npm - @nexttylabs/echo - Versions diffs - 0.2.0 - Mend

@nexttylabs/echo 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (579) hide show

package/.changeset/README.md +21 -0
package/.changeset/config.json +11 -0
package/.changeset/cozy-ghosts-care.md +5 -0
package/.changeset/sharp-lines-stand.md +5 -0
package/.changeset/sour-doodles-eat.md +5 -0
package/.changeset/tender-moose-shop.md +5 -0
package/.github/pull_request_template.md +13 -0
package/.github/workflows/ci.yml +41 -0
package/.github/workflows/publish.yml +44 -0
package/.github/workflows/release.yml +73 -0
package/AGENTS.md +92 -0
package/CHANGELOG.md +13 -0
package/Dockerfile +57 -0
package/LICENSE +661 -0
package/Makefile +77 -0
package/README.md +198 -0
package/app/(auth)/login/page.tsx +53 -0
package/app/(auth)/register/page.tsx +48 -0
package/app/(auth)/sign-in/page.tsx +22 -0
package/app/(dashboard)/admin/feedback/[id]/edit/page.tsx +103 -0
package/app/(dashboard)/admin/feedback/[id]/page.tsx +154 -0
package/app/(dashboard)/admin/feedback/new/page.tsx +91 -0
package/app/(dashboard)/admin/feedback/page.tsx +81 -0
package/app/(dashboard)/admin/layout.tsx +48 -0
package/app/(dashboard)/analytics/portal/page.tsx +30 -0
package/app/(dashboard)/dashboard/page.tsx +133 -0
package/app/(dashboard)/layout.tsx +69 -0
package/app/(dashboard)/no-access/page.tsx +45 -0
package/app/(dashboard)/settings/access/page.tsx +56 -0
package/app/(dashboard)/settings/api-keys/page.tsx +55 -0
package/app/(dashboard)/settings/appearance/page.tsx +40 -0
package/app/(dashboard)/settings/branding/page.tsx +62 -0
package/app/(dashboard)/settings/changelog/page.tsx +51 -0
package/app/(dashboard)/settings/danger-zone/page.tsx +92 -0
package/app/(dashboard)/settings/feedback/page.tsx +63 -0
package/app/(dashboard)/settings/integrations/page.tsx +94 -0
package/app/(dashboard)/settings/layout.tsx +43 -0
package/app/(dashboard)/settings/modules/page.tsx +54 -0
package/app/(dashboard)/settings/notifications/page.tsx +48 -0
package/app/(dashboard)/settings/organization/page.tsx +104 -0
package/app/(dashboard)/settings/organization/portal/access/page.tsx +22 -0
package/app/(dashboard)/settings/organization/portal/experience/page.tsx +22 -0
package/app/(dashboard)/settings/organization/portal/growth/page.tsx +22 -0
package/app/(dashboard)/settings/organization/portal/layout.tsx +24 -0
package/app/(dashboard)/settings/organization/portal/page.tsx +22 -0
package/app/(dashboard)/settings/organizations/[orgId]/members/page.tsx +69 -0
package/app/(dashboard)/settings/organizations/new/page.tsx +36 -0
package/app/(dashboard)/settings/page.tsx +22 -0
package/app/(dashboard)/settings/portal-access/page.tsx +53 -0
package/app/(dashboard)/settings/portal-branding/page.tsx +59 -0
package/app/(dashboard)/settings/portal-growth/page.tsx +57 -0
package/app/(dashboard)/settings/portal-modules/page.tsx +49 -0
package/app/(dashboard)/settings/portal-resources/page.tsx +66 -0
package/app/(dashboard)/settings/profile/page.tsx +48 -0
package/app/(dashboard)/settings/widgets/page.tsx +63 -0
package/app/(public)/[organizationSlug]/changelog/page.tsx +109 -0
package/app/(public)/[organizationSlug]/feedback/[id]/page.tsx +146 -0
package/app/(public)/[organizationSlug]/page.tsx +160 -0
package/app/(public)/[organizationSlug]/roadmap/page.tsx +142 -0
package/app/(public)/docs/page.tsx +48 -0
package/app/(public)/feedback/[id]/not-found.tsx +33 -0
