dd99e5cc69
feat(web): UDT-003 formulario de alta de usuarios (admin)
...
Agrega CreateUserPage con UserForm (react-hook-form + Zod), hook useCreateUser
(TanStack Query mutation), ruta /users/new protegida y entrada en AppSidebar.
Incluye tests Vitest: UserForm (9 casos) y useCreateUser (3 casos).
2026-04-15 10:57:11 -03:00
3d598faffc
feat(api): UDT-003 registro de usuarios — backend completo (Phases 1-6)
...
- Domain: Usuario.ForCreation factory, UsernameAlreadyExistsException, IUsuarioRepository extendido
- Application: CreateUsuarioCommand/Validator/Handler, UsuarioCreatedDto, AuthOptions password policy
- Infrastructure: UsuarioRepository.ExistsByUsernameAsync + AddAsync (INSERT OUTPUT INSERTED.Id), RoleClaimType="rol" en TokenValidationParameters
- Api: UsuariosController POST api/v1/users [Authorize(Roles="admin")], ExceptionFilter mapea UsernameAlreadyExistsException + SqlException 2627 → 409
- Tests (unit): 43 tests — 33 validator + 10 handler (107 total, green)
- Tests (integration): 7 tests CreateUsuarioEndpoint — 401/403/400/201/409/race/e2e (green)
- Fix: TestWebAppFactory.ConfigureTestServices reemplaza SqlConnectionFactory singleton con CS de test correcto
2026-04-15 10:47:48 -03:00
023d30fce4
chore(repo): gitignore .claude/ local state and autogen src/src.sln
2026-04-14 14:39:38 -03:00
5b3797a81c
Merge pull request 'UDT-002: Logout + Refresh Token con rotación y chain revocation' ( #3 ) from feature/UDT-002 into main
2026-04-14 17:37:47 +00:00
96dbeecc0f
fix(web): use endsWith for /auth path exclusion in refresh interceptor
...
Avoids substring-match false positives on future endpoints whose URL could
contain /auth/refresh or /auth/login as infix (W-01 from verify report).
2026-04-14 13:59:37 -03:00
7fadb88da0
docs(web): smoke test checklist UDT-002 — login, refresh, logout, reuse detection
2026-04-14 13:52:59 -03:00
dd4f4dbd5e
test(web): LoginPage — verify setAuth receives expiresIn and calculates expiresAt
2026-04-14 13:51:41 -03:00
bdaaaffaf6
feat(web): axiosClient — request/response interceptors with singleton refresh queue
2026-04-14 13:50:49 -03:00
d40b7247fc
feat(web): authApi — add refresh() and logout() with types and tests
2026-04-14 13:49:39 -03:00
f806e0a483
test(web): authStore TDD — refreshToken, expiresAt, clearAuth, updateAccess, logout async
2026-04-14 13:48:50 -03:00
f1d4ea0047
fix(test): RefreshTokenRepository tests use Respawn pattern instead of transaction isolation
...
Transaction-scoped tests conflicted with the repository opening its own connection,
blocking on FK locks for the uncommitted seeded user and causing timeouts.
Switched to the Respawn pattern used by UsuarioRepositoryTests ([Collection("Database")])
which commits seed data and resets between test classes.
