- Simplified error logging in WhmcsHttpClientService by removing action parameters from log messages for clarity.
- Introduced RequestWithCookies type to improve type safety in auth controllers and utilities.
- Refactored ValidatedUser interface to remove export, aligning with internal usage.
- Removed deprecated auth error constants and streamlined error handling in various auth services.
- Consolidated token handling logic by utilizing a shared hashToken utility across token services.
- Removed unused and redundant methods in token services, improving code maintainability.
- Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService.
- Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService.
- Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic.
- Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process.
- Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
Merge SfCompletionWorkflow and NewCustomerSignupWorkflow into a single
AccountCreationWorkflowService, remove legacy /auth/migrate endpoint
and WhmcsLinkWorkflow, extract shared OTP email pattern into
OtpEmailService, and improve PORTAL_EXISTS redirect UX with email
pre-fill.
- Consolidate signup/ directory services into steps/ (PortalUserCreationService,
WhmcsCleanupService) and new AccountCreationWorkflowService
- Rename WhmcsMigrationWorkflowService to AccountMigrationWorkflowService
- Remove dead code: WhmcsLinkWorkflowService, auth.controller /migrate endpoint
- Extract OtpEmailService from duplicated login/verification OTP email logic
- Pass email query param on PORTAL_EXISTS redirect for login pre-fill
- Delete 1977 lines of legacy code, add ~350 lines of consolidated logic
- Replace SignupWorkflowService and GetStartedWorkflowService with new coordinator services for improved modularity and clarity.
- Update auth controller to utilize the new GetStartedCoordinator.
- Refactor account status handling in the GetStartedForm component to leverage XState for state management.
- Introduce new hooks for managing the get-started flow, enhancing the overall user experience.
- Remove deprecated services and clean up related imports to maintain code hygiene.
- Fix SF Order locking by deferring Status change to final step
- executeSfActivatedUpdate now only sets Activation_Status__c
- executeSfRegistrationComplete sets Status: Processed atomically with WHMCS info
- Add WHMCS custom fields update step (whmcs_custom_fields)
- AddOrder API expects field IDs, UpdateClientProduct accepts field names
- New step updates SIM Number, Serial Number, EID after order acceptance
- Add Opportunity WH_Registeration__c field update
- Sets productselect={serviceId} for WHMCS linking
- Add SIM Inventory assignment fields
- Assigned_Account__c, Assigned_Order__c, SIM_Type__c now populated
- Remove PA05-18 Semi-Black SIM registration (only Black SIMs used)
- Changed to direct PA02-01 call with createType=new
- Fix me-status to check for Status: Processed instead of Activated
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Simplified conditional rendering in OrderSummary, ProductCard, InstallationOptions, InternetOfferingCard, DeviceCompatibility, SimPlansContent, and other components by removing unnecessary parentheses.
- Enhanced clarity in the use of ternary operators for better maintainability.
- Updated documentation to reflect changes in development setup for skipping OTP verification during login.
- Removed outdated orchestrator refactoring plan document.
- Added new environment variable for skipping OTP verification in development.
- Minor adjustments in domain contracts and mappers for consistency in conditional checks.
- Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce.
- Define job data structure and queue configuration for retries and error handling.
- Add methods for enqueueing reconciliation jobs and retrieving queue health metrics.
feat: create loading components for various services in the portal
- Add loading skeletons for Internet, SIM, VPN, and public services configuration.
- Implement loading states for account-related views including account details, services, and verification settings.
- Introduce loading states for support case details and subscription actions.
feat: implement OTP input component for user verification
- Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation.
- Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling.
feat: define address domain constants for validation
- Establish constants for address field length limits to ensure compliance with WHMCS API constraints.
- Include maximum lengths for address fields and user input fields to maintain data integrity.
feat: Add Fulfillment Side Effects Service for order processing notifications and cache management
feat: Create base validation interfaces and implement various order validators
feat: Develop Internet Order Validator to check eligibility and prevent duplicate services
feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence
feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook
feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering
feat: Enhance Users Service with methods for user profile management and summary retrieval
- Introduced PermissionsGuard to enforce permission checks on routes.
- Added RequirePermissions decorator for specifying required permissions on handlers.
- Created AUTH_ERRORS constants for consistent error messages across the auth module.
- Updated CsrfService to reduce CSRF token expiry time for enhanced security.
- Refactored auth cookie handling into utility functions for better maintainability.
- Enhanced TokenBlacklistService to default to fail-closed in production environments.
- Updated various DTOs and schemas for consistency and clarity.
- Removed legacy code and types related to SIM requests.
