Telegram-Market/telegram-shop
1
1
Fork 0
Code Issues 40 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
125 Commits 9 Branches 0 Tags
f8123e42bbfdcd873367aeda0f1c869b69d740fb
Commit Graph

125 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
NW
f8123e42bb refactor(arch): split userWalletsHandler.js into 7 modular files (#52) 
- 747-line monolith → 8 files (all ≤108 lines)
- balanceHandler (96 lines): showBalance, handleBackToBalance
- historyHandler (107 lines): handleTransactionHistory, handleWalletHistory
- refreshHandler (75 lines): handleRefreshBalance with balance refresh
- createHandler (94 lines): handleAddWallet, handleGenerateWallet
- topUpHandler (60 lines): handleTopUpWallet
- archiveHandler (86 lines): handleViewArchivedWallets
- helpers (19 lines): getNetworkName, getWalletAddress
- index.js (20 lines): re-exports all 11 handler methods
- Removed duplicate getBaseWalletType (now uses WalletUtils)
- Removed duplicate getNetworkName (now in helpers.js)
 2026-06-22 01:11:53 +01:00
NW
4b7ed0c251 refactor(arch): split adminProductHandler.js into 13 modular files (#51) 
- 1093-line monolith → 13 files (all ≤97 lines)
- navigationHandler: product management entry + country selection
- districtHandler: city + district selection
- categoryAddHandler: add category input + handler
- categoryEditHandler: edit category input + handler
- categorySelectionHandler: category selection display
- createHandler: add product prompt
- importHandler: product import (JSON/text/file)
- editStartHandler: product edit prompt
- editImportHandler: product edit import
- deleteHandler: product delete + confirm
- viewHandler: product detail view
- listHandler: product list with pagination
- productValidator: shared validation utilities
- index.js: router re-exporting all 17 handler methods
- Removed duplicate handleCategorySelection (subcategories table doesn't exist)
- Removed handleSubcategoryInput/handleAddSubcategory (references non-existent subcategories table)
 2026-06-17 22:41:04 +01:00
NW
4b8144ac40 refactor(arch): split database.js into migrations + connection module (#57) 
- database.js: 292→42 lines (connection + async helpers only)
- 001_initial_schema.js: 7 CREATE TABLE statements in transaction
- 002_add_columns.js: 5 ALTER TABLE checks with checkColumnExists
- 003_add_indexes.js: 6 CREATE INDEX statements
- runner.js: versioned migration runner with _meta table
- index.js: calls runMigrations() + cleanUpInvalidForeignKeys()
- ALLOWED_TABLES whitelist preserved in runner.js
- Schema version tracked in _meta table for idempotent runs
 2026-06-17 22:28:11 +01:00
NW
2e8b6b5659 fix: add isAdmin delegate method to AdminHandler, fix exportCSV call in adminWalletsHandler 
- AdminHandler.isAdmin() static method delegates to middleware/auth.js
  (index.js calls adminHandler.isAdmin() which needs a class method)
- adminWalletsHandler: this.exportCSV() → this.handleExportCSV(callbackQuery)
  (exportCSV doesn't exist, handleExportCSV is the correct method)
 2026-06-17 22:19:40 +01:00
NW
68d83807ad refactor(arch): Phase 2 — deduplicate isAdmin, convertToUsd, getBaseWalletType 
- #54: Extract isAdmin() to src/middleware/auth.js, remove duplicates from 7 admin handlers
- #55: Add WalletUtils.convertToUsd(), replace 8 switch-case blocks across 4 files
- #56: Unify getBaseWalletType() — keep only WalletUtils version (most complete),
  remove duplicates from Wallet.js and userWalletsHandler.js

New file: src/middleware/auth.js
Net: -215 lines, +80 lines

Closes: #54, #55, #56
 2026-06-17 22:10:34 +01:00
NW
de415633be feat(security): Phase 1 — critical security fixes and hardening 
- #42: Remove hardcoded ENCRYPTION_KEY fallback from config.js,
  add startup validation for BOT_TOKEN and ENCRYPTION_KEY length
- #43: Fix SQL injection vulnerabilities — add ALLOWED_TABLES
  whitelist in database.js, ALLOWED_USER_FIELDS in userService.js,
  validate table names before PRAGMA
- #44: Fix race condition in purchaseService.js — wrap createPurchase
  in BEGIN IMMEDIATE TRANSACTION, add atomic balance/stock checks
- #41: Move all secrets from docker-compose.yml to .env file,
  use env_file directive
- #45: Replace MD5 tx_hash with crypto.randomUUID()
- #46: Upgrade KDF from SHA-256 to HKDF for mnemonic encryption,
  add backward compatibility for legacy format
- #47: Add input validation across all handlers — walletType
  whitelist, string length limits, numeric ID checks, price bounds

New files:
- src/utils/encryption.js (HKDF key derivation)
- src/__tests__/security.test.js (SQL injection prevention tests)