package/app/(public)/feedback/[id]/page.tsx +102 -0
package/app/(public)/invite/[token]/page.tsx +121 -0
package/app/(public)/page.tsx +22 -0
package/app/(public)/widget/[organizationId]/page.tsx +122 -0
package/app/api/_utils.ts +29 -0
package/app/api/admin/backup/route.ts +72 -0
package/app/api/api-keys/[keyId]/route.ts +92 -0
package/app/api/api-keys/route.ts +116 -0
package/app/api/auth/[...all]/route.ts +21 -0
package/app/api/auth/clear-session/route.ts +43 -0
package/app/api/auth/register/handler.ts +176 -0
package/app/api/auth/register/route.ts +26 -0
package/app/api/docs/route.ts +28 -0
package/app/api/feedback/[id]/comments/[commentId]/route.ts +105 -0
package/app/api/feedback/[id]/comments/route.ts +421 -0
package/app/api/feedback/[id]/duplicates/route.ts +285 -0
package/app/api/feedback/[id]/handler.ts +91 -0
package/app/api/feedback/[id]/processing-status/route.ts +199 -0
package/app/api/feedback/[id]/reclassify/route.ts +145 -0
package/app/api/feedback/[id]/route.ts +511 -0
package/app/api/feedback/[id]/suggest-tags/route.ts +227 -0
package/app/api/feedback/[id]/sync-github/route.ts +52 -0
package/app/api/feedback/[id]/vote/route.ts +431 -0
package/app/api/feedback/bulk/route.ts +212 -0
package/app/api/feedback/handler.ts +138 -0
package/app/api/feedback/route.ts +298 -0
package/app/api/feedback/similar/route.ts +100 -0
package/app/api/health/route.test.ts +64 -0
package/app/api/health/route.ts +92 -0
package/app/api/identify/jwt/route.ts +29 -0
package/app/api/integrations/github/route.ts +196 -0
package/app/api/internal/domain-lookup/route.ts +67 -0
package/app/api/invitations/accept/handler.ts +101 -0
package/app/api/invitations/accept/route.ts +29 -0
package/app/api/notifications/preferences/route.ts +109 -0
package/app/api/organizations/[orgId]/handler.ts +123 -0
package/app/api/organizations/[orgId]/invitations/handler.ts +121 -0
package/app/api/organizations/[orgId]/invitations/route.ts +29 -0
package/app/api/organizations/[orgId]/members/[memberId]/handler.ts +208 -0
package/app/api/organizations/[orgId]/members/[memberId]/route.ts +30 -0
package/app/api/organizations/[orgId]/members/handler.ts +77 -0
package/app/api/organizations/[orgId]/members/route.ts +29 -0
package/app/api/organizations/[orgId]/route.ts +30 -0
package/app/api/organizations/handler.ts +97 -0
package/app/api/organizations/route.ts +29 -0
package/app/api/tags/sync/route.ts +88 -0
package/app/api/upload/handler.ts +79 -0
package/app/api/upload/route.ts +37 -0
package/app/api/v1/feedback/[id]/route.ts +276 -0
package/app/api/v1/feedback/route.ts +250 -0
package/app/api/v1/spec/route.ts +356 -0
package/app/api/webhooks/[webhookId]/route.ts +213 -0
package/app/api/webhooks/github/route.ts +158 -0
package/app/api/webhooks/route.ts +143 -0
package/app/favicon.ico +0 -0
package/app/globals.css +139 -0
package/app/health/route.ts +108 -0
package/app/layout.tsx +60 -0
package/bun.lock +2503 -0
package/components/api/rate-limit-info.tsx +86 -0
package/components/api-keys/api-key-manager.tsx +262 -0
package/components/auth/login-form.tsx +207 -0
package/components/auth/register-form.tsx +230 -0
package/components/comment/comment-form.tsx +111 -0
package/components/comment/internal-notes.tsx +219 -0
package/components/comment/public-comments.tsx +387 -0
package/components/component-example-client-only.tsx +29 -0
package/components/component-example.tsx +519 -0
