andrei/url_tracker_tool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(phase-1): implement PostgreSQL + Prisma + Authentication system

Browse Source 
Core Features:
- Complete Prisma database schema with all entities (users, orgs, projects, checks, etc.)
- Production-grade authentication service with Argon2 password hashing
- JWT-based session management with HttpOnly cookies
- Comprehensive auth middleware with role-based access control
- RESTful auth API endpoints: register, login, logout, me, refresh
- Database seeding with demo data for development
- Rate limiting on auth endpoints (5 attempts/15min)

Technical Implementation:
- Type-safe authentication with Zod validation
- Proper error handling and logging throughout
- Secure password hashing with Argon2id
- JWT tokens with 7-day expiration
- Database transactions for atomic operations
- Comprehensive middleware for optional/required auth
- Role hierarchy system (MEMBER < ADMIN < OWNER)

Database Schema:
- Users with secure password storage
- Organizations with membership management
- Projects for organizing redirect checks
- Complete audit logging system
- API key management for programmatic access
- Bulk job tracking for future phases

Backward Compatibility:
- All existing endpoints preserved and functional
- No breaking changes to legacy API responses
- New auth system runs alongside existing functionality

Ready for Phase 2: Enhanced redirect tracking with database persistence
This commit is contained in:
Andrei
2025-08-18 07:25:45 +00:00
parent db9e3ef650
commit 459eda89fe
11 changed files with 1364 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/api/src/index.ts
View File

@@ -15,6 +15,7 @@ import rateLimit from 'express-rate-limit';
import path from 'path';
import { logger } from './lib/logger';
import { trackRedirects } from './services/redirect-legacy.service';
import authRoutes from './routes/auth.routes';
const app = express();
const PORT = process.env.PORT || 3333;
@@ -58,6 +59,13 @@ const apiLimiter = rateLimit({
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
});
// ============================================================================
// NEW V2 API ROUTES
// ============================================================================
// Authentication routes
app.use('/api/v1/auth', authRoutes);
// Health check endpoint
app.get('/health', (req, res) => {
res.json({