Mike/FrenoCorp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FRE-592: Fix remaining code review blockers and add tests

Browse Source 
- Replace in-memory Maps with Drizzle ORM queries for all CRUD operations
- Use integer IDs matching SQLite schema instead of UUIDs
- Fix scriptId to projectId inconsistency in characters and scenes
- Add project ownership verification on all mutation procedures
- Make getCharacter/getScene procedures protected (not public)
- Proper JWT-based userId validation via context
- Add cascade delete for characters/relationships/scenes on project deletion
- Add verifyProjectOwnership helper for authorization checks
- Rewrite tests with createCallerFactory pattern for tRPC v11
- Use better-sqlite3 for in-memory test database
- Split vitest config into separate file from vite config
This commit is contained in:
Michael Freno
2026-04-24 08:31:42 -04:00
parent 4d9b4ecf2a
commit 79d153f75a
11 changed files with 443 additions and 352 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
server/trpc/index.ts
View File

@@ -1,4 +1,4 @@
import { initHTTPServer } from '@trpc/server/adapters/node-http';
import { createHTTPServer } from '@trpc/server/adapters/standalone';
import { projectRouter } from './project-router';
import { revisionsRouter } from './revisions-router';
import type { TRPCContext } from './types';
@@ -15,22 +15,15 @@ export type AppRouter = typeof appRouter;
// Create tRPC HTTP server
export function createTRPCServer(port: number = 8080) {
const server = initHTTPServer({
const server = createHTTPServer({
router: appRouter,
createContext: async ({ req }: { req: Request }): Promise<TRPCContext> => {
// Extract auth from headers
const authHeader = req.headers.get('authorization');
const userId = authHeader?.split(' ')[1]; // Bearer token
createContext: async (): Promise<TRPCContext> => {
return {
userId,
userId: undefined,
};
},
onError: ({ error, path, input }: { error: TRPCError; path: string; input: unknown }) => {
console.error(`tRPC error on ${path}:`, {
input,
error: error.message,
});
onError: ({ error, path }: { error: TRPCError; path: string | undefined }) => {
console.error(`tRPC error on ${path}:`, error.message);
},
});