jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ghostguild-org/server/api
History
Jennie Robinson Faber 51230e5151 refactor(launch): simplify launch-readiness fixes 
Follow-up to 208638e. Code review surfaced a few real issues; this
commit addresses them.

- login.post.js now uses the new sendMagicLink util instead of
  duplicating the jti/jwt/Resend/logActivity logic. Reduces 60 lines.
- sendMagicLink accepts an optional pre-loaded Member doc, skipping
  the redundant findOne when the caller already has one. customer.post.js
  passes the just-created/upgraded member, dropping signup from 3
  Mongo round-trips to 1 (lookup is gone; jti burn remains).
- sendMagicLink now lowercases the email defensively so callers don't
  have to remember.
- rateLimit.js: replaced an effectively-dead eviction line with a
  probabilistic sweep (~1% of calls scan and evict keys whose newest
  entry has aged out). Caps unbounded Map growth under random-key
  spraying.
- reconcile-payments.post.js: 401/403/404 from Helcim now bails out
  immediately instead of burning all 3 retry attempts; dry-run
  summary filters via the same RECONCILABLE_STATUSES set as apply
  mode so counts match.
- Deleted WHAT-comments and section banners per CLAUDE.md no-comment
  rule. Kept genuine WHY-comments (validateBeforeSave rationale,
  amount-IGNORED-for-tickets, sendConfirmation deliberately-omitted).

Tests: 758/760 passing (unchanged).
2026-04-25 19:34:16 +01:00
..
admin feat(emails): warmer copy across invite, welcome, and event emails 2026-04-20 13:48:38 +01:00
auth refactor(launch): simplify launch-readiness fixes 2026-04-25 19:34:16 +01:00
board refactor(board): atomic delete + query limit + composable cleanup 2026-04-15 12:47:53 +01:00
dev feat(server): rename contributionTier → contributionAmount in routes + utils 2026-04-19 18:44:29 +01:00
events feat(launch): security and correctness fixes for 2026-05-01 launch 2026-04-25 18:42:36 +01:00
helcim refactor(launch): simplify launch-readiness fixes 2026-04-25 19:34:16 +01:00
internal refactor(launch): simplify launch-readiness fixes 2026-04-25 19:34:16 +01:00
invite feat(signup): unify cadence UX across accept-invite, join, and account 2026-04-20 12:34:59 +01:00
members feat(launch): security and correctness fixes for 2026-05-01 launch 2026-04-25 18:42:36 +01:00
onboarding feat(member): account/profile polish + tier upgrade flow 2026-04-14 20:35:37 +01:00
series feat(launch): security and correctness fixes for 2026-05-01 launch 2026-04-25 18:42:36 +01:00
site-content New SiteContent. 2026-04-16 21:11:14 +01:00
tags feat: add Tags API endpoints and validation schemas 2026-04-05 16:15:29 +01:00
upload Add Zod validation, fix mass assignment, remove test endpoints and dead code 2026-03-01 14:02:46 +00:00
wiki fix: rename hasEngagedEcology → hasEngagedBoard in onboarding status, clean up stale ecology references 2026-04-14 12:25:24 +01:00
health.get.js feat: add /api/health endpoint for uptime monitoring 2026-04-04 12:35:26 +01:00