ChrisChen/ROLAC
1
0
Fork 0
Code Issues 66 Pull Requests Actions Packages Projects Releases Wiki Activity
31 Commits 2 Branches 0 Tags
0986233d9b147e93043d5823a19dfcc403f28f1a
Commit Graph

20 Commits

Author SHA1 Message Date
Chris Chen 0986233d9b feat: add MembersController (CRUD + paged list) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:03:23 -07:00
Chris Chen bfffdee2a8 feat: add MemberService with soft-delete and paged search 
Implements IMemberService with Create/Read/Update/soft-Delete operations,
NickName/zh-name search, status and hasUser filtering, and full xUnit coverage
(11 tests). Uses separate user-lookup query for InMemory DB compatibility; detaches
entity after soft-delete so query-filter assertions work correctly in tests.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 14:00:59 -07:00
Chris Chen 97743f6974 feat: add PagedResult, Member DTOs, and User DTOs 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 13:55:21 -07:00
Chris Chen 34344cbf83 feat: add Member/FamilyUnit DbSets, audit interceptor registration, EF migration 
Registers AuditSaveChangesInterceptor in DI and wires it into AppDbContext.
Adds Members and FamilyUnits DbSets with full column/index configuration and
applies the AddMemberAndFamilyUnit migration to the ChurchCRM database.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 13:52:58 -07:00
Chris Chen cd5413125d feat: add Member and FamilyUnit entities 2026-05-27 13:49:50 -07:00
Chris Chen 820ca6981c feat: add AuditSaveChangesInterceptor and failing interceptor tests 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 13:48:03 -07:00
Chris Chen f703519838 fix: use DateTimeOffset instead of DateTime in audit base classes 2026-05-27 13:46:31 -07:00
Chris Chen 5041873c2b feat: add AuditableEntity and SoftDeleteEntity base classes 2026-05-27 13:44:10 -07:00
Chris Chen 60405ef0aa WIP 2026-05-27 07:49:26 -07:00
Chris Chen 2aa095c158 Task 11: Smoke test fixes (all 5 scenarios pass) 
TokenService.GenerateRefreshToken():
  - Switched to URL-safe Base64 (RFC 4648 §5): +→-, /→_, no = padding.
  - Characters are unreserved per RFC 6265, so Response.Cookies.Append
    does NOT percent-encode the value.  Request.Cookies reads back exact value.

AuthController:
  - CookieOptions.Secure = !env.IsDevelopment()
    Plain HTTP in local dev works; HTTPS-only in staging/production.
  - Inject IWebHostEnvironment for environment-aware Secure flag.

TokenServiceTests:
  - Updated GenerateRefreshToken test: 86-char URL-safe Base64 instead
    of 64-byte standard Base64.  16/16 tests pass.

Smoke test results (http://localhost:5209):
  1. POST /api/auth/login       → 200 + rolac_rt cookie + JWT
  2. POST /api/auth/refresh     → 200 + new token (rotation)
  3. POST /api/auth/logout      → 204 + cookie cleared
  4. Refresh with revoked token → 401
  5. Wrong password             → 401

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 19:28:20 -07:00
Chris Chen ef0098d5cc Task 10: EF Core InitialAuth migration 
Applied against ChurchCRM database on 192.168.68.55:49154.
Creates Identity tables (AspNetUsers, AspNetRoles, AspNetUserRoles, etc.)
+ RefreshTokens table with unique index on TokenHash.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 19:13:30 -07:00
Chris Chen 8b86bd573e Tasks 7-9: AuthController, appsettings, Program.cs 
Task 7 – AuthController (POST /api/auth/login|refresh|logout)
  - Refresh token in HttpOnly; Secure; SameSite=Strict cookie (rolac_rt)
  - Cookie Path scoped to /api/auth; cleared on logout/invalid refresh

Task 8 – appsettings.json (non-secret JWT values + CORS origins)
  - appsettings.Development.json carries connection string + JWT secret
    (file is gitignored)

Task 9 – Program.cs wiring
  - EF Core + Npgsql, ASP.NET Core Identity, JWT Bearer auth
  - RoleClaimType=role matches the short JWT claim name written by TokenService
  - CORS: AllowCredentials for Angular app
  - Swagger UI with Bearer security definition
  - Startup: MigrateAsync + DbSeeder.SeedAsync (roles + dev admin)
  - DbSeeder: added SeedAsync(IServiceProvider) entry point

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 17:40:52 -07:00
Chris Chen 9db8b34181 Task 6: AuthService + 9 unit tests (16/16 pass) 
- IAuthService: LoginAsync / RefreshAsync / LogoutAsync
- AuthService: refresh-token rotation, hashed storage, LastLoginAt update
- AuthServiceTests: 5 login + 3 refresh + 1 logout tests via Moq + EF InMemory

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 17:38:56 -07:00
Chris Chen f74563bb36 Task 5: TokenService + unit tests (7/7 pass) 
- ITokenService: GenerateAccessToken / GenerateRefreshToken / HashToken
- TokenService: JWT (HS256, 15-min), 64-byte CSPRNG refresh, SHA-256 hex hash
  - Role claims use short JWT name role (v7.x JsonWebTokenHandler compatible)
- TokenServiceTests: 7 xUnit tests, payload decoded via Base64Url+System.Text.Json
  to avoid Microsoft.IdentityModel 7.1.2/7.5.2 version-mismatch issues

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 17:34:56 -07:00
Chris Chen b335867b30 feat: add LoginRequest and LoginResponse DTOs 2026-05-25 19:07:36 -07:00
Chris Chen a66a3f7cb0 feat: add AppDbContext (Identity + RefreshTokens) and DbSeeder (13 roles + dev admin) 2026-05-25 19:05:02 -07:00
Chris Chen 40d740d6e0 feat: add AppUser, AppRole, RefreshToken entities 2026-05-25 19:02:22 -07:00
Chris Chen 5a789fb0c2 chore: add Identity, EF Core PostgreSQL, JWT Bearer packages 2026-05-25 19:00:30 -07:00
Chris Chen 4da8806bfc Init API 2026-05-25 17:38:23 -07:00
Chris Chen 9b28fbcfb6 Initial commit: monorepo scaffold for ROLAC 
- Add .gitignore covering C#/.NET and Angular/Node
- Add placeholder structure for API (C#) and APP (Angular)
- Add project docs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-24 20:54:10 -07:00