admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78 Commits 1 Branch 0 Tags
cd2abdba7b373e86043ce8457dc342e465b83a9d
Commit Graph

12 Commits

Author SHA1 Message Date
Ho Ngoc Hai
23bb380d34 feat(auth): implement Google and Zalo OAuth backend strategies 
Add complete OAuth2 authentication flow for Google and Zalo providers:
- OAuthService: handles account linking (by email/phone), new user
  creation for OAuth-only accounts, and JWT token generation
- GoogleOAuthStrategy: passport-google-oauth20 integration
- ZaloOAuthStrategy: custom OAuth2 implementation using Zalo's API
  (authorization URL generation, code exchange, user info fetch)
- OAuthController: redirect and callback endpoints for both providers
  with httpOnly cookie-based token management
- Unit tests for OAuthService (7 tests), GoogleOAuthStrategy (4 tests),
  and ZaloOAuthStrategy (7 tests)
- OAuth env vars added to .env.example and env-validation warnings

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 14:14:02 +07:00
Ho Ngoc Hai
400a75845c feat(observability): integrate Sentry error tracking for API and Web apps 
- API: add @sentry/nestjs with instrument.ts, SentryModule, and SentryGlobalFilter
- Web: add @sentry/nextjs with client/server/edge configs, instrumentation hook
- Update next.config.js with withSentryConfig wrapper
- Replace TODO in error.tsx with Sentry.captureException
- Add SENTRY_DSN, SENTRY_AUTH_TOKEN, SENTRY_ORG, SENTRY_PROJECT to .env.example

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 13:44:57 +07:00
Ho Ngoc Hai
af71270a2e feat: upgrade major dependencies to latest versions 
- Prisma 6.19 → 7.7 (driver adapter pattern, prisma.config.ts)
- TypeScript 5.9 → 6.0 (ignoreDeprecations, CSS type declarations)
- Vitest 3.2 → 4.1
- Pino 9.14 → 10.3
- @types/node 22.x → 25.x

All 307 tests pass, typecheck clean, build succeeds.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 13:15:36 +07:00
Ho Ngoc Hai
e5f370ced1 feat(security): add CSRF double-submit cookie protection 
Add CSRF middleware with double-submit cookie pattern for all
state-changing requests. Integrate cookie-parser, update CORS
headers, and add client-side CSRF token handling.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 05:03:24 +07:00
Ho Ngoc Hai
8e7672694b feat(api): add OpenAPI/Swagger documentation for all API endpoints 
Install @nestjs/swagger, configure Swagger UI at /api/docs with JWT bearer
auth, and add ApiTags/ApiOperation/ApiResponse/ApiProperty decorators to
all 8 controllers (50+ endpoints) and 31 DTOs across auth, listings,
search, payments, subscriptions, admin, notifications, and analytics modules.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 04:08:11 +07:00
Ho Ngoc Hai
fcdb3cac9c fix(media): replace hardcoded MinIO creds and raw fetch with S3 SDK 
- Remove `minioadmin` fallback credentials — app now throws on missing
  MINIO_ACCESS_KEY / MINIO_SECRET_KEY env vars
- Replace raw fetch() PUT/DELETE with @aws-sdk/client-s3 (PutObject,
  DeleteObject) using AWS Signature V4 auth
- Add OnModuleInit bucket existence check + auto-creation
- Use forcePathStyle for MinIO S3 compatibility

Closes TEC-1452

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 04:02:45 +07:00
Ho Ngoc Hai
cb00b12d7b feat(mcp): add MCP Server Integration — Property Search, Analytics, Valuation 
Implement 3 MCP servers in libs/mcp-servers/ using @modelcontextprotocol/sdk:

- Property Search: NL search via Typesense, property comparison, detail lookup
- Market Analytics: market reports, price trends, district comparison
- Valuation: AVM integration with Python AI service, feature extraction, batch valuation

Includes NestJS integration module with SSE transport for in-process hosting.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 03:22:27 +07:00
Ho Ngoc Hai
d99dfbafbc feat(monitoring): add Prometheus metrics endpoint and Grafana dashboards 
Add observability stack with @willsoto/nestjs-prometheus for /metrics endpoint,
Prometheus scraping config, and 4 auto-provisioned Grafana dashboards
(API overview, database, search, business metrics).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 03:08:54 +07:00
Ho Ngoc Hai
0b29fac35e feat(notifications): add multi-channel notification module with Email, FCM, templates, and event listeners 
- Domain: NotificationLog/NotificationPreference entities, repositories, channel value object
- Infrastructure: EmailService (nodemailer/SMTP), FcmService (firebase-admin), TemplateService (Handlebars)
- Application: SendNotification CQRS command, UserRegistered + AgentVerified event listeners
- Presentation: NotificationsController with history, preferences, and templates endpoints
- Prisma: NotificationLog and NotificationPreference models with proper indexes
- Templates: Vietnamese notification templates for user.registered, agent.verified, listing.approved, inquiry.received, password.reset

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 01:42:17 +07:00
Ho Ngoc Hai
391c040100 feat(auth): implement Auth module with register, login, JWT, guards, and CQRS 
- Add RefreshToken and OAuthAccount models to Prisma schema
- Implement clean architecture: domain (entities, VOs, events, repo interfaces),
  infrastructure (Prisma repos, Passport strategies, token service),
  application (CQRS command/query handlers), presentation (controller, guards, DTOs)
- Endpoints: POST /auth/register, /auth/login, /auth/refresh, GET /auth/profile,
  GET /auth/profile/agent, PATCH /auth/kyc
- JWT access + refresh token rotation with family-based revocation
- Role-based guards (BUYER, SELLER, AGENT, ADMIN)
- 16 unit tests (value objects, entity) + integration test suite
- All 80 tests passing, clean TypeScript build

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-08 00:24:42 +07:00
Ho Ngoc Hai
83d55de65b feat: add ESLint flat config, Prettier, dependency-cruiser, and Husky 
Setup code quality tooling for the monorepo:
- ESLint 9 flat config with TypeScript, import ordering, and NestJS rules
- Prettier with consistent formatting across all files
- dependency-cruiser enforcing module boundary rules (no cross-module internals, no circular deps)
- Husky + lint-staged for pre-commit hooks
- Auto-fixed existing files for type imports and import ordering

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-07 23:57:28 +07:00
Ho Ngoc Hai
e1e5fa6252 feat: scaffold monorepo with Turborepo + NestJS + Next.js 
- Turborepo monorepo with pnpm workspaces
- apps/api: NestJS 11.x with CQRS module
- apps/web: Next.js 14 App Router + TailwindCSS
- src/modules/shared: base entities, Result pattern, value objects
- TypeScript 5.7+ strict mode, shared tsconfig base
- Build pipeline: dev, build, lint, test, typecheck

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-04-07 23:52:33 +07:00