- Enhanced UnifiedExceptionFilter to handle ZodValidationException, extracting field errors for better user feedback.
- Updated WhmcsRequestQueueService and WhmcsHttpClientService to use logger.warn for non-critical errors, improving log clarity.
- Introduced Redis-backed caching in JapanPostFacade for postal code lookups, reducing redundant API calls.
- Refactored address handling in AddressWriterService to deduplicate concurrent Japan Post lookups, optimizing API usage.
- Improved error parsing in various forms and hooks to provide clearer error messages and field-specific feedback.
Cookie-based handoff pattern for existing users in the get-started
flow. After OTP verification detects portal_exists, BFF sets a
short-lived HttpOnly cookie and redirects to the login page, which
shows a password-only form (no second OTP).
Replace loose z.string() fields in supportCaseSchema and supportCaseFilterSchema
with the already-defined enum schemas (status, priority, category). Add JSDoc
to intentional escape hatches in customer contract interfaces. Fix portal
type assertions for the stricter filter types.
Replace fragile .env backup/restore with Vault-based secret injection.
Secrets are preloaded via --import hook before NestJS modules evaluate,
with a 30s refresh loop and event-driven cache invalidation for services
that read secrets at init (JWT, CSRF, WHMCS).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Comprehensive refactoring across 70 files (net -298 lines) improving
type safety, error handling, and code organization:
- Replace .passthrough()/.catchall(z.unknown()) with .strip() in all Zod schemas
- Tighten Record<string, unknown> to bounded union types where possible
- Replace throw new Error with domain-specific exceptions (OrderException,
FulfillmentException, WhmcsOperationException, SalesforceOperationException, etc.)
- Split AuthTokenService (625 lines) into TokenGeneratorService and
TokenRefreshService with thin orchestrator
- Deduplicate FreebitClientService with shared makeRequest() method
- Add typed interfaces to WHMCS facade, order service, and fulfillment mapper
- Externalize hardcoded config values to ConfigService with env fallbacks
- Consolidate duplicate billing cycle enums into shared billingCycleSchema
- Standardize logger usage (nestjs-pino @Inject(Logger) everywhere)
- Move shared WHMCS number coercion helpers to whmcs-utils/schema.ts
- Enhance safeOperation with rethrow and fallbackMessage options for CRITICAL operations
- Migrate all 19 withErrorHandling calls across 5 services to safeOperation
- Remove safeAsync from error.util.ts
- Delete error-handler.util.ts (withErrorHandling, withErrorSuppression, withErrorLogging)
- Update barrel exports in core/utils/index.ts
- Rename getRequestFingerprint to getRateLimitFingerprint in rate-limit.util.ts
- Delete empty CoreConfigModule wrapper (importers use @nestjs/config directly)
- Replace inline admin role check in csrf.controller.ts with @UseGuards(AdminGuard)
- Move hashEmailForLogs() from support.logging.ts to core/logging/redaction.util.ts
- Fix SF Order locking by deferring Status change to final step
- executeSfActivatedUpdate now only sets Activation_Status__c
- executeSfRegistrationComplete sets Status: Processed atomically with WHMCS info
- Add WHMCS custom fields update step (whmcs_custom_fields)
- AddOrder API expects field IDs, UpdateClientProduct accepts field names
- New step updates SIM Number, Serial Number, EID after order acceptance
- Add Opportunity WH_Registeration__c field update
- Sets productselect={serviceId} for WHMCS linking
- Add SIM Inventory assignment fields
- Assigned_Account__c, Assigned_Order__c, SIM_Type__c now populated
- Remove PA05-18 Semi-Black SIM registration (only Black SIMs used)
- Changed to direct PA02-01 call with createType=new
- Fix me-status to check for Status: Processed instead of Activated
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
BFF fixes:
- Fix pino-http type import by using Params from nestjs-pino
- Use Prisma-generated AuditAction enum instead of local duplicate
- Add null check for sfAccountId in mapping mapper
Portal mobile UX improvements:
- DataTable: Add responsive card view for mobile with stacked layout
- Header: Increase touch targets to 44px minimum, better spacing
- PageLayout: Optimize padding and make breadcrumbs scrollable
- PublicShell: Add iOS safe area support, slide animation, language
switcher and sign-in button visible in mobile header
Also removes "Trusted by Leading Companies" section from AboutUsView.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Simplified conditional rendering in OrderSummary, ProductCard, InstallationOptions, InternetOfferingCard, DeviceCompatibility, SimPlansContent, and other components by removing unnecessary parentheses.
