Commit: sprint001
Changes:
- Updated
models/user.js:- Renamed
passwordfield topassword_hash. - Added
deletedAtfield to support soft deletion. - Implemented password hashing using Sequelize hooks.
- Renamed
- Updated
AuthService.ts:- Changed
user.passwordtouser.password_hashfor database consistency. - Improved error logging to include
error.messagefor better debugging.
- Changed
- Updated
AuthController.ts:- Changed
user.passwordtouser.password_hash. - Integrated
AuthService.login()for consistent authentication handling. - Improved error handling with proper TypeScript typecasting.
- Changed
- Updated
AuthMiddleware.ts:- Improved JWT error handling (expired & invalid token detection).
- Ensured
JWT_SECRETis set, with a warning if missing. - Improved logging for authentication failures.
-Fixes:
- Removed unused
BeforeCreateandBeforeUpdateimports inUser.ts. - Fixed incorrect references to
password, replaced withpassword_hash. - Improved error handling in
AuthMiddleware.tsby properly typecastingerror. - Fixed authentication issues and database inconsistencies.
- Manually added
deletedAtcolumn in theUserstable to supportparanoid: truesoft deletes. - Updated
AuthMiddleware.tsto improve JWT handling and error logging. - Successfully tested and verified user login and token generation.
- Tested protected routes to ensure JWT-based authentication is working correctly.
Affected Files:
src/models/User.tssrc/services/AuthService.tssrc/controllers/AuthController.tssrc/middlewares/AuthMiddleware.tssrc/controllers/UserController.tssrc/routes/AuthRoutes.tssrc/routes/UserRoutes.tssrc/routes/WeComAuthRoutes.tssrc/services/UserService.ts
Related Issues:
- Aligning authentication with database schema changes.
- Ensuring authentication controller is correctly using updated service logic.
- Aligning model with database schema changes.
- Strengthening authentication middleware to improve security & debugging.
- Fixing TypeScript errors from
password→password_hashmigration. - Cleaning up unused imports in
User.ts. - Improving error handling in middleware.
Commit: sprint002-wecom
Changes:
-
Authentication Updates:
- Fixed authentication issues and database inconsistencies.
- Manually added
deletedAtcolumn in theUserstable to supportparanoid: truesoft deletes. - Updated
AuthMiddleware.tsto improve JWT handling and error logging. - Successfully tested and verified user login and token generation.
- Tested protected routes to ensure JWT-based authentication is working correctly.
-
WeCom Integration Updates:
- Updated
WeComAuthRoutes.ts:- Added
/wecom-callbackroute to support login via QR code. - Ensured correct JWT authentication flow after QR login.
- Enhanced error logging for easier debugging.
- Fixed import paths and improved security.
- Added
- Updated
WeComService.ts:- Improved access token management with automatic expiry handling.
- Ensured approval requests pull real approvers dynamically.
- Cleaned up status mapping for WeCom approval callbacks.
- Enhanced error logging for better debugging.
- Updated
wecom-integration/callbacks.ts:- Fixed incorrect import path for
ProcurementRequest. - Improved status handling with flexible mapping.
- Enhanced error logging for better debugging.
- Fixed incorrect import path for
- Updated
Affected Files:
src/models/User.tssrc/middlewares/AuthMiddleware.tssrc/controllers/AuthController.tssrc/services/AuthService.tssrc/routes/WeComAuthRoutes.tssrc/services/WeComService.tswecom-integration/callbacks.ts
Related Issues:
- Ensuring consistency between Sequelize ORM and PostgreSQL schema.
- Verified and tested authentication endpoints.
- Confirmed that protected routes enforce authentication.
- Ensuring secure WeCom authentication and account linking.
- Improving WeCom login flow with better validations.
- Ensuring WeCom approval callbacks correctly update the procurement system.
- Preventing errors from unrecognized approval status formats.
- Ensuring WeCom QR code login works correctly.
- Preventing login failures due to missing callback handling.