Skip to content

feat(phase3): Clerk auth + superadmin + email + polish#16

Merged
parva3105 merged 3 commits intomasterfrom
revamp/phase-3
Mar 21, 2026
Merged

feat(phase3): Clerk auth + superadmin + email + polish#16
parva3105 merged 3 commits intomasterfrom
revamp/phase-3

Conversation

@parva3105
Copy link
Copy Markdown
Owner

@parva3105 parva3105 commented Mar 21, 2026

Summary

  • Real Clerk auth wired to all 15 API routes — replaced hardcoded test IDs with requireAgencyAuth() / requireCreatorAuth() / requireBrandAuth() helpers from lib/auth.ts. lib/auth-helpers.ts deleted.
  • Superadmin role: 4th Clerk role that bypasses all routing, with a persistent perspective switcher in the header (agency / creator / brand manager). Renders null for real users — completely invisible.
  • Auth pages: /login, /signup (role picker), role-specific signup flows, /signup/complete JWT reload
  • Email: 11 React Email templates + Trigger.dev send-email job + hourly deadline-reminder cron. Email triggers wired fire-and-forget to 10 API events.
  • Upload rate limiting: Upstash slidingWindow(5, '1m') on POST /api/v1/deals/[id]/submissions
  • Polish: Empty states on all 5 agency list pages; loading.tsx + error.tsx on all 3 authenticated route groups; Skeleton component added
  • Smoke tests: 3 Playwright API-layer tests covering deal lifecycle endpoint shape, brief submission shape, and public route availability
  • CI/CD: Clerk env vars restored to ci.yml + prod.yml quality job

Manual steps required before merging

  • Clerk dashboard — Configure session token claim: Settings → Sessions → Customize session token → add { "metadata": "{{user.public_metadata}}" }. Without this, all users loop to /signup/complete forever.
  • GitHub secrets — Add these in repo Settings → Secrets and variables → Actions:
    • NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
    • CLERK_SECRET_KEY
    • RESEND_API_KEY
    • TRIGGER_SECRET_KEY
    • UPSTASH_REDIS_REST_URL
    • UPSTASH_REDIS_REST_TOKEN
  • Superadmin account — Set publicMetadata.role = "superadmin" on your Clerk account via the Clerk dashboard Users page for dev/QA access.

Test plan

  • npm run typecheck passes (0 errors)
  • npm run lint passes (0 errors)
  • npm run test passes (119/119)
  • npm run build succeeds
  • Sign up as agency → routed to /dashboard
  • Sign up as creator → routed to /creator/deals
  • Sign up as brand manager → routed to /brand/briefs/new
  • Superadmin account sees yellow-dashed perspective switcher in header
  • Switching perspective navigates to correct portal
  • Wrong-role route access → redirected to role home (not 404)
  • Empty state renders on pages with no data
  • Loading skeleton renders during navigation

🤖 Generated with Claude Code

@parva3105 @claude
feat(phase3): Clerk auth, superadmin perspective switcher, email jobs…
97ae359 
…, polish, smoke tests

- Real Clerk auth wired to all API routes via requireAgencyAuth/requireCreatorAuth/requireBrandAuth
- lib/auth-helpers.ts deleted; lib/auth.ts is now canonical with superadmin passthrough
- proxy.ts: superadmin role bypasses all role-based routing
- Superadmin perspective switcher: cookie-based, visible only to superadmin users, invisible to real users
- Auth pages: /login, /signup (role picker), /signup/{agency,creator,brand}, /signup/complete
- ClerkProvider added to app/layout.tsx; lib/role-context.tsx deleted
- Email: 11 React Email templates (3 existing + 8 new) + Trigger.dev send-email job + hourly deadline cron
- Email triggers wired fire-and-forget to 10 API events
- Upload rate limiting: Upstash slidingWindow on POST /api/v1/deals/[id]/submissions
- Polish: empty states on 5 agency list pages; loading.tsx + error.tsx on all 3 route groups
- 3 Playwright smoke tests + auth helper for superadmin perspective cookie
- CI/CD: Clerk env vars restored to ci.yml + prod.yml quality job

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@vercel
Copy link
Copy Markdown

vercel bot commented Mar 21, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
project-alpha Ready Ready Preview, Comment Mar 21, 2026 7:26am

@parva3105 @claude
fix: add /api/v1/creators to public routes + fix discover page data s…
4378cd7 
…hape

- proxy.ts: /api/v1/creators(.*) was missing from isPublicRoute, causing
  server-side fetch in DiscoverPage to receive a redirect HTML response
  instead of JSON (500 on /discover)
- discover/page.tsx: API returns { data: { creators, pagination } } not
  { data: [...] } — destructure correctly as data?.creators ?? []

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@parva3105 @claude
fix(ci): lazy-init Redis, Resend, and Ratelimit to prevent build-time…
8b6edf9 
… crashes

Redis.fromEnv() and new Resend() throw at module load when env vars are
absent, crashing next build in CI before secrets are provisioned.
Replaced top-level singletons with lazy getter functions in:
- lib/rate-limit.ts: getAuthRateLimit() / getUploadRateLimit()
- jobs/send-email.ts: getResend() (internal)
Updated callers in set-role and submissions routes accordingly.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@parva3105 parva3105 merged commit 46f1ade into master Mar 21, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@parva3105