Conversation
…et password) - Add login, forgot-password, reset-password pages and auth form components - Add LogSender email adapter for dev (logs links to stdout instead of sending) - Refactor register/verify-email pages to use shared auth-card components - Add shadcn/ui primitives: alert, card, input, label, sonner - Wire backend main.go to use LogSender in development
… branch trigger - Update setup-go to 1.25 (matches go.mod toolchain) - Add pnpm-workspace.yaml at root (fixes pnpm install in CI) - Add typecheck script to frontend/package.json - Trigger CI on PRs/pushes to dev branch (new branching strategy)
…on forms - Add s.rl.Allow() call in RegisterService.Register() — the rate limiter port was wired but never invoked (audit finding #2) - Switch session cookie from SameSite=Lax to SameSite=Strict on login and logout handlers, aligning with Constitution principle V - Add aria-describedby + error message ids on all auth form fields (register, login, forgot-password, reset-password-confirm, resend-verification) — RGAA criterion 11.10, audit finding #3
- auth.md: mark Inscription Association scenario as deferred (Phase 2), split data model tables by phase, annotate register/association endpoint, fix SameSite value in Gherkin, add to Hors scope - plan.md: add Scope & Deferrals section documenting the association registration deferral and the SameSite=Strict decision - docs/audit/phase1-auth-audit-prompt.md: add Phase 1 audit prompt (source of truth for future re-audits)
- Update .specify/feature.json to point to specs/002-profiles - specs/002-profiles/: spec.md, plan.md, research.md, data-model.md, quickstart.md, contracts/openapi.profiles.yaml, contracts/ports.md - docs/specs/02-features/profile.md: rewrite with 6 arbitrated decisions (PII on members, status MLD values, 3-level visibility, age 18+, no AVIF V1, /api/v1 path convention) - docs/specs/04-data/mld.md: add members_only visibility value, annotate status and kind columns with Phase 2 migration notes - docs/audit/phase1-auth-report.md: add Phase 1 audit report - CLAUDE.md: agent context updated for 002-profiles
…r, new ports/adapters - Migration 0002: accounts perd les PII, gagne kind/deleted_at; status renommé verified→active, disabled→suspended; nouvelles tables members/associations/memberships - domain/account: suppression PII (FirstName/LastName/DateOfBirth), ajout Kind, StatusActive/StatusSuspended; New() passe à 3 args - domain/member, domain/association: nouveaux domaines avec validation métier - ports: MemberRepository, AssociationRepository, MembershipRepository, FileStore - adapters/db: account_repository mis à jour, nouveaux member/association/membership repos - adapters/storage: LocalFileStore pour avatars - sqlc regénéré pour couvrir les nouvelles tables - Tous les tests auth adaptés (suppression PII, nouvelle signature account.New) - register.go supprimé (remplacé par register_member dans US1)
…mailCanonical, tasks T001-T024 marked done
docs(docs): finalize certification dossier
fix(auth): restore register choice page and routing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merge all successful websocket and auth fixes from dev to main