- Enhanced clarity in the use of ternary operators for better maintainability.
- Updated documentation to reflect changes in development setup for skipping OTP verification during login.
- Removed outdated orchestrator refactoring plan document.
- Added new environment variable for skipping OTP verification in development.
- Minor adjustments in domain contracts and mappers for consistency in conditional checks.
- Extracted case detail logic into a custom hook `useCaseDetailState` for better separation of concerns.
- Created sub-components: `CaseNotFoundView`, `CaseHeaderCard`, `CaseMetaInfoRow`, `CaseConversationSection`, `ReplyForm`, and `ClosedCaseNotice` to enhance readability and maintainability.
- Updated message bubble rendering to use `MessageBubbleHeader` and `MessageBubbleStatus` for clearer status indication.
- Improved loading and error handling in `ResidenceCardVerificationSettingsView` by creating dedicated content components for different states.
- Refactored `transformWhmcsSubscriptionListResponse` to enhance readability and maintainability.
- Minor code style adjustments for consistency and clarity across various files.
- Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce.
- Define job data structure and queue configuration for retries and error handling.
- Add methods for enqueueing reconciliation jobs and retrieving queue health metrics.
feat: create loading components for various services in the portal
- Add loading skeletons for Internet, SIM, VPN, and public services configuration.
- Implement loading states for account-related views including account details, services, and verification settings.
- Introduce loading states for support case details and subscription actions.
feat: implement OTP input component for user verification
- Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation.
- Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling.
feat: define address domain constants for validation
- Establish constants for address field length limits to ensure compliance with WHMCS API constraints.
- Include maximum lengths for address fields and user input fields to maintain data integrity.
feat: Add Fulfillment Side Effects Service for order processing notifications and cache management
feat: Create base validation interfaces and implement various order validators
feat: Develop Internet Order Validator to check eligibility and prevent duplicate services
feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence
feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook
feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering
feat: Enhance Users Service with methods for user profile management and summary retrieval
- Introduced PermissionsGuard to enforce permission checks on routes.
- Added RequirePermissions decorator for specifying required permissions on handlers.
- Created AUTH_ERRORS constants for consistent error messages across the auth module.
- Updated CsrfService to reduce CSRF token expiry time for enhanced security.
- Refactored auth cookie handling into utility functions for better maintainability.
- Enhanced TokenBlacklistService to default to fail-closed in production environments.
- Updated various DTOs and schemas for consistency and clarity.
- Removed legacy code and types related to SIM requests.
- Improved logging and error handling in GlobalAuthGuard.
- Added middleware for public path checks and optimistic authentication.
- Implemented FormStep component for user input (name, email, address).
- Created OtpStep component for OTP verification.
- Developed SuccessStep component to display success messages based on account creation.
- Introduced eligibility-check.store for managing state throughout the eligibility check process.
- Added commitlint configuration for standardized commit messages.
- Configured knip for workspace management and project structure.
- Implemented VpnServicesService for managing VPN plans and activation fees.
- Created SimCallHistoryFormatterService for formatting call history data.
- Developed SimCallHistoryParserService to parse call history CSV files.
- Added AnimatedContainer and AnimatedBackground components for UI animations.
- Introduced BentoServiceCard, FloatingGlassCard, GlowButton, and ValuePropCard components for landing page.
- Implemented useCountUp hook for animated number counting.
- Added cancellation months utility functions for subscription management.