package/components/dashboard/index.ts +22 -0
package/components/dashboard/organization-switcher.tsx +96 -0
package/components/dashboard/quick-actions.tsx +57 -0
package/components/dashboard/recent-feedback-list.tsx +152 -0
package/components/dashboard/stats-cards.tsx +88 -0
package/components/dashboard/status-chart.tsx +106 -0
package/components/example.tsx +70 -0
package/components/feedback/attachment-list.tsx +103 -0
package/components/feedback/auto-classification-badge.tsx +92 -0
package/components/feedback/classification-override.tsx +64 -0
package/components/feedback/duplicate-suggestions-inline.tsx +158 -0
package/components/feedback/duplicate-suggestions.tsx +188 -0
package/components/feedback/embedded-feedback-form.tsx +439 -0
package/components/feedback/feedback-actions.tsx +160 -0
package/components/feedback/feedback-bulk-actions.tsx +184 -0
package/components/feedback/feedback-detail-view.tsx +321 -0
package/components/feedback/feedback-detail.tsx +305 -0
package/components/feedback/feedback-edit-form.tsx +131 -0
package/components/feedback/feedback-filters.tsx +222 -0
package/components/feedback/feedback-list-controls.tsx +433 -0
package/components/feedback/feedback-list-item.tsx +298 -0
package/components/feedback/feedback-list-skeleton.tsx +49 -0
package/components/feedback/feedback-list.tsx +523 -0
package/components/feedback/feedback-sorter.tsx +117 -0
package/components/feedback/feedback-stats.tsx +124 -0
package/components/feedback/file-upload.tsx +289 -0
package/components/feedback/processing-status.tsx +161 -0
package/components/feedback/status-history.tsx +134 -0
package/components/feedback/status-selector.tsx +153 -0
package/components/feedback/submit-on-behalf-form.tsx +403 -0
package/components/feedback/tag-suggestions.tsx +212 -0
package/components/feedback/vote-button.tsx +113 -0
package/components/feedback/vote-list.tsx +108 -0
package/components/integrations/github-config.tsx +200 -0
package/components/landing/hero.tsx +150 -0
package/components/layout/dashboard-layout.tsx +59 -0
package/components/layout/index.ts +20 -0
package/components/layout/language-switcher.tsx +129 -0
package/components/layout/mobile-sidebar.tsx +66 -0
package/components/layout/sidebar.tsx +279 -0
package/components/portal/changelog-entry.tsx +132 -0
package/components/portal/changelog-list.tsx +85 -0
package/components/portal/contributor-badge.tsx +29 -0
package/components/portal/contributors-sidebar.tsx +98 -0
package/components/portal/create-post-dialog.tsx +247 -0
package/components/portal/feedback-board.tsx +205 -0
package/components/portal/feedback-post-card.tsx +198 -0
package/components/portal/help-center.tsx +169 -0
package/components/portal/leaderboard.tsx +29 -0
package/components/portal/portal-header.tsx +153 -0
package/components/portal/portal-layout.tsx +62 -0
package/components/portal/portal-modules-panel.tsx +118 -0
package/components/portal/portal-nav.tsx +59 -0
package/components/portal/portal-overview.tsx +174 -0
package/components/portal/portal-settings-nav.tsx +62 -0
package/components/portal/portal-settings-shell.tsx +71 -0
package/components/portal/portal-shell.tsx +62 -0
package/components/portal/portal-tab-nav.tsx +77 -0
package/components/portal/project-switcher.tsx +20 -0
package/components/portal/roadmap-board.tsx +82 -0
package/components/portal/roadmap-card.tsx +76 -0
package/components/portal/roadmap-column.tsx +78 -0
