simon/dudi - Forgejo: Beyond coding. We Forge.

simon/dudi

Fork 0

Commit graph

Author	SHA1	Message	Date
Simon Kühn	b537066a19	Fix registration: auto-login after signup, atomic token consumption Registration failed visibly because the controller returned successfully (user created, invite consumed) but the JS then called loadGoals() without an authenticated session — causing a 401 that surfaced as an error to the user. - Add Security::login() after user creation so the session is established immediately, matching the documented "registers + auto-logs in" behavior - Wrap user persist and invite consumption in a single DB transaction so the invite token can never be consumed if user creation fails - Add 12 integration tests covering auto-login, locale updates, logout, partial goal updates, invite isolation, and various edge cases (110 assertions total) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-01 09:58:21 +02:00
Simon Kühn	80e418f8b7	Add PHPUnit integration tests, remove legacy pre-Symfony files, fix password reset - Delete legacy root files (api.php, index.php, app.js, style.css, logo.png, include/) - Install symfony/test-pack, add 34 integration tests covering auth, goals, invites, register, password reset - Fix bug: users_resets.selector was varchar(20) but controller generates 24-char selectors; widen to varchar(64) - Remove doctrine dbname_suffix from test env (tests run against live DB, cleanup via tearDown) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 10:18:21 +02:00

Author

SHA1

Message

Date

Simon Kühn

b537066a19

Fix registration: auto-login after signup, atomic token consumption

Registration failed visibly because the controller returned successfully
(user created, invite consumed) but the JS then called loadGoals() without
an authenticated session — causing a 401 that surfaced as an error to the user.

- Add Security::login() after user creation so the session is established
  immediately, matching the documented "registers + auto-logs in" behavior
- Wrap user persist and invite consumption in a single DB transaction so
  the invite token can never be consumed if user creation fails
- Add 12 integration tests covering auto-login, locale updates, logout,
  partial goal updates, invite isolation, and various edge cases (110 assertions total)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-01 09:58:21 +02:00

Simon Kühn

80e418f8b7

Add PHPUnit integration tests, remove legacy pre-Symfony files, fix password reset

- Delete legacy root files (api.php, index.php, app.js, style.css, logo.png, include/)
- Install symfony/test-pack, add 34 integration tests covering auth, goals, invites, register, password reset
- Fix bug: users_resets.selector was varchar(20) but controller generates 24-char selectors; widen to varchar(64)
- Remove doctrine dbname_suffix from test env (tests run against live DB, cleanup via tearDown)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-30 10:18:21 +02:00

2 commits