Comprehensive refactoring across 70 files (net -298 lines) improving
type safety, error handling, and code organization:
- Replace .passthrough()/.catchall(z.unknown()) with .strip() in all Zod schemas
- Tighten Record<string, unknown> to bounded union types where possible
- Replace throw new Error with domain-specific exceptions (OrderException,
FulfillmentException, WhmcsOperationException, SalesforceOperationException, etc.)
- Split AuthTokenService (625 lines) into TokenGeneratorService and
TokenRefreshService with thin orchestrator
- Deduplicate FreebitClientService with shared makeRequest() method
- Add typed interfaces to WHMCS facade, order service, and fulfillment mapper
- Externalize hardcoded config values to ConfigService with env fallbacks
- Consolidate duplicate billing cycle enums into shared billingCycleSchema
- Standardize logger usage (nestjs-pino @Inject(Logger) everywhere)
- Move shared WHMCS number coercion helpers to whmcs-utils/schema.ts
- Extracted case detail logic into a custom hook `useCaseDetailState` for better separation of concerns.
- Created sub-components: `CaseNotFoundView`, `CaseHeaderCard`, `CaseMetaInfoRow`, `CaseConversationSection`, `ReplyForm`, and `ClosedCaseNotice` to enhance readability and maintainability.
- Updated message bubble rendering to use `MessageBubbleHeader` and `MessageBubbleStatus` for clearer status indication.
- Improved loading and error handling in `ResidenceCardVerificationSettingsView` by creating dedicated content components for different states.
- Refactored `transformWhmcsSubscriptionListResponse` to enhance readability and maintainability.
- Minor code style adjustments for consistency and clarity across various files.
- Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce.
- Define job data structure and queue configuration for retries and error handling.
- Add methods for enqueueing reconciliation jobs and retrieving queue health metrics.
feat: create loading components for various services in the portal
- Add loading skeletons for Internet, SIM, VPN, and public services configuration.
- Implement loading states for account-related views including account details, services, and verification settings.
- Introduce loading states for support case details and subscription actions.
feat: implement OTP input component for user verification
- Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation.
- Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling.
feat: define address domain constants for validation
- Establish constants for address field length limits to ensure compliance with WHMCS API constraints.
- Include maximum lengths for address fields and user input fields to maintain data integrity.
feat: Add Fulfillment Side Effects Service for order processing notifications and cache management
feat: Create base validation interfaces and implement various order validators
feat: Develop Internet Order Validator to check eligibility and prevent duplicate services
feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence
feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook
feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering
feat: Enhance Users Service with methods for user profile management and summary retrieval
- Implemented FormStep component for user input (name, email, address).
- Created OtpStep component for OTP verification.
- Developed SuccessStep component to display success messages based on account creation.
- Introduced eligibility-check.store for managing state throughout the eligibility check process.
- Added commitlint configuration for standardized commit messages.
- Configured knip for workspace management and project structure.
- Renamed `getErrorMessage` to `extractErrorMessage` for clarity and to avoid confusion with the domain's `getMessageForErrorCode`.
- Introduced a deprecation notice for `getErrorMessage` to maintain backward compatibility.
- Updated various services and controllers to utilize the new `extractErrorMessage` function, ensuring consistent error handling across the application.
- Enhanced error handling in the `BillingController`, `SubscriptionsService`, and other modules to improve maintainability and clarity in API responses.
- Introduced support for previous JWT secrets in the environment configuration to facilitate key rotation.
- Refactored the JoseJwtService to manage multiple signing and verification keys, improving security during token validation.
- Updated the AuthTokenService to include family identifiers for refresh tokens, enhancing session management and security.
- Modified the PasswordWorkflowService and SignupWorkflowService to return session metadata instead of token strings, aligning with security best practices.
- Improved error handling and token revocation logic in the TokenBlacklistService and AuthTokenService to prevent replay attacks.
- Updated documentation to reflect changes in the authentication architecture and security model.
- Introduced optional JWT issuer and audience configurations in the JoseJwtService for improved token validation.
- Updated CSRF middleware to streamline token validation and enhance security measures.
- Added new environment variables for JWT issuer and audience, allowing for more flexible authentication setups.
- Refactored CSRF controller and middleware to improve token handling and security checks.
- Cleaned up and standardized cookie paths for access and refresh tokens in the AuthController.
- Enhanced error handling in the TokenBlacklistService to manage Redis availability more effectively.
- Added sharp dependency for image processing in package.json.
- Updated argon2 dependency version to 0.44.0 for enhanced security.
- Removed unused @nestjs/jwt dependency and refactored authentication module to utilize JoseJwtService for JWT handling.
- Adjusted type definitions for @types/node and @types/pg to ensure compatibility across applications.
- Cleaned up package.json files in BFF and Portal applications for consistency and improved dependency management.
- Adjusted TypeScript settings in tsconfig files for better alignment with ESNext standards.
- Updated pnpm-lock.yaml to reflect dependency changes and improve package management.
- Cleaned up Dockerfiles for both BFF and Portal applications to enhance build processes.
- Modified import statements across various modules to include file extensions for consistency.
- Removed outdated SHA256 files for backend and frontend tarballs to streamline project structure.
- Enhanced health check mechanisms in Dockerfiles for improved application startup reliability.
- Replaced UsersService with UsersFacade across various modules for improved abstraction and consistency.
- Updated validation imports to utilize the new @customer-portal/validation package, enhancing modularity.
- Removed deprecated validation files and streamlined user-related logic in controllers and services.
- Enhanced order processing by integrating field mappings for Salesforce orders, improving maintainability.
- Improved error handling and response structures in authentication and user management workflows.