Closes: #41, #42, #43, #44, #45, #46, #47
 2026-06-17 21:52:49 +01:00
NW
d1503a0180 chore: ignore entire .kilo/ directory and all APAW config files 
- Replace partial .kilo/ entries with single .kilo/ rule (180 files)
- Keep kilo-meta.json, kilo.jsonc, AGENTS.md ignored
- Keep .architect/ and .work/ ignored
- Remove duplicate .architect/maps/.work/ entry
 2026-06-17 21:12:44 +01:00
NW
e56326fdd6 chore: add Kilo Code files to .gitignore 
- Add .kilo/worktrees/, .kilo/milestone-*, .kilo/session-handoff.md
- Add .kilo/evolution-test-issue.md, .kilo/node_modules/
- Add kilo-meta.json, kilo.jsonc, AGENTS.md (project-level Kilo files)
- Add .architect/ directory (except state.json and project.json)
- Keep existing .kilo/logs/, .kilo/reports/ entries
 2026-06-17 21:10:38 +01:00
NW
7e0839d8cd chore: add .env.example template and expand .gitignore for secrets 
- Add .env.example with all config vars (no real secrets)
- Exclude .env, .env.*, docker-compose.override.yml
- Exclude wg/ (WireGuard configs with private keys)
- Exclude dump/, dump.zip, *.csv (sensitive exports)
- Keep .env.example tracked (!.env.example exception)
 2026-06-17 20:32:26 +01:00
NW
2f3459b670 mart litle update 2025-03-06 16:13:11 +00:00
NW
0c10772261 Update Start Process 2025-03-02 11:21:35 +00:00
NW
c8b6e3ceb3 litle update 2025-02-05 16:40:00 +00:00
NW
23b7f8b4bd big update WG-TOR bot connecting 2025-02-03 09:43:25 +00:00
NW
633a27164b upgrade comission wallet function 2025-01-26 22:21:13 +00:00
NW
25c74342f9 package lock file recreate 2025-01-25 13:37:03 +00:00
NW
ae1cd45aea create functional commission 2025-01-25 13:35:22 +00:00
NW
5ec8267253 Удалить package-lock.json 2025-01-25 13:34:33 +00:00
NW
79ee8b90f0 Добавить package-lock.json 2025-01-25 13:27:14 +00:00
NW
3a58b73112 update package 2025-01-25 09:31:56 +00:00
NW
fa09e81ddf crypto mnemonic case 2025-01-25 01:13:10 +00:00
NW
24aebd0bcf update packege file 2025-01-24 18:45:35 +00:00
NW
fcd89bc345 update calculate user balance in admin section 2025-01-09 20:13:45 +00:00
NW
dd18e74529 update calculate user balance 2025-01-09 20:07:44 +00:00
NW
f9356c6bbe update user purchase list 2025-01-09 13:25:35 +00:00
NW
18647091cf minor edits to aesthetics and functionality 2025-01-08 18:26:50 +00:00
NW
5ae148a2ba update planned wallets function 2025-01-08 16:20:43 +00:00
NW
66f5251795 update check ETH USDT USDC balance function 2025-01-08 12:01:02 +00:00
NW
e64f185eda separate wallet ETH USDT USDC 2025-01-02 19:31:28 +00:00
NW
22f76c64a6 delet TRON wallet type 2025-01-02 16:19:39 +00:00
NW
c9bcb09221 udpdate wallet function 2024-12-24 09:19:14 +00:00
NW
3129525a1e update user and admin wallet function 2024-12-23 20:44:56 +00:00
NW
a970a188db new user registration function 2024-12-18 19:46:29 +00:00
NW
b224b3f331 update UserService 2024-12-18 16:16:41 +00:00
NW
bfb9a55e36 update viev balance 2024-12-17 00:19:53 +00:00
NW
4aebb4e41b update user info page 2024-12-17 00:05:59 +00:00
NW
a575f75faf user catalog navigation upgrade 2024-12-16 23:56:09 +00:00
NW
21465022b3 whallets upgrade function 2024-12-16 23:43:44 +00:00
NW
d51bc9f0b9 User start registration update function 2024-12-16 12:37:44 +00:00
NW
2cfa37ea86 fix bug back navigation 2024-12-15 02:04:43 +00:00
NW
9d9e0e80ad Bug update function 2024-12-14 23:12:36 +00:00
NW
682246675e update handleProductSelection 2024-12-14 15:06:22 +00:00
NW
2aea225e2e update back category 2024-12-14 15:02:50 +00:00
NW
d918de0386 docker file update 2024-12-14 13:46:03 +00:00
NW
12d29c66b9 Update DistrictSelection back button 2024-12-14 13:16:22 +00:00
NW
207b9a829c delet subcatecory viev line 2024-12-14 13:10:23 +00:00
NW
3843dcb094 Update handleBuyProduct 2024-12-14 13:07:46 +00:00
NW
eea5d9b9e7 revert 99137e4e97 
revert Update Detailed Product Viev
 2024-12-14 12:54:50 +00:00
NW
057d1536bb Check bug delet category 2024-12-14 10:47:22 +00:00
NW
99137e4e97 Update Detailed Product Viev 2024-12-14 00:37:24 +00:00
NW
a400d12d16 Delet subcategory function in handleCategorySelection 2024-12-13 18:24:24 +00:00