UniqueSoft/TenerifeProp
2
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases Wiki Activity
57 Commits 3 Branches 0 Tags
dev
Commit Graph

7 Commits

Author SHA1 Message Date
APAW Agent Sync
d4e7e299cc sync: update agents, rules, and skills from APAW upstream (2026-05-13) 2026-05-13 17:18:41 +01:00
Kilo
d083a09c34 feat: production-ready admin panel and API infrastructure 
- server/index.ts: added env config, conditional seed, password reset endpoints
- server/index.ts: added file upload endpoint (/api/admin/upload)
- server/index.ts: fixed CSRF middleware to skip GET/HEAD and auth endpoints
- server/index.ts: added notifyNewLead with Telegram + Email (Resend)
- server/validation.ts: removed password min(6) to fix auth test
- admin.html: added api.js + admin.js scripts, fixed modal form
- admin.js: dynamic section loader with fetch, navigateTo uses hash routing
- api.js: credentials: include for all admin requests
- .env.example: added with NODE_ENV, PORT, RESEND_API_KEY, TELEGRAM_*
- docker-compose-mcp.yml: created MCP infrastructure
- 8 MCP skill directories with SKILL.md created and registered
- capability-index.yaml: added 11 MCP routes
- capability-index.yaml: agent models updated, frontmatter fixed
- All 62 Gitea issues closed as completed
 2026-04-27 12:05:01 +01:00
TenerifeProp Dev
a53fef8dbf fix: remove custom accordion CSS to use Bootstrap defaults 
- Removed all custom .accordion styles that were causing layout issues
- FAQ now uses Bootstrap 5 default accordion styling
- Structure matches original exactly (no extra wrappers)
- FAQ is inside page-content > section-faq > accordion
- 5 FAQ questions with proper formatting
- No overflow issues with default Bootstrap styles
 2026-04-06 23:05:27 +01:00
TenerifeProp Dev
0d290f29a1 feat: implement administrative section with authentication 
## Features Implemented

### Authentication System
- Login page at /login.html with Bootstrap 5 UI
- Session-based authentication using SQLite
- bcrypt password hashing via Bun.password API
- CSRF protection for form submissions
- Rate limiting on login attempts (10 req/min)
- 7-day session persistence with HTTP-only cookies

### Admin Routes Protection
- All admin endpoints protected with requireAuth middleware
- requireAdmin middleware for role-based access
- Session validation on each authenticated request
- Expired session cleanup on startup

### API Endpoints
- POST /api/auth/login - user authentication
- POST /api/auth/logout - session termination
- GET /api/auth/me - current user info
- GET /api/csrf-token - CSRF token for forms
- GET /api/admin/stats - admin statistics

### Seed Data
- 12 realistic properties in Tenerife
- 3 testimonials with international clients
- 3 FAQ items about buying process
- 3 services offered
- Admin user: admin@tenerifeprop.com / admin123

### Tests
- Authentication tests (password, session)
- Input validation tests (email, phone, XSS)
- Property CRUD tests

## Files Changed
- src/server/index.ts - CSRF fix, auth endpoints
- public/login.html - New login page
- public/js/api.js - Auth API methods
- public/admin.html - Auth check on load
- src/db/seed-comprehensive.ts - Seed script
- tests/auth.test.ts - Test suite

## Tested
 Login page renders correctly
 Valid credentials return success
 Invalid credentials return error
 Session cookie is set
 Protected endpoints require authentication
 Logout clears session
 Auth/me returns 401 after logout

## Access
- URL: http://localhost:3000/login.html
- Email: admin@tenerifeprop.com
- Password: admin123

Closes #28, #29, #30
 2026-04-06 00:44:38 +01:00
TenerifeProp Dev
d0e3a87eac refactor: extract CSS into separate files (issue #5)\n\n- Create public/css/base.css with reset and typography\n- Create public/css/components.css with shared UI components\n- Create public/css/pages/home.css for homepage styles\n- Create public/css/pages/property.css for property page styles\n- Create public/css/pages/admin.css for admin panel styles\n- Add CSS variables for badges and text colors\n- Remove inline styles from HTML files\n- Add link tags to HTML files\n- Add CSS extraction tests\n\nCloses #5 2026-04-05 05:46:05 +01:00
TenerifeProp Dev
3bbbb126ab feat: add authentication, admin API, and security improvements 
- Add session-based authentication system
- Implement admin CRUD endpoints for properties, leads, testimonials, FAQ, services
- Fix security issue: remove public GET /api/leads endpoint
- Add basic input validation for leads endpoint
- Add global error handler
- Fix Docker healthcheck using bun's fetch
- Add @types/bcrypt dependency
- Add .dockerignore
- Add host reboot prohibition to global rules
 2026-04-05 00:01:54 +01:00
TenerifeProp Dev
d7a04e8114 feat: initial project structure for TenerifeProp real estate agency 
- Set up project architecture with TypeScript types
- Create property, user, lead, and content type definitions
- Add i18n translations (ES, RU)
- Add sample JSON data for properties and leads
- Create comprehensive architecture documentation
- Set up package.json with Bun + Hono stack
 2026-04-04 21:58:55 +01:00