rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
1015 commits 2 branches 0 tags 140 MiB
Commit graph

6 commits

Author SHA1 Message Date
Tiago Yamamoto
fd9af24e22 docs: update documentation with new features and security analysis 
- Add BACKEND_SECURITY.md with security analysis and hardening guide
- Add FRONTEND_TESTING_STRATEGY.md with test coverage strategy
- Update API.md with new endpoints (candidates, tickets, credentials)
- Update AGENTS.md documentation index
 2026-02-25 05:51:06 -06:00
Tiago Yamamoto
028d26d2e6 docs: overhaul global documentation with diagrams, test scenarios, and agent directives 2026-02-23 21:16:04 -06:00
Tiago Yamamoto
89358acc13 refactor(auth): remove hash hardcoded da migration, seeder gera em runtime 
Antes: 010_seed_super_admin.sql tinha hash bcrypt fixo amarrado a um pepper
específico. Qualquer mudança no PASSWORD_PEPPER quebrava todos os logins
silenciosamente após reset do banco.

Agora:
- migration 010: insere superadmin com placeholder inválido + force_change_password.
  ON CONFLICT DO NOTHING preserva o hash se o seeder já rodou.
- seeder users.js: faz upsert de 'lol' com bcrypt(senha + env.PASSWORD_PEPPER)
  em runtime. Mudar o pepper e re-rodar o seeder é suficiente para atualizar
  as credenciais sem tocar em nenhuma migration.
- docs/AGENTS.md: atualiza gotcha #1 explicando o novo fluxo migrate → seed
- docs/DEVOPS.md: fix opção 1 do troubleshooting inclui re-deploy do seeder

Fluxo correto após reset do banco (coberto pelo start.sh opções 2, 6, 8):
  npm run migrate  →  superadmin criado, hash = placeholder
  npm run seed     →  hash recalculado com PEPPER do ambiente, status = active

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-22 12:05:54 -06:00
Tiago Yamamoto
fcf960381c fix(auth): corrige hash seed e documenta alinhamento do PASSWORD_PEPPER 
- Atualiza hash hardcoded em 010_seed_super_admin.sql para hash válido
  gerado com pepper=gohorse-pepper (o antigo hash estava inválido e causava
  AUTH_INVALID_CREDENTIALS em qualquer reset do banco)
- Corrige valor de PASSWORD_PEPPER e CORS_ORIGINS no DEVOPS.md para
  refletir os valores reais do Coolify DEV
- Adiciona seção de troubleshooting no DEVOPS.md com diagnóstico e fix
  passo-a-passo para mismatch de pepper
- Adiciona seção "Known Gotchas" no AGENTS.md documentando:
  * Regra do PASSWORD_PEPPER (deve ser gohorse-pepper em todos ambientes)
  * Campo de login é email no DTO, não identifier
  * Hashes bcrypt em SQL devem usar arquivo -f, nunca -c ($ é expandido)
  * Credenciais de teste do ambiente DEV

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-22 11:43:35 -06:00
Tiago Yamamoto
9fd5cf5895 docs: update infra diagrams, add test users, fix Coolify URL 
- Add full infrastructure Mermaid diagrams (Redbull + Apolo + CI/CD flow)
- Create TEST_USERS.md with all seeder credentials organized by role
- Fix Coolify URL from IP to https://redbull.rede5.com.br
- Update Coolify resources with current domains and status
- Add TEST_USERS.md reference to AGENTS.md, README.md, and doc index
- Update deployment section with both DEV environments

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 06:22:56 -06:00
Tiago Yamamoto
6ec54460f8 docs: unify documentation structure 
- Create docs/AGENTS.md for AI assistants context
- Create docs/WORKFLOWS.md consolidating deployment workflows
- Remove redundant docs/root/ folder
- Remove .agent/ folder (consolidated into docs/)
- Update dates in all documentation files
- Simplify README.md documentation section
 2026-02-16 05:57:02 -06:00
Renamed from docs/root/CLAUDE.md (Browse further)