| Age | Commit message (Collapse) | Author |
|---|
|
終了したゲームを一括で multiplayer に変更し、main player を
全削除して再スタートするための管理画面を /admin/restart に追加。
観戦者参加時のカンニング防止が目的。
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
|
Previously GetWatchLatestStates returned ErrForbidden for participants
regardless of game state. Now checks whether the game has finished and
permits access once complete. Also fixes config test env var cleanup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
|
In later rounds, a nil player means the opponent is TBD (e.g., waiting
for a semifinal winner), not a BYE. Previously these were incorrectly
marked as BYE wins.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
|
プレイ画面の提出結果一覧が際限なく増えるのを防ぐため、
GetSubmissionsByGameIDAndUserID クエリに LIMIT 50 を追加。
https://claude.ai/code/session_015rm8yZD4va9hRH429u9N6q
|
|
DB stores stdin/code with CRLF intact, but workers expect LF. Add
normalizeCRLF helper and apply it to code and stdin in EnqueueTestTasks.
Refactor normalizeTestcaseResultOutput to reuse the same helper.
|
|
Admin games list page already shows all games including non-public
ones, but play/watch links were hidden behind an IsPublic check.
Since this is an admin-only page, always show the links.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Admin users can now access the gaming UI (problem description, code
editor, submit button) even when a game has not started yet. Regular
users still see the waiting screen as before.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Submissions list and detail pages now display the username alongside the
user ID instead of showing only a numeric ID. The problems list page now
includes a direct link to each problem's testcases for easier navigation.
https://claude.ai/code/session_01JF5ZmGAQ4zNbhV5DM729Fw
|
|
Fix golangci-lint revive warnings by removing package name prefixes:
- game.GameHubInterface → game.HubInterface
- game.GameDetail → game.Detail
- tournament.TournamentEntry → tournament.Entry
- tournament.TournamentMatch → tournament.Match
- tournament.TournamentBracket → tournament.Bracket
- tournament.TournamentEditData → tournament.EditData
Also fix gofmt alignment in api/convert.go and gosimple S1016 in
game/service.go.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Move transaction handling, rejudge workflow, tournament bracket creation,
and data repair logic from admin handler into game.Service and
tournament.Service, mirroring the earlier api package separation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Extract business logic from api/handler.go into dedicated service packages:
- session: context helpers (resolves admin → api import dependency)
- game: game state, code submission, ranking, watch logic
- tournament: bracket construction and seed ordering
- api/convert.go: domain → API type conversion functions
api/handler.go is now a thin adapter that delegates to services and
maps domain errors to HTTP status codes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Move regexp.MustCompile out of CalcCodeSize to avoid recompiling
on every call.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
https://claude.ai/code/session_019j9tNcnLsLz15e1qtbmeqe
|
|
Make watch, ranking, game list, and tournament endpoints accessible
without authentication. Unauthenticated users can browse games and
spectate from the index page, while play/submit/preview still require
login.
https://claude.ai/code/session_019j9tNcnLsLz15e1qtbmeqe
|
|
Allow users to view their own past submissions (code, size, status,
timestamp) for each game. Adds API endpoint, backend handler, SQL query,
and frontend page with expandable code display.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Use Go 1.22+ range-over-integer syntax, replace interface{} with any,
and remove redundant type parameters.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Mount asynqmon HTTP handler under admin/queue with existing session
cookie and admin middleware authentication.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add ClientIPMiddleware to extract client IP into context.Context,
enabling structured log output with username, IP, and failure reason
for login attempts. Change failed login log level from Error to Warn
as authentication failures are expected events.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Extract common rejudge logic into a helper method and add two new
endpoints: rejudge-latest (per-user latest only) and rejudge-all.
This allows re-running submissions in bulk after testcase changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Allow administrators to re-execute test cases for a specific submission
from the submission detail page. This is useful after testcase fixes or
worker issues.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace hardcoded 6-person tournament with a generic single-elimination
bracket system backed by new DB tables (tournaments, tournament_entries,
tournament_matches). Includes admin CRUD, standard seeding algorithm,
bye handling, and a CSS Grid bracket renderer on the frontend.
