| Age | Commit message (Collapse) | Author |
|---|
|
Move regexp.MustCompile out of CalcCodeSize to avoid recompiling
on every call.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
https://claude.ai/code/session_019j9tNcnLsLz15e1qtbmeqe
|
|
Make watch, ranking, game list, and tournament endpoints accessible
without authentication. Unauthenticated users can browse games and
spectate from the index page, while play/submit/preview still require
login.
https://claude.ai/code/session_019j9tNcnLsLz15e1qtbmeqe
|
|
Allow users to view their own past submissions (code, size, status,
timestamp) for each game. Adds API endpoint, backend handler, SQL query,
and frontend page with expandable code display.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Use Go 1.22+ range-over-integer syntax, replace interface{} with any,
and remove redundant type parameters.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Mount asynqmon HTTP handler under admin/queue with existing session
cookie and admin middleware authentication.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add ClientIPMiddleware to extract client IP into context.Context,
enabling structured log output with username, IP, and failure reason
for login attempts. Change failed login log level from Error to Warn
as authentication failures are expected events.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Extract common rejudge logic into a helper method and add two new
endpoints: rejudge-latest (per-user latest only) and rejudge-all.
This allows re-running submissions in bulk after testcase changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Allow administrators to re-execute test cases for a specific submission
from the submission detail page. This is useful after testcase fixes or
worker issues.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace hardcoded 6-person tournament with a generic single-elimination
bracket system backed by new DB tables (tournaments, tournament_entries,
tournament_matches). Includes admin CRUD, standard seeding algorithm,
bye handling, and a CSS Grid bracket renderer on the frontend.
Add comprehensive tests for backend API/admin handlers, seeding logic,
and frontend bracket component.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace all remaining references to the forked event name:
- Base path: /iosdc-japan/2025/code-battle/ → /phperkaigi/2026/code-battle/
- Display text and HTML titles
- CSS utility class: bg-iosdc-japan → bg-phperkaigi
- GitHub Actions submodule path: albatross-swift-2025 → albatross-php-2026
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
account, and more handlers
Cover previously untested code: SessionCookieMiddleware, context helpers,
downloadFile, addAcceptHeader, doProcessTaskRunTestcase, updateSubmissionAndGameState,
PostLogout, GetGames, PostGamePlayCode, GetGameWatchRanking, GetGameWatchLatestStates.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add comprehensive tests for previously untested packages:
- admin: middleware auth checks, CRUD handlers for users/games/problems/testcases
- taskqueue: task creation, payload serialization, code hash calculation
- api: expose SetUserInContext helper for cross-package test support
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Cover previously untested logic: session ID generation/hashing,
password authentication, IP rate limiting, game state helpers,
handler endpoints, task enqueue/result processing, and config loading.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace concrete *db.Queries and *pgxpool.Pool dependencies with
db.Querier and db.TxManager interfaces across all handlers, game hub,
and auth. This enables unit testing with mocks.
- Enable sqlc emit_interface to generate Querier interface
- Add TxManager abstraction to encapsulate transactions
- Convert auth package-level functions to Authenticator struct
- Add TaskQueueInterface/TaskWorkerInterface for game.Hub
- Add initial unit tests for game logic and API handlers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
auth/auth.go: return error instead of panicking on data inconsistency.
game/hub.go: log unexpected task result types instead of panicking.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
handling
- Wrap multi-step DB operations in transactions (signup, submit, game
edit, task result processing)
- Add game running checks to PostGamePlayCode and PostGamePlaySubmit
- Hide ranking code when game is not yet finished
- Replace silenced errors in processTaskResults with slog.Error logging
- Add pgxpool.Pool to Handler/Hub structs for transaction support
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace all usages of the standard log package with log/slog across
backend and swift worker. Configure Echo's request logger to emit
structured log attributes via slog instead of the default format.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Migrate from stateless JWT tokens to server-side session management
backed by PostgreSQL. Sessions are hashed with SHA-256 before storage,
cleaned up periodically, and invalidated on logout. This removes the
need for JWT_SECRET/COOKIE_SECRET environment variables and the
golang-jwt dependency.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add CI workflow running build/lint checks for all components:
- backend: Go build + golangci-lint
- worker/swift: Go build + golangci-lint
- frontend: Biome + TypeScript + ESLint
- worker/php: Biome
Add `ci` recipes to each justfile so GHA uses `just ci` uniformly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Migrate hand-written OpenAPI YAML to TypeSpec (.tsp) source files.
TypeSpec compiles to OpenAPI 3.0 YAML, enabling type-safe API definitions.
- Add typespec/ directory with api-server and fortee definitions
- Integrate TypeSpec build into `just gen` and `just build` pipelines
- Update backend handler code to match new generated type names
(inlined error responses, separate GameType/ProblemLanguage enums)
- Regenerate frontend TypeScript types from new OpenAPI output
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Prevent XSS-based token theft by making the JWT inaccessible to
JavaScript. The backend now sets/clears the cookie via Set-Cookie
headers, and the frontend retrieves user info from /api/me instead
of decoding the JWT directly.
- Add JWTCookieMiddleware to parse cookie and inject claims into context
- Add /me and /logout endpoints to OpenAPI spec and handlers
- Update PostLogin to return user object + Set-Cookie header
- Replace Authorization header auth with cookie-based auth throughout
- Rewrite frontend auth to use /api/me instead of jwt-decode
- Remove jwt-decode dependency
- Configure CORS with credentials for local dev
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Prevent brute-force attacks by limiting POST /login to 5 requests per
minute per IP address using golang.org/x/time/rate. Unused entries are
cleaned up after 10 minutes of inactivity.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
