- Tambah model AppConfig (key-value) ke schema + migration
- Tambah GET/PUT /api/admin/config (DEVELOPER only)
- Tambah proxy /api/proxy/desa-plus/* yang baca URL dari DB
- Hapus VITE_URL_API_DESA_PLUS dari frontend, ganti semua URL desa-plus ke relative proxy path
- Aktifkan Settings tab di /dev dengan UI untuk set URL_API_DESA_PLUS
URL desa-plus kini bisa diubah via /dev → Settings tanpa rebuild image.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add GET /api/auth/google and GET /api/auth/callback/google routes with CSRF state protection and account linking via googleId
- Add getPublicOrigin() for dynamic redirect_uri (supports reverse proxy via X-Forwarded-Proto)
- Add USER role to schema (default for new Google sign-ins), make password optional, add googleId and image fields
- Role-based redirect after login: USER → /profile, ADMIN/DEVELOPER → /dashboard
- Profile page shows pending approval alert for USER role
- Dashboard redirects USER role back to profile
- Login page shows specific error messages per OAuth error code
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Elysia.js API with session-based auth (email/password + Google OAuth),
role system (USER/ADMIN/SUPER_ADMIN), Prisma + PostgreSQL, React 19
with Mantine UI, TanStack Router, dark theme, and comprehensive test
suite (unit, integration, E2E with Lightpanda).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