- Modified SalesforceAccountService to support Person Accounts by adding required fields for account creation and updating associated contacts.
- Enhanced the createContact method to retrieve and update the PersonContactId instead of creating a new contact, ensuring compliance with Salesforce's Person Account structure.
- Improved logging for better traceability during account and contact updates, enhancing overall integration reliability.
- Added new modules for SIM management, internet management, and call history to the BFF, improving service organization and modularity.
- Updated environment validation schema to reflect changes in Salesforce event channels, ensuring accurate configuration.
- Refactored router configuration to include new subscription-related modules, enhancing API routing clarity.
- Cleaned up Salesforce integration by removing unused service files and optimizing event handling logic.
- Improved support service by adding cache invalidation logic for case comments, ensuring real-time updates for users.
- Updated domain schemas to remove deprecated fields and enhance validation for residence card verification, promoting data integrity.
- Enhanced utility functions in the portal for better address formatting and confirmation prompts, improving user experience.
- Enhanced error handling in various API client services by integrating `redactForLogs` for sensitive data protection in logs.
- Updated date formatting across multiple components and services to utilize `formatIsoDate` and `formatIsoRelative`, improving consistency and readability.
- Removed unused imports and optimized code structure for better maintainability.
- Streamlined retry logic in the Freebit and WHMCS services to improve resilience and error management during API requests.
- Introduced `mapHttpStatusToErrorCode` function in the domain to standardize error code mapping from HTTP status codes, enhancing error handling across the application.
- Updated various services and controllers to utilize the new error mapping function, ensuring consistent error responses and improved clarity in logging.
- Refactored error handling in the BillingController and other modules to align with the updated practices, promoting maintainability and clarity in API responses.
- Cleaned up unused imports and optimized code structure for better maintainability across the BFF modules.
- Replaced instances of `getErrorMessage` with `extractErrorMessage` in various services to ensure consistent error handling and improve clarity in logging.
- Updated error logging in the Whmcs, Salesforce, and subscription services to utilize the new error extraction method, enhancing maintainability and debugging capabilities.
- Adjusted ESLint configuration to prevent the use of `console.log` in production code, promoting the use of a centralized logging solution.
- Refactored error handling in the Agentforce widget and other components to align with the updated logging practices, ensuring a consistent approach to error management across the application.
- Cleaned up unused imports and optimized code structure for better maintainability.
- Added optional userId parameter to payment capture methods in WhmcsService and WhmcsInvoiceService to improve tracking and management of user-related transactions.
- Updated invoice retrieval and user profile services to utilize parseUuidOrThrow for user ID validation, ensuring consistent error messaging for invalid formats.
- Refactored SIM billing and activation services to include userId in one-time charge creation, enhancing billing traceability.
- Adjusted validation logic in various services to improve clarity and maintainability, ensuring robust handling of user IDs throughout the application.
- Eliminated agent logging fetch calls from the bootstrap process and CSRF token endpoint to streamline the code and reduce unnecessary network requests.
- Improved code clarity and maintainability by removing commented-out logging sections that were not contributing to functionality.
- Ensured that error handling remains intact while focusing on essential application logic.
- Removed the TransformInterceptor to streamline response handling, ensuring that all responses are returned directly without a success envelope.
- Updated various controllers and services to utilize new action response schemas, enhancing clarity and consistency in API responses.
- Refactored error handling in the CsrfController and CheckoutController to improve logging and error management.
- Cleaned up unused imports and optimized code structure for better maintainability and clarity across the application.
- Renamed `getErrorMessage` to `extractErrorMessage` for clarity and to avoid confusion with the domain's `getMessageForErrorCode`.
- Introduced a deprecation notice for `getErrorMessage` to maintain backward compatibility.
- Updated various services and controllers to utilize the new `extractErrorMessage` function, ensuring consistent error handling across the application.
- Enhanced error handling in the `BillingController`, `SubscriptionsService`, and other modules to improve maintainability and clarity in API responses.
- Removed the domain mappings module, consolidating related types and schemas into the id-mappings feature.
