- Add docker-compose.test.yml with isolated PostgreSQL on port 5433
- Add environment variable support for database connection config
- Add test setup utilities and initial user hydrator tests
- Add test and test:watch scripts to package.json
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use AsyncLocalStorage to provide request context so services can access
the current user without needing Call passed through every function.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds /login route with HTML template that handles GET (show form) and
POST (authenticate). On successful login, sets session cookie and
redirects to /. Also adds framework support for redirects and cookies
in route handlers.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Wraps SessionData and user into a Session class that handlers can use
via call.session.getUser() instead of accessing services directly.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- AuthService.validateRequest now returns AuthResult with both user and session
- Call type includes session: SessionData | null
- Handlers can access session metadata (createdAt, authMethod, etc.)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add database.ts with connection pool, Kysely query builder, and migration runner
- Create migrations for users and sessions tables (0001, 0002)
- Implement PostgresAuthStore to replace InMemoryAuthStore
- Wire up database service in services/index.ts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Don't export authRoutes from barrel file to break the cycle:
services.ts → auth/index.ts → auth/routes.ts → services.ts
Import authRoutes directly from ./auth/routes instead.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Foundation for authentication/authorization with:
- Stable UUID id for database keys, email as human identifier
- Account status (active/suspended/pending)
- Role-based auth with role-to-permission mappings
- Direct permissions in resource:action format
- Methods: hasRole(), hasPermission(), can(), effectivePermissions()
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
New Go program (logger/) that:
- Accepts POSTed JSON log messages via POST /log
- Stores last N messages in a ring buffer (default 1M)
- Retrieves logs via GET /logs with limit/before/after filters
- Shows status via GET /status
Also updates express/logging.ts to POST messages to the logger service.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The master process will continue to start at port 3000. In practice, this
ought to make conflicts between master-superviced processes and ones run by
hand less of an issue.