Add comprehensive tests for backend API/admin handlers, seeding logic,
and frontend bracket component.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace all remaining references to the forked event name:
- Base path: /iosdc-japan/2025/code-battle/ → /phperkaigi/2026/code-battle/
- Display text and HTML titles
- CSS utility class: bg-iosdc-japan → bg-phperkaigi
- GitHub Actions submodule path: albatross-swift-2025 → albatross-php-2026
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
account, and more handlers
Cover previously untested code: SessionCookieMiddleware, context helpers,
downloadFile, addAcceptHeader, doProcessTaskRunTestcase, updateSubmissionAndGameState,
PostLogout, GetGames, PostGamePlayCode, GetGameWatchRanking, GetGameWatchLatestStates.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add comprehensive tests for previously untested packages:
- admin: middleware auth checks, CRUD handlers for users/games/problems/testcases
- taskqueue: task creation, payload serialization, code hash calculation
- api: expose SetUserInContext helper for cross-package test support
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Cover previously untested logic: session ID generation/hashing,
password authentication, IP rate limiting, game state helpers,
handler endpoints, task enqueue/result processing, and config loading.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace concrete *db.Queries and *pgxpool.Pool dependencies with
db.Querier and db.TxManager interfaces across all handlers, game hub,
and auth. This enables unit testing with mocks.
- Enable sqlc emit_interface to generate Querier interface
- Add TxManager abstraction to encapsulate transactions
- Convert auth package-level functions to Authenticator struct
- Add TaskQueueInterface/TaskWorkerInterface for game.Hub
- Add initial unit tests for game logic and API handlers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
auth/auth.go: return error instead of panicking on data inconsistency.
game/hub.go: log unexpected task result types instead of panicking.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
handling
- Wrap multi-step DB operations in transactions (signup, submit, game
edit, task result processing)
- Add game running checks to PostGamePlayCode and PostGamePlaySubmit
- Hide ranking code when game is not yet finished
- Replace silenced errors in processTaskResults with slog.Error logging
- Add pgxpool.Pool to Handler/Hub structs for transaction support
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace all usages of the standard log package with log/slog across
backend and swift worker. Configure Echo's request logger to emit
structured log attributes via slog instead of the default format.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Migrate from stateless JWT tokens to server-side session management
backed by PostgreSQL. Sessions are hashed with SHA-256 before storage,
cleaned up periodically, and invalidated on logout. This removes the
need for JWT_SECRET/COOKIE_SECRET environment variables and the
golang-jwt dependency.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add CI workflow running build/lint checks for all components:
- backend: Go build + golangci-lint
- worker/swift: Go build + golangci-lint
- frontend: Biome + TypeScript + ESLint
- worker/php: Biome
Add `ci` recipes to each justfile so GHA uses `just ci` uniformly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Migrate hand-written OpenAPI YAML to TypeSpec (.tsp) source files.
TypeSpec compiles to OpenAPI 3.0 YAML, enabling type-safe API definitions.
- Add typespec/ directory with api-server and fortee definitions
- Integrate TypeSpec build into `just gen` and `just build` pipelines
- Update backend handler code to match new generated type names
(inlined error responses, separate GameType/ProblemLanguage enums)
- Regenerate frontend TypeScript types from new OpenAPI output
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Prevent XSS-based token theft by making the JWT inaccessible to
JavaScript. The backend now sets/clears the cookie via Set-Cookie
headers, and the frontend retrieves user info from /api/me instead
of decoding the JWT directly.
- Add JWTCookieMiddleware to parse cookie and inject claims into context
- Add /me and /logout endpoints to OpenAPI spec and handlers
- Update PostLogin to return user object + Set-Cookie header
- Replace Authorization header auth with cookie-based auth throughout
- Rewrite frontend auth to use /api/me instead of jwt-decode
- Remove jwt-decode dependency
- Configure CORS with credentials for local dev
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Prevent brute-force attacks by limiting POST /login to 5 requests per
minute per IP address using golang.org/x/time/rate. Unused entries are
cleaned up after 10 minutes of inactivity.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