package/components/portal/settings-forms/access-form.tsx +194 -0
package/components/portal/settings-forms/copy-form.tsx +95 -0
package/components/portal/settings-forms/index.ts +23 -0
package/components/portal/settings-forms/languages-form.tsx +223 -0
package/components/portal/settings-forms/seo-form.tsx +156 -0
package/components/portal/settings-forms/sharing-form.tsx +155 -0
package/components/portal/settings-forms/theme-form.tsx +104 -0
package/components/settings/api-keys-list.tsx +167 -0
package/components/settings/appearance-form.tsx +71 -0
package/components/settings/index.ts +25 -0
package/components/settings/invite-member-form.tsx +119 -0
package/components/settings/notification-preferences.tsx +174 -0
package/components/settings/organization-form.tsx +165 -0
package/components/settings/organization-members-list.tsx +197 -0
package/components/settings/profile-form.tsx +124 -0
package/components/settings/role-selector.tsx +57 -0
package/components/settings/settings-sidebar.tsx +115 -0
package/components/shared/pagination.tsx +215 -0
package/components/ui/alert-dialog.tsx +201 -0
package/components/ui/alert.tsx +75 -0
package/components/ui/avatar.tsx +126 -0
package/components/ui/badge.tsx +62 -0
package/components/ui/button.tsx +77 -0
package/components/ui/card.tsx +111 -0
package/components/ui/combobox.tsx +311 -0
package/components/ui/dialog.tsx +158 -0
package/components/ui/dropdown-menu.tsx +272 -0
package/components/ui/field.tsx +256 -0
package/components/ui/input-group.tsx +164 -0
package/components/ui/input.tsx +36 -0
package/components/ui/label.tsx +41 -0
package/components/ui/pagination.tsx +142 -0
package/components/ui/select.tsx +202 -0
package/components/ui/separator.tsx +45 -0
package/components/ui/sheet.tsx +151 -0
package/components/ui/skeleton.tsx +32 -0
package/components/ui/switch.tsx +49 -0
package/components/ui/table.tsx +118 -0
package/components/ui/tabs.tsx +107 -0
package/components/ui/textarea.tsx +35 -0
package/components/ui/tooltip.tsx +78 -0
package/components/widget/widget-form.tsx +439 -0
package/components.json +24 -0
package/db/init/01-init.sql +13 -0
package/docker-compose.dev.yml +26 -0
package/docker-compose.yml +98 -0
package/docs/architecture.md +259 -0
package/docs/component-inventory.md +261 -0
package/docs/database-migrations.md +76 -0
package/docs/development-guide.md +209 -0
package/docs/e2e-user-flows.csv +31 -0
package/docs/er-diagram-feedback.mmd +138 -0
package/docs/er-diagram.mmd +281 -0
package/docs/i18n-check-report.md +296 -0
package/docs/index.md +214 -0
package/docs/logic-chain.md +94 -0
package/docs/plans/2026-01-02-database-migration-scripts.md +496 -0
package/docs/plans/2026-01-02-user-login-design.md +37 -0
package/docs/plans/2026-01-02-user-login.md +437 -0
package/docs/plans/2026-01-02-user-registration-design.md +47 -0
package/docs/plans/2026-01-02-user-registration.md +628 -0
package/docs/plans/2026-01-03-roles-permissions-design.md +20 -0
package/docs/plans/2026-01-03-roles-permissions.md +266 -0
package/docs/plans/2026-01-05-authentication-middleware.md +207 -0
package/docs/plans/2026-01-05-member-removal.md +186 -0
package/docs/plans/2026-01-05-organization-creation.md +374 -0
package/docs/plans/2026-01-05-rbac-middleware.md +112 -0
package/docs/plans/2026-01-05-role-configuration.md +441 -0
package/docs/plans/2026-01-06-file-upload-support.md +804 -0
package/docs/plans/2026-01-06-permission-check-hook.md +155 -0
