- Tambah GET /api/bugs/stats dengan summary cards & chart trend/bugs per app
- Tambah date range picker di village activity chart
- Tambah tabel Recent Activity (action + description) di village detail
- Update API graph-log-villages support dateFrom/dateTo custom range
Sebelumnya copy button mengcopy key yang sudah ter-mask dari list endpoint
Desa+ API. Sekarang klik copy fetch full key via GET /api-keys/:id lalu
salin ke clipboard.
- Debounce search input (400ms, min 3 karakter) sesuai konvensi
- Tambah filter source (QC/SYSTEM/USER) dan date range di bug-reports
- Backend /api/bugs support query param source, dateFrom, dateTo
- Update API_URLS.getBugs dengan param baru
- Hapus seafile.ts (dead code, tidak digunakan)
- Display client key and server key on Settings app cards with toggle
visibility and copy button
- Hide API keys table in Desa Mandiri Keys tab behind toggle + copy
- Add eye toggle to password inputs in Add App and Edit API Config
modals
- Backend now returns apiKey and clientApiKey in apps list endpoint
Derive status from app.active flag instead of maintenance/bugs heuristic.
Remove version, minVersion, and maintenance from list/detail response
as these are fetched separately via the grid overview endpoint.
Remove global API_KEY env var and its validation in checkAuth.
Auth via x-api-key now exclusively uses clientApiKey per-app
validated inline on POST /api/bugs.
- Tambah kolom API_KEY_DESA_PLUS di CONFIG_DEFINITIONS (ditampilkan sebagai password field)
- Proxy otomatis menyertakan X-API-Key header jika API key sudah dikonfigurasi
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Tambah model AppConfig (key-value) ke schema + migration
- Tambah GET/PUT /api/admin/config (DEVELOPER only)
- Tambah proxy /api/proxy/desa-plus/* yang baca URL dari DB
- Hapus VITE_URL_API_DESA_PLUS dari frontend, ganti semua URL desa-plus ke relative proxy path
- Aktifkan Settings tab di /dev dengan UI untuk set URL_API_DESA_PLUS
URL desa-plus kini bisa diubah via /dev → Settings tanpa rebuild image.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Mengembalikan versi aplikasi, git commit hash, branch aktif, dan 20 commit terakhir untuk memverifikasi apakah staging/production sudah terupdate.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Block inactive users on email/password login (403)
- Block inactive users on Google OAuth (redirect to account_disabled)
- Auto-logout inactive users on session check (deleteMany sessions)
- Delete sessions when user is deactivated via PATCH /api/operators/:id
- Add account_disabled error message on login page
- Show inactive indicator on users table with reactivate button
- Add createSystemLog calls to /api/admin/users role and activate endpoints
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Replace timeline view with table layout (Time, Operator, Type, Message)
- Add date range filter using @mantine/dates DatePickerInput
- Add SegmentedControl for log type filter
- Disable App Logs and Settings menu on /dev
- Remove Activity Logs menu from /dev (moved to /logs)
- Add dateFrom/dateTo query params to /api/logs backend
- Import @mantine/dates/styles.css to fix datepicker styling
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add GET /api/auth/google and GET /api/auth/callback/google routes with CSRF state protection and account linking via googleId
- Add getPublicOrigin() for dynamic redirect_uri (supports reverse proxy via X-Forwarded-Proto)
- Add USER role to schema (default for new Google sign-ins), make password optional, add googleId and image fields
- Role-based redirect after login: USER → /profile, ADMIN/DEVELOPER → /dashboard
- Profile page shows pending approval alert for USER role
- Dashboard redirects USER role back to profile
- Login page shows specific error messages per OAuth error code
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Upload hingga 3 gambar per bug report (FileInput multi-select)
- Backend: POST /api/upload/image → MinIO, GET /api/bugs/images → presigned URL redirect
- Auto-create bucket jika belum ada saat server start
- Preview gambar fullscreen saat thumbnail diklik
- Diterapkan di /bug-reports dan /apps/$appId/errors
- Migrasi storage dari Seafile ke MinIO (minio SDK v8)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- tambah Elysia Swagger di /docs dengan deskripsi lengkap semua endpoint
- tambah API key auth (X-API-Key) untuk klien eksternal di POST /api/bugs
- tambah normalisasi BugSource: SYSTEM/USER untuk eksternal, QC/SYSTEM/USER untuk dashboard
- perbaiki source schema jadi optional string agar tidak reject nilai unknown dari klien lama
- hapus field status dari form create bug (selalu OPEN)
- perbaiki typo desa_plus → appId di apps.$appId.errors.tsx
- tambah toggle hide/show stack trace di bug-reports.tsx dan apps.$appId.errors.tsx
- perbaiki grafik desa (width(-1)/height(-1)) dengan minWidth: 0 pada grid item
- perbaiki error &[data-active] inline style di DashboardLayout → pindah ke CSS class
- update CLAUDE.md dengan arsitektur lengkap
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Elysia.js API with session-based auth (email/password + Google OAuth),
role system (USER/ADMIN/SUPER_ADMIN), Prisma + PostgreSQL, React 19
with Mantine UI, TanStack Router, dark theme, and comprehensive test
suite (unit, integration, E2E with Lightpanda).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
