- Atualiza hash hardcoded em 010_seed_super_admin.sql para hash válido
gerado com pepper=gohorse-pepper (o antigo hash estava inválido e causava
AUTH_INVALID_CREDENTIALS em qualquer reset do banco)
- Corrige valor de PASSWORD_PEPPER e CORS_ORIGINS no DEVOPS.md para
refletir os valores reais do Coolify DEV
- Adiciona seção de troubleshooting no DEVOPS.md com diagnóstico e fix
passo-a-passo para mismatch de pepper
- Adiciona seção "Known Gotchas" no AGENTS.md documentando:
* Regra do PASSWORD_PEPPER (deve ser gohorse-pepper em todos ambientes)
* Campo de login é email no DTO, não identifier
* Hashes bcrypt em SQL devem usar arquivo -f, nunca -c ($ é expandido)
* Credenciais de teste do ambiente DEV
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Backend:
- Fix migrations 037-041 to use UUID v7 (uuid_generate_v7)
- Fix CORS defaults to include localhost:8963
- Fix FRONTEND_URL default to localhost:8963
- Update superadmin password hash with pepper
- Add PASSWORD_PEPPER environment variable
Frontend:
- Replace mockJobs with real API calls in home page
- Replace mockNotifications with notificationsApi in context
- Replace mockApplications with applicationsApi in dashboard
- Fix register/user page to call real registerCandidate API
- Fix hardcoded values in backoffice and messages pages
Auth:
- Support both HTTPOnly cookie and Bearer token authentication
- Login returns token + sets HTTPOnly cookie
- Logout clears HTTPOnly cookie
- Token valid for 24h
Migrations:
- Fix 010_seed_super_admin.sql: only use columns from migration 001
- Add 021_create_uuid_v7_function.sql: PostgreSQL uuid_generate_v7() function
- Add 022_migrate_to_uuid_v7.sql: update notifications, tickets, job_payments to use v7
Seeder:
- Create seeder-api/src/utils/uuid.js with uuidv7() function
- Update notifications.js to use uuidv7() instead of randomUUID()
Docs:
- Update DATABASE.md with UUID v7 section and benefits
UUID v7 benefits:
- Time-ordered (sortable by creation time)
- Better index performance than v4
- RFC 9562 compliant
BREAKING CHANGE: Removed core_companies, core_users, core_user_roles tables
Migrations:
- Create 020_unify_schema.sql: adds tenant_id, email, name to users table
- Create user_roles table (replaces core_user_roles)
- Disable 009_create_core_tables.sql (renamed to .disabled)
- Update 010_seed_super_admin.sql to use unified tables
Backend Repositories:
- company_repository.go: use companies table with INT id
- user_repository.go: use users/user_roles with INT id conversion
Seeders:
- All seeders now use companies/users/user_roles tables
- Removed all core_* table insertions
- Query companies by slug to get SERIAL id
This eliminates the redundancy between core_* and legacy tables.
- Add JWT auth guard with Bearer token and cookie support
- Update .env.example files with PASSWORD_PEPPER documentation
- Update seeder to use PASSWORD_PEPPER for password hashing
- Update seeder README with hash verification examples
- Fix frontend auth and page components
- Update backend JWT service and seed migration