package/docs/plans/2026-01-06-resource-ownership-check.md +231 -0
package/docs/plans/2026-01-07-feedback-tracking-link.md +459 -0
package/docs/plans/2026-01-09-logout-redirect-design.md +52 -0
package/docs/plans/2026-01-09-phase2-3-plan.md +654 -0
package/docs/plans/2026-01-09-portal-execution-plan.md +408 -0
package/docs/plans/2026-01-09-project-delete-feature-design.md +163 -0
package/docs/plans/2026-01-09-project-delete-implementation.md +451 -0
package/docs/plans/2026-01-09-project-edit-delete-design.md +52 -0
package/docs/plans/2026-01-09-settings-center-design.md +114 -0
package/docs/plans/2026-01-09-settings-center.md +948 -0
package/docs/plans/2026-01-10-organization-only-design.md +66 -0
package/docs/plans/2026-01-10-organization-only-implementation.md +433 -0
package/docs/plans/2026-01-10-portal-settings-restructure-plan.md +18 -0
package/docs/plans/2026-01-10-project-settings-tabs-design-implementation.md +296 -0
package/docs/plans/2026-01-14-e2e-playwright-feedback.md +173 -0
package/docs/plans/2026-01-15-feedback-management-org-context-design.md +82 -0
package/docs/plans/2026-01-15-feedback-management-org-context-implementation-plan.md +521 -0
package/docs/plans/2026-01-16-admin-feedback-filters-design.md +75 -0
package/docs/plans/2026-01-16-admin-feedback-filters-implementation.md +293 -0
package/docs/plans/2026-01-16-admin-feedback-route-consolidation.md +180 -0
package/docs/plans/2026-01-16-e2e-test-fixes.md +158 -0
package/docs/plans/2026-01-17-admin-feedback-filters.md +214 -0
package/docs/plans/2026-01-17-admin-feedback-improvements.md +453 -0
package/docs/plans/2026-01-18-changesets-design.md +40 -0
package/docs/product_changes.md +37 -0
package/docs/project-overview.md +159 -0
package/docs/project-scan-report.json +104 -0
package/docs/route-role-visibility.md +51 -0
package/docs/source-tree-analysis.md +150 -0
package/docs/testing/delete-project-manual-tests.md +18 -0
package/docs/user-story-tracking.md +191 -0
package/drizzle.config.ts +32 -0
package/eslint.config.mjs +19 -0
package/hooks/use-permissions.ts +56 -0
package/i18n/config.ts +45 -0
package/i18n/request.ts +28 -0
package/i18n/resolve-locale.ts +38 -0
package/lib/api/errors.ts +62 -0
package/lib/auth/cli-config.ts +35 -0
package/lib/auth/client.ts +20 -0
package/lib/auth/config.ts +55 -0
package/lib/auth/jwt-identity.ts +21 -0
package/lib/auth/org-context.ts +71 -0
package/lib/auth/organization.ts +107 -0
package/lib/auth/permissions.ts +87 -0
package/lib/auth/session.ts +23 -0
package/lib/config/rate-limits.ts +64 -0
package/lib/dashboard/get-dashboard-stats.ts +136 -0
package/lib/db/index.ts +41 -0
package/lib/db/migrate.test.ts +49 -0
package/lib/db/migrate.ts +62 -0
package/lib/db/migrations/.gitkeep +0 -0
package/lib/db/migrations/0000_cynical_gladiator.sql +53 -0
package/lib/db/migrations/0001_wandering_sunfire.sql +27 -0
package/lib/db/migrations/0002_shallow_speedball.sql +1 -0
package/lib/db/migrations/0003_add_org_description.sql +1 -0
package/lib/db/migrations/0003_boring_wild_pack.sql +13 -0
package/lib/db/migrations/0004_windy_tyrannus.sql +27 -0
package/lib/db/migrations/0005_perpetual_doorman.sql +5 -0
package/lib/db/migrations/0006_aberrant_captain_midlands.sql +13 -0
package/lib/db/migrations/0007_clever_captain_cross.sql +14 -0
package/lib/db/migrations/0008_sparkling_pandemic.sql +2 -0
package/lib/db/migrations/0009_happy_black_tom.sql +29 -0
