| Age | Commit message (Collapse) | Author |
|---|
|
Admin users can now access the gaming UI (problem description, code
editor, submit button) even when a game has not started yet. Regular
users still see the waiting screen as before.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Fix golangci-lint revive warnings by removing package name prefixes:
- game.GameHubInterface → game.HubInterface
- game.GameDetail → game.Detail
- tournament.TournamentEntry → tournament.Entry
- tournament.TournamentMatch → tournament.Match
- tournament.TournamentBracket → tournament.Bracket
- tournament.TournamentEditData → tournament.EditData
Also fix gofmt alignment in api/convert.go and gosimple S1016 in
game/service.go.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Move transaction handling, rejudge workflow, tournament bracket creation,
and data repair logic from admin handler into game.Service and
tournament.Service, mirroring the earlier api package separation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Extract business logic from api/handler.go into dedicated service packages:
- session: context helpers (resolves admin → api import dependency)
- game: game state, code submission, ranking, watch logic
- tournament: bracket construction and seed ordering
- api/convert.go: domain → API type conversion functions
api/handler.go is now a thin adapter that delegates to services and
maps domain errors to HTTP status codes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Make watch, ranking, game list, and tournament endpoints accessible
without authentication. Unauthenticated users can browse games and
spectate from the index page, while play/submit/preview still require
login.
https://claude.ai/code/session_019j9tNcnLsLz15e1qtbmeqe
|
|
Allow users to view their own past submissions (code, size, status,
timestamp) for each game. Adds API endpoint, backend handler, SQL query,
and frontend page with expandable code display.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Use Go 1.22+ range-over-integer syntax, replace interface{} with any,
and remove redundant type parameters.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add ClientIPMiddleware to extract client IP into context.Context,
enabling structured log output with username, IP, and failure reason
for login attempts. Change failed login log level from Error to Warn
as authentication failures are expected events.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace hardcoded 6-person tournament with a generic single-elimination
bracket system backed by new DB tables (tournaments, tournament_entries,
tournament_matches). Includes admin CRUD, standard seeding algorithm,
bye handling, and a CSS Grid bracket renderer on the frontend.
Add comprehensive tests for backend API/admin handlers, seeding logic,
and frontend bracket component.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
account, and more handlers
Cover previously untested code: SessionCookieMiddleware, context helpers,
downloadFile, addAcceptHeader, doProcessTaskRunTestcase, updateSubmissionAndGameState,
PostLogout, GetGames, PostGamePlayCode, GetGameWatchRanking, GetGameWatchLatestStates.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add comprehensive tests for previously untested packages:
- admin: middleware auth checks, CRUD handlers for users/games/problems/testcases
- taskqueue: task creation, payload serialization, code hash calculation
- api: expose SetUserInContext helper for cross-package test support
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Cover previously untested logic: session ID generation/hashing,
password authentication, IP rate limiting, game state helpers,
handler endpoints, task enqueue/result processing, and config loading.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace concrete *db.Queries and *pgxpool.Pool dependencies with
db.Querier and db.TxManager interfaces across all handlers, game hub,
and auth. This enables unit testing with mocks.
- Enable sqlc emit_interface to generate Querier interface
- Add TxManager abstraction to encapsulate transactions
- Convert auth package-level functions to Authenticator struct
- Add TaskQueueInterface/TaskWorkerInterface for game.Hub
- Add initial unit tests for game logic and API handlers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
handling
- Wrap multi-step DB operations in transactions (signup, submit, game
edit, task result processing)
- Add game running checks to PostGamePlayCode and PostGamePlaySubmit
- Hide ranking code when game is not yet finished
- Replace silenced errors in processTaskResults with slog.Error logging
- Add pgxpool.Pool to Handler/Hub structs for transaction support
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace all usages of the standard log package with log/slog across
backend and swift worker. Configure Echo's request logger to emit
structured log attributes via slog instead of the default format.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Migrate from stateless JWT tokens to server-side session management
backed by PostgreSQL. Sessions are hashed with SHA-256 before storage,
cleaned up periodically, and invalidated on logout. This removes the
need for JWT_SECRET/COOKIE_SECRET environment variables and the
golang-jwt dependency.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Migrate hand-written OpenAPI YAML to TypeSpec (.tsp) source files.
TypeSpec compiles to OpenAPI 3.0 YAML, enabling type-safe API definitions.
- Add typespec/ directory with api-server and fortee definitions
- Integrate TypeSpec build into `just gen` and `just build` pipelines
- Update backend handler code to match new generated type names
(inlined error responses, separate GameType/ProblemLanguage enums)
- Regenerate frontend TypeScript types from new OpenAPI output
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Prevent XSS-based token theft by making the JWT inaccessible to
JavaScript. The backend now sets/clears the cookie via Set-Cookie
headers, and the frontend retrieves user info from /api/me instead
of decoding the JWT directly.
- Add JWTCookieMiddleware to parse cookie and inject claims into context
- Add /me and /logout endpoints to OpenAPI spec and handlers
- Update PostLogin to return user object + Set-Cookie header
- Replace Authorization header auth with cookie-based auth throughout
- Rewrite frontend auth to use /api/me instead of jwt-decode
- Remove jwt-decode dependency
- Configure CORS with credentials for local dev
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
