ankhbayar/Assist_Design
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Assist_Design/CODEBASE_ANALYSIS.md
barsa 7500b5fce0 Enhance security and refactor order processing for improved reliability 
- Implemented Redis-backed idempotency keys in SIM activation to prevent race conditions and double-charging.
- Increased bcrypt hashing rounds from 12 to 14 for stronger password security.
- Introduced a structured exception hierarchy to replace generic errors with domain-specific exceptions.
- Centralized Internet Access Mode constants and improved schema organization by extracting duplicated enum values.
- Updated various components to utilize new domain types for better consistency and maintainability.
- Enhanced error handling in SIM fulfillment and order activation processes to provide clearer feedback and prevent duplicate processing.
2025-10-27 16:53:19 +09:00

4.6 KiB
Raw Blame History

Codebase Analysis (October 2025)

Recent Cleanup

  • Checkout contracts unified: checkoutBuildCartRequestSchema and the wrapped response now live in @customer-portal/domain/orders. Both the NestJS controller and service import the shared types, eliminating local Zod definitions and ad-hoc request shapes.
  • SIM configuration aligned: The catalog store and useSimConfigure hook persist state that maps directly to simConfigureFormSchema. Validation now delegates to the domain schema, and UI state uses the shared field names (selectedAddons, scheduledActivationDate, etc.).
  • Dashboard metadata centralized: Invoice/service activity metadata schemas moved into @customer-portal/domain/dashboard, and the portal utilities reuse them rather than maintaining local copies.
  • UI totals reuse domain types: EnhancedOrderSummary now aliases CheckoutTotals, keeping the presentation layer in lockstep with the API contract.
  • Build artifacts removed: All 224 generated .js, .d.ts, and .js.map files in the packages/domain source tree have been deleted. These files are now built fresh on demand into dist/ via pnpm build, and .gitignore ensures they stay out of version control. The domain package now contains 100 clean TypeScript source files with all build outputs isolated to dist/.
  • Schema organization improved: Extracted duplicated enum value arrays in packages/domain/orders/schema.ts to constants, eliminating repetition and improving maintainability. All enums (ACCESS_MODE, ACTIVATION_TYPE, SIM_TYPE) now follow consistent patterns.
  • Internet Access Mode centralized: Added ACCESS_MODE constant and AccessModeValue type to packages/domain/orders/contract.ts. The catalog store now imports from domain instead of defining its own local type, ensuring single source of truth.
  • Domain exports complete: All configuration constants (ORDER_TYPE, ACTIVATION_TYPE, SIM_TYPE, ACCESS_MODE) are now properly exported from packages/domain/orders/index.ts for consistent use across BFF and portal.

🔒 Security Fixes (Critical)

  • Idempotency protection: SIM activation now uses Redis-backed idempotency keys to prevent race conditions and double-charging. Duplicate requests return cached results. Processing locks prevent concurrent execution.
  • Stronger password hashing: Bcrypt rounds increased from 12 to 14 (minimum 12, default 14). Provides better security against brute-force attacks with acceptable performance impact.
  • Typed exception framework: Created structured exception hierarchy with error codes and context. Replaces generic throw new Error() with domain-specific exceptions like SimActivationException, OrderValidationException, etc.
  • CSRF token enforcement: Portal API client now fails fast when CSRF token is unavailable instead of silently proceeding. Mutation endpoints protected from CSRF bypass attempts.

🔍 Follow-Up Opportunities

  • Complete typed exceptions: Remaining 31 files still use generic throw new Error(). See IMPLEMENTATION_PROGRESS.md for complete list and priority order.
  • Catalog caching: Add Redis caching layer for catalog responses (5-minute TTL) to reduce Salesforce API load by ~50%.
  • Rate limiting: Add throttle decorators to expensive endpoints (catalog, orders) to prevent DOS attacks.
  • Console.log cleanup: Replace 40 instances of console.log in portal with proper logging infrastructure.
  • Auth workflow audit: Re-run a focused review of the WHMCS link workflow and mapping services to confirm no lingering loose types (the earlier report flagged placeholder values—verify after the latest merges).
  • Portal checkout transforms: Consider using simConfigureFormToRequest when serialising SIM selections into cart params so the client sends the same payload shape the BFF expects.
  • End-to-end validation run: Execute pnpm lint && pnpm type-check once the workspace stabilises to catch any regressions introduced outside the touched files.

📋 Ongoing Work

See IMPLEMENTATION_PROGRESS.md for detailed status of the 26-issue remediation plan. Phase 1 (Critical Security) is 75% complete. Phases 2-4 are pending implementation.

🎯 Next Recommended Steps

  1. Type-check sweep run the workspace type checker and fix residual errors, paying special attention to auth and user modules.
  2. Checkout flow trace ensure the BFF and portal both serialise/deserialise SIM selections via the shared helpers (avoids stale query-param parsing edge cases).
  3. Documentation refresh propagate the new ownership model (domain-first schemas) into any onboarding or architecture docs so future engineers default to the shared packages.