package/lib/db/migrations/0010_kind_junta.sql +8 -0
package/lib/db/migrations/0011_mute_squadron_supreme.sql +25 -0
package/lib/db/migrations/0012_giant_power_man.sql +24 -0
package/lib/db/migrations/0013_damp_titanium_man.sql +17 -0
package/lib/db/migrations/0014_blue_alice.sql +18 -0
package/lib/db/migrations/0015_webhook_tables.sql +41 -0
package/lib/db/migrations/0016_github_integration.sql +30 -0
package/lib/db/migrations/0016_overjoyed_ghost_rider.sql +22 -0
package/lib/db/migrations/0017_slimy_inhumans.sql +6 -0
package/lib/db/migrations/0018_same_spitfire.sql +1 -0
package/lib/db/migrations/0019_jittery_loners.sql +16 -0
package/lib/db/migrations/0019_remove_projects_add_org_settings.sql +14 -0
package/lib/db/migrations/meta/0000_snapshot.json +374 -0
package/lib/db/migrations/meta/0001_snapshot.json +553 -0
package/lib/db/migrations/meta/0002_snapshot.json +560 -0
package/lib/db/migrations/meta/0003_snapshot.json +650 -0
package/lib/db/migrations/meta/0004_snapshot.json +852 -0
package/lib/db/migrations/meta/0005_snapshot.json +900 -0
package/lib/db/migrations/meta/0006_snapshot.json +1011 -0
package/lib/db/migrations/meta/0007_snapshot.json +1125 -0
package/lib/db/migrations/meta/0008_snapshot.json +1146 -0
package/lib/db/migrations/meta/0009_snapshot.json +1386 -0
package/lib/db/migrations/meta/0010_snapshot.json +1419 -0
package/lib/db/migrations/meta/0011_snapshot.json +1615 -0
package/lib/db/migrations/meta/0012_snapshot.json +1805 -0
package/lib/db/migrations/meta/0013_snapshot.json +1948 -0
package/lib/db/migrations/meta/0014_snapshot.json +2082 -0
package/lib/db/migrations/meta/0015_snapshot.json +2476 -0
package/lib/db/migrations/meta/0016_snapshot.json +2633 -0
package/lib/db/migrations/meta/0017_snapshot.json +2680 -0
package/lib/db/migrations/meta/0018_snapshot.json +2686 -0
package/lib/db/migrations/meta/0019_snapshot.json +2741 -0
package/lib/db/migrations/meta/_journal.json +146 -0
package/lib/db/schema/ai-processing.ts +90 -0
package/lib/db/schema/api-keys.ts +61 -0
package/lib/db/schema/attachments.ts +48 -0
package/lib/db/schema/auth.ts +111 -0
package/lib/db/schema/comments.ts +74 -0
package/lib/db/schema/duplicates.ts +80 -0
package/lib/db/schema/feedback.ts +88 -0
package/lib/db/schema/github-integrations.ts +66 -0
package/lib/db/schema/index.ts +35 -0
package/lib/db/schema/invitations.ts +32 -0
package/lib/db/schema/notifications.ts +85 -0
package/lib/db/schema/organization-members.ts +37 -0
package/lib/db/schema/organization-settings.ts +134 -0
package/lib/db/schema/organizations.ts +30 -0
package/lib/db/schema/projects.ts +145 -0
package/lib/db/schema/status-history.ts +63 -0
package/lib/db/schema/tags.ts +194 -0
package/lib/db/schema/user-profiles.ts +31 -0
package/lib/db/schema/votes.ts +60 -0
package/lib/db/schema/webhooks.ts +106 -0
package/lib/feedback/filters.ts +28 -0
package/lib/feedback/find-similar.ts +49 -0
package/lib/feedback/get-feedback-by-id.ts +159 -0
package/lib/feedback/prefill.ts +51 -0
package/lib/http/get-request-url.ts +28 -0
package/lib/integrations/github.ts +159 -0
package/lib/invitations.ts +22 -0
package/lib/logger.test.ts +31 -0
package/lib/logger.ts +58 -0
package/lib/middleware/api-key.ts +126 -0
package/lib/middleware/rate-limit-keys.ts +47 -0
package/lib/middleware/rate-limit.ts +148 -0
package/lib/middleware/rbac.ts +39 -0
package/lib/middleware/request-id.test.ts +28 -0
