Skip to content

Staging/demo -> main#147

Merged
basanth-p merged 240 commits into
mainfrom
staging/demo
Jun 11, 2026
Merged

Staging/demo -> main#147
basanth-p merged 240 commits into
mainfrom
staging/demo

Conversation

@basanth-p

Copy link
Copy Markdown
Collaborator

No description provided.

basanth-pedapati and others added 30 commits July 1, 2025 20:41
blogs-Profile-Dashboard
basanth-p and others added 29 commits June 9, 2026 13:05
Blockers fixed:
- Replace hand-rolled JWT signing (createServiceRoleJwt/crypto) with official
  Supabase service-role SDK client in app/api/profile/route.ts
- Sanitize .env.example — all real secrets replaced with placeholder strings;
  add SUPABASE_SERVICE_ROLE_KEY placeholder (replaces AUTH_JWT_SECRET for admin use)
- Restore .env*.example to .gitignore to prevent future secret leaks
- Add .cursor and .vscode to .gitignore (IDE configs should not be committed)

Critical fixes:
- Remove internal HTTP loopback in app/dashboard/layout.tsx;
  use direct Supabase admin client call to profiles table instead
- Remove dependency on NEXT_PUBLIC_SUPABASE_URL for server admin ops;
  server-side admin access now uses SUPABASE_SERVICE_ROLE_KEY exclusively

Both app/api/profile/route.ts and app/dashboard/layout.tsx now share the
same getAdminClient() pattern using createClient() from @supabase/supabase-js.
fix: address all security and architecture issues from PR #89 review
- Replaced `createClientComponentClient` with `createClient` across various components for improved Supabase integration.
- Added new analytics events for dashboard interactions, including `DASHBOARD_VIEWED` and `DASHBOARD_ACTION_CLICKED`.
- Updated `.env.example` to clarify PostHog host options for EU and US regions.
- Improved error handling and path sanitization in the authentication callback logic.
Resolve conflicts in dashboard layout (profiles admin check from dev)
and .env.example (combine local Supabase vars with PostHog docs).
- Replaced `createMiddlewareClient` with `createServerClient` for improved session handling.
- Enhanced cookie management by implementing custom `getAll` and `setAll` methods.
- Updated session retrieval to use `getUser` instead of `getSession` for better user context.
- Rewrite app/auth/callback/route.ts:
  - Remove duplicate createRouteHandlerClient call (was causing 500)
  - Remove response variable used before initialization
  - Initialize response before createServerClient so setAll cookies
    can write to it correctly
  - Add sanitizeNextPath() to prevent open-redirect via ?next param
  - Remove all debug console.log statements

- middleware.ts: no changes needed (already uses createServerClient
  from @supabase/ssr with getUser() — correct pattern per issue #128)

Fixes #128, closes #86
fix(auth): resolve GitHub OAuth redirect loop and 500 error [hotfix #128]
- Moved the `getAuthorName` function to a dedicated location for better readability and maintainability.
- Updated `OnboardButton` to use a ref for the Supabase client, improving performance.
- Enhanced `OnboardProfileForm` with analytics tracking for onboarding events.
- Improved PostHog initialization logic in `PostHogProvider` to prevent redundant initializations.
- Added cookie management functions in middleware to handle Supabase auth cookies more effectively.
…ItWorks

feat(landing): AboutSection + HowItWorksSection (#125)
Resolve conflicts in auth callback route and package-lock.json.
…ice role key; refactor DashboardLayout to use server Supabase client directly.
* Resolve navbar accessibility and responsive layout issues
* Refine hero section layout across supported breakpoints
* Update navbar and hero-section documentation
* Verify behavior at 375px, 768px, 1024px, 1280px, and 1440px
fix(landing): responsive QA — navbar accessibility + hero layout 375px–1440px — closes #117
- Added error tracking for onboarding failures in OnboardProfileForm.
- Updated PostHogProvider to ensure proper user identity synchronization and initialization.
- Improved session validation in submit-project page to redirect unauthenticated users.
- Documented new analytics events for onboarding failures and errors in analytics.md.
- Enhanced middleware to handle Supabase user retrieval errors more effectively.
…e client usage in profile API; enhance error handling in DashboardLayout for profile fetching; add profiles table with RLS policies in schema.sql.
Update project configuration and dependencies
…lopers-ContactUs

[Landing] ForTeams + ForDevelopers + ContactUs sections — complete the landing page (#126)
@basanth-p basanth-p merged commit f7587aa into main Jun 11, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants