- Fix saveWiFiPassword to use encrypted passwords map instead of decrypted
- Fix getWiFiPassword to decrypt from encrypted storage
- Fix test expectations for migration and encryption functions
- Remove unused error variables to fix linting warnings
- All 27 tests now passing with proper encryption/decryption flow
The WiFi credentials cache feature was already implemented but had bugs
where encrypted and decrypted password maps were being mixed. This commit
ensures proper encryption is maintained throughout the storage lifecycle.
Implemented request tracking and cancellation to prevent stale API
responses from overwriting current beneficiary data.
Changes:
- Added loadingBeneficiaryIdRef to track which beneficiary is being loaded
- Added AbortController to cancel in-flight requests
- Validate beneficiary ID before applying state updates
- Cleanup on component unmount to prevent memory leaks
This fixes the issue where rapidly switching between beneficiaries
would show wrong data if slower requests completed after faster ones.
🤖 Generated with Claude Code (https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Created a centralized logger utility (src/utils/logger.js) that provides:
- Structured logging with context labels
- Log levels (ERROR, WARN, INFO, DEBUG)
- Environment-based log level control via LOG_LEVEL env variable
- Consistent timestamp and JSON data formatting
Removed console.log/error/warn statements from:
- All service files (mqtt, notifications, legacyAPI, email, storage, subscription-sync)
- All route handlers (auth, beneficiaries, deployments, webhook, admin, etc)
- Controllers (dashboard, auth, alarm)
- Database connection handler
- Main server file (index.js)
Preserved:
- Critical startup validation error for JWT_SECRET in index.js
Benefits:
- Production-ready logging that can be easily integrated with log aggregation services
- Reduced noise in production logs
- Easier debugging with structured context and data
- Configurable log levels per environment
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Created backend/src/config/constants.js to centralize all magic numbers
and configuration values used throughout the backend codebase.
Changes:
- Created constants.js with organized sections for:
- SECURITY: JWT, rate limiting, password reset
- AUTH: OTP configuration and rate limiting
- SERVER: Port, body limits, startup delays
- MQTT: Connection settings, cache limits
- NOTIFICATIONS: Push settings, quiet hours, batching
- SERIAL: Validation patterns and constraints
- EMAIL: Template settings and defaults
- CRON: Schedule configurations
- STORAGE: Avatar storage settings
- Updated files to use constants:
- index.js: JWT validation, rate limits, startup delays
- routes/auth.js: OTP generation, rate limits, JWT expiry
- services/mqtt.js: Connection timeouts, cache size
- services/notifications.js: Batch size, TTL, quiet hours
- utils/serialValidation.js: Serial number constraints
- Added comprehensive test suite (30 tests) for constants module
- All tests passing (93 total including existing tests)
- Validates reasonable values and consistency between related constants
Benefits:
- Single source of truth for configuration values
- Easier to maintain and update settings
- Better documentation of what each value represents
- Improved code readability by removing hardcoded numbers
- Testable configuration values
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed GET /auth/me and POST /auth/verify-otp endpoints to use the correct
beneficiaries table schema. Previously, these endpoints were querying for
fields like email, first_name, last_name, address_street which don't exist
in the actual beneficiaries table, causing empty/incorrect data to be returned.
Changes:
- Updated Supabase queries to fetch correct fields: name, phone, address,
avatar_url, equipment_status, created_at
- Fixed response mapping to use 'name' instead of 'first_name'/'last_name'
- Added proper equipmentStatus and hasDevices calculations
- Removed spread operator that was adding incorrect fields to response
Added comprehensive tests to verify correct schema usage and ensure
beneficiary data is returned with the proper structure.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Created comprehensive EQUIPMENT_STATUS.md documentation covering:
- All valid status values (none, ordered, shipped, delivered, demo, active)
- Database schema details
- Navigation logic based on equipment status
- hasDevices flag calculation
- Code locations for reading/setting status
- Added unit tests for equipment status mapping:
- Tests for all valid status values
- Demo serial number detection (DEMO-00000, DEMO-1234-5678)
- Real device activation
- hasDevices calculation for each status
- Default value handling (null → 'none')
- All tests passing (13/13)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change GET /api/me/deployments/:id/devices to return 400 error when legacy_deployment_id is missing
- Add error response with code 'MISSING_DEPLOYMENT_ID' and descriptive message
- Add comprehensive Jest tests for missing deployment scenarios
- Install Jest and Supertest for backend testing
- Add test scripts to package.json
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add custom_name to user_access query in both endpoints
- Compute displayName as customName || originalName
- Include customName, displayName, and originalName in response
- Ensures consistent beneficiary data format across all endpoints
Changes:
- Updated backend/src/services/mqtt.js to use LEGACY_API_USERNAME and LEGACY_API_PASSWORD from .env
- Updated services/api.ts with new robster credentials
- Added Legacy API and MQTT credentials to backend/.env.example
- MQTT service now falls back to LEGACY_API_* env vars if MQTT_* not set
This ensures all services use consistent, up-to-date credentials from environment configuration.
- setWiFi() now throws detailed errors instead of returning false
- Shows specific error messages: "WiFi credentials rejected", timeout etc.