- Improved logging and error handling in GlobalAuthGuard.
- Added middleware for public path checks and optimistic authentication.
- Implemented FormStep component for user input (name, email, address).
- Created OtpStep component for OTP verification.
- Developed SuccessStep component to display success messages based on account creation.
- Introduced eligibility-check.store for managing state throughout the eligibility check process.
- Added commitlint configuration for standardized commit messages.
- Configured knip for workspace management and project structure.
- Removed the domain mappings module, consolidating related types and schemas into the id-mappings feature.
- Updated import paths across the BFF to reflect the new structure, ensuring compliance with import hygiene rules.
- Cleaned up unused files and optimized the codebase for better maintainability and clarity.
- Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity.
- Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation.
- Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary.
- Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
- Updated SalesforceOpportunityService to allow filtering by stages during opportunity retrieval, improving flexibility in eligibility checks.
- Integrated DistributedLockService into InternetCatalogService and OrderOrchestrator to prevent race conditions when creating or reusing opportunities.
- Refactored opportunity matching logic to ensure proper handling of stages during eligibility requests and order placements.
- Improved documentation to clarify the opportunity lifecycle and eligibility verification processes, ensuring better understanding for future development.
- Introduced support for previous JWT secrets in the environment configuration to facilitate key rotation.
- Refactored the JoseJwtService to manage multiple signing and verification keys, improving security during token validation.
- Updated the AuthTokenService to include family identifiers for refresh tokens, enhancing session management and security.
- Modified the PasswordWorkflowService and SignupWorkflowService to return session metadata instead of token strings, aligning with security best practices.
- Improved error handling and token revocation logic in the TokenBlacklistService and AuthTokenService to prevent replay attacks.
- Updated documentation to reflect changes in the authentication architecture and security model.
- Introduced optional JWT issuer and audience configurations in the JoseJwtService for improved token validation.
- Updated CSRF middleware to streamline token validation and enhance security measures.
- Added new environment variables for JWT issuer and audience, allowing for more flexible authentication setups.
- Refactored CSRF controller and middleware to improve token handling and security checks.
- Cleaned up and standardized cookie paths for access and refresh tokens in the AuthController.
- Enhanced error handling in the TokenBlacklistService to manage Redis availability more effectively.
- Added sharp dependency for image processing in package.json.
- Updated argon2 dependency version to 0.44.0 for enhanced security.
- Removed unused @nestjs/jwt dependency and refactored authentication module to utilize JoseJwtService for JWT handling.
- Adjusted type definitions for @types/node and @types/pg to ensure compatibility across applications.
- Cleaned up package.json files in BFF and Portal applications for consistency and improved dependency management.
- Removed the @nestjs/throttler package and replaced it with a custom rate limiting solution using rate-limiter-flexible for enhanced control and flexibility.
- Updated relevant controllers and services to utilize the new rate limiting approach, ensuring consistent request handling across authentication and catalog endpoints.
- Cleaned up unused throttler configuration files and guards to streamline the codebase.
- Updated package.json and pnpm-lock.yaml to reflect the removal of outdated dependencies and improve overall package management.
- Adjusted TypeScript settings in tsconfig files for better alignment with ESNext standards.
- Updated pnpm-lock.yaml to reflect dependency changes and improve package management.
- Cleaned up Dockerfiles for both BFF and Portal applications to enhance build processes.
- Modified import statements across various modules to include file extensions for consistency.
- Removed outdated SHA256 files for backend and frontend tarballs to streamline project structure.
- Enhanced health check mechanisms in Dockerfiles for improved application startup reliability.
- Deleted the @customer-portal/validation package to streamline dependencies.
- Updated Dockerfiles for BFF and Portal to reflect changes in package structure and optimize build processes.
- Adjusted import statements in BFF controllers to use the new Zod validation approach.
- Enhanced entrypoint script in BFF to include database and cache readiness checks before application startup.
- Cleaned up .gitignore to ignore unnecessary files and maintain clarity in project structure.
- Replaced the existing .editorconfig file to establish consistent coding styles across editors.
- Cleaned up whitespace and improved formatting in various TypeScript files for better readability.
- Enhanced logging and error handling in Salesforce and WHMCS services to provide clearer insights during operations.
- Streamlined order processing and caching mechanisms, ensuring efficient handling of API requests and responses.
- Updated test cases to reflect changes in service methods and improve overall test coverage.
- Updated SF_PUBSUB_NUM_REQUESTED in environment configuration to improve flow control.
- Enhanced CatalogCdcSubscriber and OrderCdcSubscriber to utilize a dynamic numRequested value for subscriptions, improving event handling.
