work-club-manager

MasterMito/work-club-manager

Fork 0

Commit Graph

Author	SHA1	Message	Date
WorkClub Automation	9950185213	fix: stabilize auth-to-tenant flow and correct tenant header mapping Resolve post-login routing and tenant context issues by proxying frontend API calls, redirecting authenticated users away from /login, and hardening club loading with retries/loading guards. Align tenant identity end-to-end by returning tenantId in /api/clubs/me and sending X-Tenant-Id from cookie-backed tenantId instead of local clubId, restoring authorized tasks/shifts data access after club selection.	2026-03-06 08:01:09 +01:00
WorkClub Automation	db880b3480	feat(clubs): add Club and Member API endpoints with auto-sync Implement Task 16: Club + Member API endpoints with MemberSyncService Services: - ClubService: GetMyClubsAsync (user's clubs), GetCurrentClubAsync (tenant club) - MemberService: GetMembersAsync (list), GetMemberByIdAsync, GetCurrentMemberAsync - MemberSyncService: Auto-creates Member records from JWT on first request Middleware: - MemberSyncMiddleware: Runs after auth, calls MemberSyncService Endpoints: - GET /api/clubs/me (list user's clubs) - GET /api/clubs/current (current tenant's club) - GET /api/members (list members, RLS filtered) - GET /api/members/{id} (member detail) - GET /api/members/me (current user's membership) Tests: 14 integration tests (6 club + 8 member) - Club filtering by user membership - Multi-tenant isolation via RLS - Member auto-sync on first request - Cross-tenant access blocked - Role-based authorization Build: 0 errors, all tests compile Pattern: TypedResults, RequireAuthorization policies, TDD approach	2026-03-03 19:41:01 +01:00

Author

SHA1

Message

Date

WorkClub Automation

9950185213

fix: stabilize auth-to-tenant flow and correct tenant header mapping

Resolve post-login routing and tenant context issues by proxying frontend API
calls, redirecting authenticated users away from /login, and hardening club
loading with retries/loading guards.

Align tenant identity end-to-end by returning tenantId in /api/clubs/me and
sending X-Tenant-Id from cookie-backed tenantId instead of local clubId,
restoring authorized tasks/shifts data access after club selection.

2026-03-06 08:01:09 +01:00

WorkClub Automation

db880b3480

feat(clubs): add Club and Member API endpoints with auto-sync

Implement Task 16: Club + Member API endpoints with MemberSyncService

Services:
- ClubService: GetMyClubsAsync (user's clubs), GetCurrentClubAsync (tenant club)
- MemberService: GetMembersAsync (list), GetMemberByIdAsync, GetCurrentMemberAsync
- MemberSyncService: Auto-creates Member records from JWT on first request

Middleware:
- MemberSyncMiddleware: Runs after auth, calls MemberSyncService

Endpoints:
- GET /api/clubs/me (list user's clubs)
- GET /api/clubs/current (current tenant's club)
- GET /api/members (list members, RLS filtered)
- GET /api/members/{id} (member detail)
- GET /api/members/me (current user's membership)

Tests: 14 integration tests (6 club + 8 member)
- Club filtering by user membership
- Multi-tenant isolation via RLS
- Member auto-sync on first request
- Cross-tenant access blocked
- Role-based authorization

Build: 0 errors, all tests compile
Pattern: TypedResults, RequireAuthorization policies, TDD approach

2026-03-03 19:41:01 +01:00

2 Commits