- Added logging throughout BLE WiFi configuration flow
- Fixed WiFi network deduplication (keeps strongest signal)
- Ignore "Operation cancelled" error (normal cleanup behavior)
- BatchSetupProgress shows actual error in hint field
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add migration 010_create_notification_history.sql with indexes
- Update notifications.js to log all sent/skipped/failed notifications
- Add getNotificationHistory() function for querying history
- Add GET /api/notification-settings/history endpoint
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add comprehensive guide for migrating from .env files to Doppler:
- Step-by-step instructions for account setup
- List of all required secrets
- CLI installation for macOS/Linux
- PM2 configuration options
- Troubleshooting section
- Team access and CI/CD integration
Note: Manual setup required, not automated.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add verifyOtpLimiter: 5 attempts per 15 minutes per email/IP
- Add requestOtpLimiter: 3 attempts per 15 minutes per email/IP
- Use email as primary key, fallback to IP
- Return JSON error messages for rate limit exceeded
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Server now validates that JWT_SECRET environment variable exists
and has at least 32 characters before starting. This prevents
the server from running with weak or missing JWT secrets.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
VULN-001: Remove insecure fallback that allowed processing webhooks without
signature verification when STRIPE_WEBHOOK_SECRET was not set.
Changes:
- Add startup check that exits with error if STRIPE_WEBHOOK_SECRET is missing
- Remove JSON.parse fallback that bypassed signature verification
- Always use stripe.webhooks.constructEvent() for webhook validation
This prevents attackers from forging webhook events to manipulate
orders, subscriptions, or other payment-related data.
- Add displayName (customName || name) to BeneficiaryCard component
- Update header and MockDashboard to show customName when set
- Add custom name editing for non-custodian users (guardian/caretaker)
- Backend PATCH endpoint now supports customName updates via user_access table
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Allow users to set custom display names for their beneficiaries
(e.g., "Mom", "Dad" instead of the real name). The custom_name
is stored per-user in user_access, so different caregivers can
have different names for the same beneficiary.
Changes:
- Migration 009: Add custom_name column to user_access
- API: Return customName in GET /me/beneficiaries endpoints
- API: New PATCH /me/beneficiaries/:id/custom-name endpoint
- Types: Add customName to Beneficiary interface
- api.ts: Add updateBeneficiaryCustomName method
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Update WellNuoLite submodule with Julia AI race condition fix
- Add ultravoxService for voice call handling
- Update voice.tsx with improved call flow
- Update equipment tracking in beneficiary details
- Clean up old data files
- Add react-native-base64 type definitions
- Add debug tools
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add legacyAPI.js service for authentication and deployment management
- Add deployments.js routes for device listing
- Add FEATURE-SENSORS-SYSTEM.md spec
- Add bug report: set_deployment missing deployment_id in response
- Add test scripts for Legacy API (create_deployment, find_deployments)
- Update beneficiaries.js to return deploymentId
BUG: Legacy API set_deployment returns {"ok": 1} but does NOT return
deployment_id. Waiting for Robert to fix this before we can auto-create
deployments for new beneficiaries.
- Monitoring badge: equipment active + subscription active
- Get kit badge: user hasn't ordered equipment yet
- Equipment status badges: ordered, shipped, delivered
- No subscription warning when equipment works but no sub
- Stripe subscription caching in backend (hourly sync)
- BeneficiaryMenu with edit/share/archive/delete actions
- Added role field to Beneficiary type
- Display role (Custodian/Guardian/Caretaker) in small gray text under name
- Role comes from user_access table via API
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Redirects should only happen on the main beneficiary page (index.tsx).
Other pages (subscription, equipment, share) just show their content
without redirecting - user navigated there intentionally via menu.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- BeneficiaryMenu: dropdownItem now has width: 100%
- Increased minWidth to 180 and added overflow: hidden
- Users can now tap anywhere on the menu row, not just the text
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Created reusable BeneficiaryMenu component with Modal backdrop
- Menu closes on outside tap (proper Modal + Pressable implementation)
- Removed debug panel from subscription and beneficiary detail pages
- Fixed subscription creation and equipment status handling
- Backend improvements for Stripe integration
- Remove expires_at from SELECT queries
- Remove expiresAt from API responses
- DB change: dropped expires_at column, fixed FK to beneficiaries table
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Database:
- Simplified beneficiary schema: single `name` field instead of first_name/last_name
- Single `address` field instead of 5 separate address columns
- Added migration 008_update_notification_settings.sql
Backend:
- Updated all beneficiaries routes for new schema
- Fixed admin routes for simplified fields
- Updated notification settings routes
- Improved stripe and webhook handlers
Frontend:
- Updated all forms to use single name/address fields
- Added new equipment-status and purchase screens
- Added BeneficiaryDetailController service
- Added subscription service
- Improved navigation and auth flow
- Various UI improvements
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Move role selector (Caretaker/Guardian) above email input in Access screen
- Remove "(view only)" suffix from Caretaker role in email templates
- Remove "expires in 7 days" text from invitation emails
- Remove expires_at field from invitation creation (invitations never expire)
- Fix deletion of accepted invitations (now also removes user_access record)
- Add favicon to accept-invite.html page
- Add GET /api/invitations/info/:code endpoint to fetch role before accepting
- Show role and permissions on accept page BEFORE clicking Accept
- Simplify success page: remove permissions list, add link to wellnuo.com
- Minimalist design: light header background, logo only
- Fresh Expo React Native application setup
- Default template with standard dependencies
- Ready for voice assistant development
- Connected to Gitea development branch
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
⚠️ This is test/experimental code for API integration testing.
Do not use in production.
Includes:
- WellNuo API integration (dashboard, patient context)
- Playwright tests for API verification
- WebView component for dashboard embedding
- API documentation
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