- Removed deprecated WHMCS API access key configurations from WhmcsConfigService to streamline integration.
- Improved error handling and logging in various services for better operational insights.
- Refactored currency service to centralize fallback currency logic, ensuring consistent currency handling across the application.
- Added new environment variables for Salesforce event channels and Change Data Capture (CDC) to improve cache invalidation and event handling.
- Updated Salesforce module to include new guards for write operations, enhancing request rate limiting.
- Refactored various services to utilize caching for improved performance and reduced API calls, including updates to the Orders and Catalog modules.
- Enhanced error handling and logging in Salesforce services to provide better insights during operations.
- Improved cache TTL configurations for better memory management and data freshness across catalog and order services.
- Introduced new metrics for daily API usage, including dailyApiLimit and dailyUsagePercent, to monitor API consumption effectively.
- Added route-level metrics tracking to capture request success and failure rates for better performance insights.
- Implemented degradation state management to handle rate limits and usage thresholds, improving resilience during high load.
- Enhanced SalesforceRequestQueueService to include detailed logging for route-level metrics, aiding in debugging and performance analysis.
- Updated Salesforce module to export new SalesforceReadThrottleGuard for improved request rate limiting across services.
- Refactored various services to utilize the new metrics and logging features, ensuring consistent behavior and improved maintainability.
- Moved metrics tracking and logging from the queueing phase to the execution phase in SalesforceRequestQueueService for better accuracy.
- Updated CSRF token generation in CsrfController to accept parameters in a more flexible manner.
- Enhanced CacheService to handle immediate expiry requests without leaking stale values.
- Improved error handling and re-authentication logic in SalesforceConnection for better resilience during session expiration.
- Refactored logout functionality in AuthFacade to handle optional userId and improve logging during token revocation.
- Updated AuthController to apply rate limit headers and improved type handling in various request contexts.
- Streamlined imports and improved overall code organization across multiple modules for better maintainability.
- Replaced UsersService with UsersFacade across various modules for improved abstraction and consistency.
- Updated validation imports to utilize the new @customer-portal/validation package, enhancing modularity.
- Removed deprecated validation files and streamlined user-related logic in controllers and services.
- Enhanced order processing by integrating field mappings for Salesforce orders, improving maintainability.
- Improved error handling and response structures in authentication and user management workflows.
- Updated rate limiting TTL values in env.validation.ts and throttler.config.ts to reduce response times and improve request handling.
- Adjusted throttle settings in AuthController, CatalogController, and OrdersController to align with new rate limits, enhancing overall API responsiveness.
- Refactored OrderCard and OrderCardSkeleton components for better loading states and visual consistency.
- Improved AddressForm and ServiceConfigurationStep components for better state management and user experience.
- Streamlined CSS styles in globals.css and responsive.css for better maintainability and clarity.
- Removed unnecessary fields from user creation in WhmcsLinkWorkflowService for cleaner data handling.
- Updated logout method in AuthController to ensure proper request type casting.
- Enhanced type safety in MappingsService by refining type filters for existing mappings.
- Improved currency resolution logic in UsersService for better handling of client currency codes.
- Streamlined product filtering and sorting logic in catalog utilities for improved readability and performance.
- Refactored InternetPlans component to simplify memoization of plans.
- Cleaned up state management in useCheckout hook by removing unused state variables.
- Enhanced checkout service to improve API request structure and error handling.
- Updated response helpers to streamline success response construction.
- Updated export statements in user and mapping mappers for consistency.
- Enhanced FreebitAuthService to explicitly define response types for better type inference.
- Refactored various services to improve error handling and response structure.
- Cleaned up unused code and comments across multiple files to enhance readability.
- Improved type annotations in invoice and subscription services for better validation and consistency.
- Updated tsconfig.json to include test files for better type checking.
- Refined type annotations in FreebitAuthService for improved clarity and type safety.
- Enhanced currency index extraction logic in WhmcsCurrencyService for better type inference.
- Improved utility functions in whmcs-client.utils.ts to handle various value types more robustly.
- Simplified user creation logic in WhmcsLinkWorkflowService by removing unnecessary type conversions.
- Updated RequestWithCookies type in auth.controller.ts and global-auth.guard.ts to allow optional cookies.
- Refactored OrderFulfillmentOrchestrator to utilize a more specific mapping result type for better type safety.
- Added error logging enhancements in UsersService for improved traceability.
- Updated catalog contract tests to ensure response validation aligns with new schemas.
- Improved InvoiceTable component to handle payment and download actions more cleanly.