- Updated import paths across the BFF to reflect the new structure, ensuring compliance with import hygiene rules.
- Cleaned up unused files and optimized the codebase for better maintainability and clarity.
- Improved notification handling in the NotificationsController to ensure consistent response formats across different endpoints.
- Updated response types to utilize ApiErrorResponse for error scenarios, enhancing clarity in API responses.
- Refactored service methods to streamline notification processing and improve maintainability.
- Cleaned up unused imports and optimized code structure for better readability.
- Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity.
- Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation.
- Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary.
- Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
- Unified Node.js and pnpm setup across deploy, pr-checks, and security workflows by introducing a custom action for streamlined configuration.
- Removed redundant setup steps to enhance workflow clarity and maintainability.
- Updated security workflow to include concurrency control for better job management.
- Added support for push and workflow_dispatch events in pr-checks.yml to improve CI flexibility.
- Implemented concurrency control in workflows to manage job execution more effectively.
- Updated pnpm setup to include caching and specified version for consistency.
- Removed redundant logging code from BFF application to streamline signal handling and improve readability.
- Introduced CSRF_SECRET_KEY validation in environment configuration for production hardening.
- Refactored logo component to use a fallback mechanism for image loading, enhancing user experience.
- Added linting scripts to package.json for improved code quality checks.
- Updated app.config.ts to use process.cwd() for resolving environment file paths, improving compatibility with pnpm.
- Replaced ensure_env function with check_app_env in manage.sh to verify the existence of required environment files for BFF and optional files for Portal, enhancing error handling and user guidance.
- Adjusted .prettierrc to ensure consistent formatting with a newline at the end of the file.
- Reformatted eslint.config.mjs for improved readability by aligning array elements.
- Updated pnpm-lock.yaml to use single quotes for consistency across dependencies.
- Simplified worktree setup in .cursor/worktrees.json for cleaner configuration.
- Enhanced documentation in .cursor/plans to clarify architecture refactoring.
- Refactored various service files for improved readability and maintainability, including rate-limiting and auth services.
- Updated imports and exports across multiple files for consistency and clarity.
- Improved error handling and logging in service methods to enhance debugging capabilities.
- Streamlined utility functions for better performance and maintainability across the domain packages.
- Revised README and documentation links to reflect updated paths and improve clarity on service offerings.
- Refactored service components to enhance organization and maintainability, including updates to the Internet and SIM offerings.
- Improved user navigation and experience in service-related views by streamlining component structures and enhancing data handling.
- Updated internal documentation to align with recent changes in service architecture and eligibility processes.
- Introduced new controllers for internet eligibility and service health checks to enhance backend functionality.
- Created service modules for internet, SIM, and VPN offerings, improving organization and maintainability.
- Developed various components for internet and SIM configuration, including forms and plan cards, to streamline user interactions.
- Implemented hooks for managing service configurations and eligibility checks, enhancing frontend data handling.
- Updated utility functions for pricing and catalog operations to support new service structures and improve performance.
- Updated env.validation.ts to retain unused Salesforce fields for future compatibility.
- Modified CatalogCdcSubscriber to set requestId as undefined, reflecting its non-use in the current environment.
- Adjusted CatalogCacheService to initialize eligibility payload with null values for unused fields.
- Enhanced InternetCatalogService to remove references to unused fields and improve cache data validation.
- Updated PublicInternetPlans and InternetPlansContainer to streamline plan display and improve user experience with new offering configurations.
- Introduced MeStatus module to aggregate customer status, integrating dashboard summary, payment methods, internet eligibility, and residence card verification.
- Updated dashboard hooks to utilize MeStatus for improved data fetching and error handling.
- Enhanced notification handling across various modules, including cancellation notifications for internet and SIM services, ensuring timely user alerts.
- Refactored related schemas and services to support new dashboard tasks and notification types, improving overall user engagement and experience.
- Updated SalesforceOpportunityService to allow filtering by stages during opportunity retrieval, improving flexibility in eligibility checks.
