID for mock user, update test_pokemon.py to use admin_client for write ops.
## Summary of Changes\n\n- Added `admin_override` and `admin_client` fixtures to conftest.py that override both `require_admin` and `get_current_user`\n- Changed mock user ID from `test-user-123` to a valid UUID4\n- Updated test_pokemon.py, test_games.py, and test_genlocke_boss.py to use `admin_client` for admin-protected endpoints\n- All 252 tests pass

13
.beans/nuzlocke-tracker-elcn--add-supabase-auth-config-to-production-docker-setu.md Normal file
View File

@@ -0,0 +1,13 @@
---
# nuzlocke-tracker-elcn
title: Add Supabase auth config to production Docker setup
status: completed
type: task
priority: normal
created_at: 2026-03-21T11:07:01Z
updated_at: 2026-03-21T11:08:19Z
---
Update docker-compose.prod.yml and Dockerfile.prod to support Supabase Cloud auth in production.\n\n- [ ] Add SUPABASE_JWT_SECRET env var to backend in docker-compose.prod.yml\n- [ ] Add build args for VITE_SUPABASE_URL, VITE_SUPABASE_ANON_KEY, VITE_API_URL to frontend in docker-compose.prod.yml\n- [ ] Add ARG/ENV lines to Dockerfile.prod so Vite can pick up env vars at build time\n- [ ] Update .env.example with production notes
## Summary of Changes\n\nUpdated 3 files to support Supabase Cloud auth in production:\n- `docker-compose.prod.yml`: added SUPABASE_JWT_SECRET to backend, added build args to frontend\n- `frontend/Dockerfile.prod`: added ARG lines so Vite inlines Supabase config at build time\n- `.github/workflows/deploy.yml`: pass build args from secrets when building frontend image\n\nPR: #69

13
.beans/nuzlocke-tracker-liz1--fix-frontend-layout-tests-for-auth-aware-navigatio.md Normal file
View File

@@ -0,0 +1,13 @@
---
# nuzlocke-tracker-liz1
title: Fix frontend Layout tests for auth-aware navigation
status: completed
type: bug
priority: normal
created_at: 2026-03-21T10:41:51Z
updated_at: 2026-03-21T10:42:30Z
---
Layout.test.tsx fails because nav links are now auth-dependent. Tests expect logged-in admin links but render with no user. Fix by mocking useAuth.
## Summary of Changes\n\nMocked `useAuth` in Layout.test.tsx instead of using real AuthProvider. Added separate test groups for logged-out and logged-in-as-admin states, verifying correct nav links appear in each. All 118 frontend tests pass.

11
.beans/nuzlocke-tracker-t9aj--migrate-jwt-verification-from-hs256-shared-secret.md Normal file
View File

@@ -0,0 +1,11 @@
---
# nuzlocke-tracker-t9aj
title: Migrate JWT verification from HS256 shared secret to asymmetric keys (JWKS)
status: todo
type: task
priority: low
created_at: 2026-03-21T11:14:29Z
updated_at: 2026-03-21T11:14:29Z
---
The backend currently verifies Supabase JWTs using an HS256 shared secret (`SUPABASE_JWT_SECRET`). Supabase recommends migrating to asymmetric keys (RS256) for better security.\n\nInstead of storing a shared secret, the backend would fetch public keys from Supabase's JWKS endpoint (`https://<project>.supabase.co/.well-known/jwks.json`) and verify tokens against those.\n\n## Changes needed\n\n- [ ] Update `backend/src/app/core/auth.py` to fetch and cache JWKS public keys\n- [ ] Change `jwt.decode` from `HS256` to `RS256` with the fetched public key\n- [ ] Remove `SUPABASE_JWT_SECRET` from config, docker-compose, deploy workflow, and .env files\n- [ ] Update tests\n\n## References\n\n- https://supabase.com/docs/guides/auth/signing-keys\n- https://supabase.com/docs/guides/auth/jwts

2
docker-compose.prod.yml
View File

@@ -34,7 +34,7 @@ services:
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=nuzlocke
volumes:
- ./data/postgres:/var/lib/postgresql/data
- ./data/postgres:/var/lib/postgresql
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]
interval: 5s