2026-04-14 13:45:53 -03:00
fd2ff8a802
feat(api): map InvalidRefreshTokenException and TokenReuseDetectedException to generic 401
2026-04-14 13:28:45 -03:00
8768067fdd
feat(api): add /refresh [AllowAnonymous] and /logout [Authorize] endpoints to AuthController
2026-04-14 13:28:45 -03:00
4e7b2690bd
test(api): add Refresh and Logout endpoint integration tests RED
2026-04-14 13:28:44 -03:00
aed26e3de9
feat(infra): register RefreshTokenRepository, RefreshTokenGenerator, ClientContext and handlers in DI
2026-04-14 13:28:36 -03:00
cb4250f7b3
feat(infra): implement ClientContext for IP and UserAgent from IHttpContextAccessor
2026-04-14 13:28:35 -03:00
19ac807500
feat(infra): add RefreshTokenDays to JwtOptions and AuthOptions config
2026-04-14 13:28:35 -03:00
0c809da633
feat(infra): implement RefreshTokenRepository with Dapper and add GetByIdAsync to UsuarioRepository
2026-04-14 13:28:29 -03:00
e405c0453b
test(infra): add RefreshTokenRepository integration tests RED
2026-04-14 13:28:28 -03:00
d326dd87e0
feat(infra): implement RefreshTokenGenerator with cryptographic random bytes
2026-04-14 13:28:24 -03:00
2806e8dfa6
test(infra): add RefreshTokenGenerator tests RED
2026-04-14 13:28:24 -03:00
c910ff2fc5
feat(infra): implement GetPrincipalFromExpiredToken in JwtService
2026-04-14 13:28:20 -03:00
a363e3658d
test(infra): add GetPrincipalFromExpiredToken tests for JwtService RED
2026-04-14 13:28:20 -03:00
8bbd2b6f2a
feat(app): update LoginCommandHandler to persist hashed refresh token on login
2026-04-14 13:28:16 -03:00
b79efc778a
test(app): extend LoginCommandHandler tests with refresh token persistence cases RED
2026-04-14 13:28:15 -03:00
6c02197369
feat(app): implement LogoutCommand handler with idempotent revocation
2026-04-14 13:28:10 -03:00
15a7687e4c
test(app): add LogoutCommandHandler tests RED
2026-04-14 13:28:10 -03:00
f5e67b78a5
feat(app): implement RefreshCommand handler with token rotation and chain revocation
2026-04-14 13:28:06 -03:00
25639398c2
test(app): add RefreshCommandHandler tests RED
2026-04-14 13:28:02 -03:00
971f6f572f
feat(app): add IClientContext abstraction for IP and UserAgent
2026-04-14 13:17:12 -03:00
84006776b6
feat(app): add IRefreshTokenGenerator abstraction
2026-04-14 13:17:12 -03:00
802c89ffe5
feat(app): add IRefreshTokenRepository abstraction
2026-04-14 13:17:11 -03:00
ba6dffb137
feat(app): extend IJwtService with GetPrincipalFromExpiredToken
2026-04-14 13:17:11 -03:00
83c6a95ee2
feat(domain): add InvalidRefreshTokenException and TokenReuseDetectedException
2026-04-14 13:16:44 -03:00
aacfd29673
feat(domain): add TokenHasher SHA-256 base64url helper
2026-04-14 13:16:43 -03:00
22aff10330
test(domain): add TokenHasher tests RED
2026-04-14 13:16:43 -03:00
99bb3364c3
feat(domain): add RefreshToken entity with factory methods and IsActive logic
2026-04-14 13:16:38 -03:00
2efe4115c4
test(domain): add RefreshToken entity tests RED
2026-04-14 13:16:36 -03:00
ffb68db57e
db(auth): add V002__create_refresh_token migration with chain revocation indexes
2026-04-14 13:14:47 -03:00
3b66415e17
fix(web): default API port to 5212
2026-04-14 12:54:36 -03:00
cc532ff319
Merge pull request 'UI Design System: shadcn/ui + Tailwind 4 + layout shell' ( #2 ) from feature/UI-DESIGN-SYSTEM into main
2026-04-14 14:45:08 +00:00
b3d78ff56d
Merge pull request 'UDT-001: Login (scaffolding + JWT RS256 end-to-end)' ( #1 ) from feature/UDT-001 into main
2026-04-14 14:44:28 +00:00
5e1e979377
refactor(web): LoginPage con shadcn Form, zod validation y Alert destructive
2026-04-14 11:21:53 -03:00
7eea0fd17c
feat(ui): app shell con Sidebar, Header, ThemeToggle y HomePage grid de modulos
2026-04-14 11:21:48 -03:00
8acd2975ba
feat(ui): shadcn/ui setup con componentes base, fonts y design tokens
2026-04-14 11:21:43 -03:00
a15d8c166e
chore(udt-001): vite scaffold default assets
2026-04-13 21:36:49 -03:00
4fa891f340
chore(udt-001): add skill registry
2026-04-13 21:36:41 -03:00
6c4d572111
docs(udt-001): smoke test checklist
2026-04-13 21:36:41 -03:00
f4f063f5f0
test(udt-001): frontend tests (authStore, authApi, LoginPage - 11 tests)
2026-04-13 21:36:40 -03:00
a692576bc3
feat(udt-001): frontend auth UI (Zustand store, TanStack Query, LoginPage, router)
2026-04-13 21:36:32 -03:00
