ankhbayar/Assist_Design
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Assist_Design/CODEBASE_ANALYSIS.md
barsa 7500b5fce0 Enhance security and refactor order processing for improved reliability 
- Implemented Redis-backed idempotency keys in SIM activation to prevent race conditions and double-charging.
- Increased bcrypt hashing rounds from 12 to 14 for stronger password security.
- Introduced a structured exception hierarchy to replace generic errors with domain-specific exceptions.
- Centralized Internet Access Mode constants and improved schema organization by extracting duplicated enum values.
- Updated various components to utilize new domain types for better consistency and maintainability.
- Enhanced error handling in SIM fulfillment and order activation processes to provide clearer feedback and prevent duplicate processing.
2025-10-27 16:53:19 +09:00

35 lines
4.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Codebase Analysis (October 2025)
## ✅ Recent Cleanup
- **Checkout contracts unified**: `checkoutBuildCartRequestSchema` and the wrapped response now live in `@customer-portal/domain/orders`. Both the NestJS controller and service import the shared types, eliminating local Zod definitions and ad-hoc request shapes.
- **SIM configuration aligned**: The catalog store and `useSimConfigure` hook persist state that maps directly to `simConfigureFormSchema`. Validation now delegates to the domain schema, and UI state uses the shared field names (`selectedAddons`, `scheduledActivationDate`, etc.).
- **Dashboard metadata centralized**: Invoice/service activity metadata schemas moved into `@customer-portal/domain/dashboard`, and the portal utilities reuse them rather than maintaining local copies.
- **UI totals reuse domain types**: `EnhancedOrderSummary` now aliases `CheckoutTotals`, keeping the presentation layer in lockstep with the API contract.
- **Build artifacts removed**: All 224 generated `.js`, `.d.ts`, and `.js.map` files in the `packages/domain` source tree have been deleted. These files are now built fresh on demand into `dist/` via `pnpm build`, and `.gitignore` ensures they stay out of version control. The domain package now contains 100 clean TypeScript source files with all build outputs isolated to `dist/`.
- **Schema organization improved**: Extracted duplicated enum value arrays in `packages/domain/orders/schema.ts` to constants, eliminating repetition and improving maintainability. All enums (ACCESS_MODE, ACTIVATION_TYPE, SIM_TYPE) now follow consistent patterns.
- **Internet Access Mode centralized**: Added `ACCESS_MODE` constant and `AccessModeValue` type to `packages/domain/orders/contract.ts`. The catalog store now imports from domain instead of defining its own local type, ensuring single source of truth.
- **Domain exports complete**: All configuration constants (ORDER_TYPE, ACTIVATION_TYPE, SIM_TYPE, ACCESS_MODE) are now properly exported from `packages/domain/orders/index.ts` for consistent use across BFF and portal.
## 🔒 Security Fixes (Critical)
- **Idempotency protection**: SIM activation now uses Redis-backed idempotency keys to prevent race conditions and double-charging. Duplicate requests return cached results. Processing locks prevent concurrent execution.
- **Stronger password hashing**: Bcrypt rounds increased from 12 to 14 (minimum 12, default 14). Provides better security against brute-force attacks with acceptable performance impact.
- **Typed exception framework**: Created structured exception hierarchy with error codes and context. Replaces generic `throw new Error()` with domain-specific exceptions like `SimActivationException`, `OrderValidationException`, etc.
- **CSRF token enforcement**: Portal API client now fails fast when CSRF token is unavailable instead of silently proceeding. Mutation endpoints protected from CSRF bypass attempts.
## 🔍 Follow-Up Opportunities
- **Complete typed exceptions**: Remaining 31 files still use generic `throw new Error()`. See `IMPLEMENTATION_PROGRESS.md` for complete list and priority order.
- **Catalog caching**: Add Redis caching layer for catalog responses (5-minute TTL) to reduce Salesforce API load by ~50%.
- **Rate limiting**: Add throttle decorators to expensive endpoints (catalog, orders) to prevent DOS attacks.
- **Console.log cleanup**: Replace 40 instances of `console.log` in portal with proper logging infrastructure.
- **Auth workflow audit**: Re-run a focused review of the WHMCS link workflow and mapping services to confirm no lingering loose types (the earlier report flagged placeholder values—verify after the latest merges).
- **Portal checkout transforms**: Consider using `simConfigureFormToRequest` when serialising SIM selections into cart params so the client sends the same payload shape the BFF expects.
- **End-to-end validation run**: Execute `pnpm lint && pnpm type-check` once the workspace stabilises to catch any regressions introduced outside the touched files.
## 📋 Ongoing Work
See `IMPLEMENTATION_PROGRESS.md` for detailed status of the 26-issue remediation plan. Phase 1 (Critical Security) is 75% complete. Phases 2-4 are pending implementation.
## 🎯 Next Recommended Steps
1. **Type-check sweep** run the workspace type checker and fix residual errors, paying special attention to auth and user modules.
2. **Checkout flow trace** ensure the BFF and portal both serialise/deserialise SIM selections via the shared helpers (avoids stale query-param parsing edge cases).
3. **Documentation refresh** propagate the new ownership model (domain-first schemas) into any onboarding or architecture docs so future engineers default to the shared packages.
Reference in New Issue View Git Blame Copy Permalink