- Integrated DistributedLockService into InternetCatalogService and OrderOrchestrator to prevent race conditions when creating or reusing opportunities.
- Refactored opportunity matching logic to ensure proper handling of stages during eligibility requests and order placements.
- Improved documentation to clarify the opportunity lifecycle and eligibility verification processes, ensuring better understanding for future development.
- Deleted the CheckoutRegistrationModule and its associated components, streamlining the checkout process to require user authentication before proceeding.
- Updated the app.module.ts and router.config.ts to remove references to the CheckoutRegistrationModule.
- Refactored the checkout flow to utilize the AccountCheckoutContainer for handling user registration and checkout in a single-page flow.
- Enhanced the checkout store to eliminate guest info and registration states, focusing solely on authenticated user data.
- Standardized order types to PascalCase across the application for consistency.
- Updated relevant schemas and documentation to reflect the removal of guest checkout and the new authentication-first approach.
- Introduced a new Notification model in the Prisma schema to manage in-app notifications for users.
- Integrated the NotificationsModule into the BFF application, allowing for the handling of notifications related to user actions and events.
- Updated the CatalogCdcSubscriber to create notifications for account eligibility and verification status changes, improving user engagement.
- Enhanced the CheckoutRegistrationService to create opportunities for SIM orders, integrating with the new notifications system.
- Refactored various modules to include the NotificationsModule, ensuring seamless interaction and notification handling across the application.
- Updated the frontend to display notification alerts in the AppShell header, enhancing user experience and accessibility.
- Added new fields for internet eligibility in the environment validation schema to support Salesforce integration.
- Updated CatalogCdcSubscriber to extract and handle additional eligibility details from Salesforce events.
- Refactored InternetEligibilityController to return detailed eligibility information, improving user experience.
- Enhanced CatalogCacheService with a new method for setting eligibility details, optimizing cache management.
- Updated InternetCatalogService to retrieve and process comprehensive eligibility data, ensuring accurate service availability checks.
- Improved public-facing components to reflect the new eligibility status and provide clearer user guidance during the checkout process.
- Introduced ResidenceCardSubmission model to handle user submissions of residence cards, including status tracking and file management.
- Updated User model to include a relation to ResidenceCardSubmission for better user data management.
- Enhanced the checkout process to require residence card submission for SIM orders, improving compliance and verification.
- Integrated VerificationModule into the application, updating relevant modules and routes to support new verification features.
- Refactored various components and services to utilize the new residence card functionality, ensuring a seamless user experience.
- Updated public-facing views to guide users through the residence card submission process, enhancing clarity and accessibility.
- Integrated CheckoutRegistrationModule into the application for handling checkout-related functionalities.
- Updated router configuration to include the new CheckoutRegistrationModule for API routing.
- Enhanced SalesforceAccountService with methods for account creation and email lookup to support checkout registration.
- Implemented public contact form functionality in SupportController, allowing unauthenticated users to submit inquiries.
- Added rate limiting to the public contact form to prevent spam submissions.
- Updated CatalogController and CheckoutController to allow public access for browsing and cart validation without authentication.
- Updated various components to use consistent color tokens, improving visual coherence.
- Refactored layout components to utilize the new PublicShell for better structure.
- Enhanced error and status messaging styles for improved user feedback.
- Standardized button usage across forms and modals for a unified interaction experience.
- Introduced new UI design tokens and guidelines in documentation to support future development.
- Added support for custom fields in WHMCS, including customer number, gender, and date of birth, to the environment validation schema.
- Updated the signup workflow to handle new fields for date of birth and gender, ensuring they are included in the client creation process.
- Implemented email update functionality in the user profile service, allowing users to change their email while ensuring uniqueness across the portal.
- Enhanced the profile edit form to include fields for date of birth and gender, with appropriate validation.
- Updated the UI to reflect changes in profile management, ensuring users can view and edit their information seamlessly.
- Improved error handling and validation for user profile updates, ensuring a smoother user experience.