package/lib/middleware/request-id.ts +30 -0
package/lib/middleware/request-logger.test.ts +36 -0
package/lib/middleware/request-logger.ts +41 -0
package/lib/middleware/with-rate-limit.ts +33 -0
package/lib/portal/analytics.ts +20 -0
package/lib/portal/contributors.ts +27 -0
package/lib/portal/i18n.ts +20 -0
package/lib/portal/leaderboard-settings.ts +20 -0
package/lib/portal/modules.ts +20 -0
package/lib/portal/portal-copy.ts +20 -0
package/lib/portal/public-context.tsx +110 -0
package/lib/portal/seo.ts +20 -0
package/lib/portal/settings-context.ts +56 -0
package/lib/portal/sharing.ts +20 -0
package/lib/portal/sorting.ts +20 -0
package/lib/portal/theme.ts +20 -0
package/lib/services/ai/classifier.ts +296 -0
package/lib/services/ai/duplicate-detector.ts +255 -0
package/lib/services/ai/tag-suggester.ts +108 -0
package/lib/services/api-keys.ts +164 -0
package/lib/services/backup.ts +173 -0
package/lib/services/email/templates.ts +158 -0
package/lib/services/email.ts +68 -0
package/lib/services/github-sync.ts +205 -0
package/lib/services/notifications/index.ts +224 -0
package/lib/services/portal-settings.ts +157 -0
package/lib/swagger/config.ts +296 -0
package/lib/swagger/generate.ts +400 -0
package/lib/upload/file-validator.ts +52 -0
package/lib/upload/storage.ts +59 -0
package/lib/utils/format.ts +26 -0
package/lib/utils/slug.ts +28 -0
package/lib/utils.ts +23 -0
package/lib/validations/auth.ts +56 -0
package/lib/validations/comment.ts +44 -0
package/lib/validations/feedback.ts +51 -0
package/lib/validations/invitations.ts +23 -0
package/lib/validations/organizations.ts +34 -0
package/lib/validations/projects.ts +49 -0
package/lib/validators/feedback.ts +57 -0
package/lib/validators/index.ts +18 -0
package/lib/webhooks/events.ts +73 -0
package/lib/webhooks/index.ts +21 -0
package/lib/webhooks/retry.ts +188 -0
package/lib/webhooks/sender.ts +183 -0
package/lib/webhooks/verify.ts +37 -0
package/lib/workers/feedback-processor.ts +255 -0
package/messages/en.json +965 -0
package/messages/jp.json +862 -0
package/messages/zh-CN.json +855 -0
package/next-env.d.ts +6 -0
package/next.config.ts +66 -0
package/package.json +84 -0
package/playwright.config.ts +44 -0
package/postcss.config.mjs +7 -0
package/proxy.test.ts +131 -0
package/proxy.ts +190 -0
package/public/file.svg +1 -0
package/public/globe.svg +1 -0
package/public/logo-64.svg +5 -0
package/public/logo.svg +5 -0
package/public/next.svg +1 -0
package/public/openapi.json +673 -0
package/public/uploads/.gitkeep +0 -0
package/public/uploads/02695701-ded0-4c81-8a21-9326c1d65448.pdf +1 -0
package/public/uploads/178843ea-2780-48ef-8988-f4cba442e4cb.pdf +1 -0
package/public/uploads/24b0a9ef-da93-49da-934f-637f89c7871d.pdf +1 -0
package/public/uploads/7a11626d-a8e4-4b91-a8eb-20b6213b0a5a.pdf +1 -0
package/public/uploads/b0703f4d-6e7b-4aab-8191-1a7b15f1b8ee.pdf +1 -0
package/public/uploads/c8de0aed-4d3a-44aa-83bb-6594b7a2ddb3.pdf +1 -0
package/public/uploads/e4cce295-0d85-4525-a1b0-a61c45722e26.pdf +1 -0
package/public/uploads/eb4df45e-563c-48b8-9c68-c18212312426.pdf +1 -0
package/public/vercel.svg +1 -0
package/public/widget/embed.js +249 -0
package/public/window.svg +1 -0
package/scripts/backup-db.sh +57 -0
package/scripts/backup-db.ts +24 -0
package/scripts/generate-openapi.ts +22 -0
package/scripts/migration-helper.ts +39 -0
package/scripts/pre-deploy.ts +75 -0
package/scripts/restore-db.sh +60 -0
package/scripts/rollback.ts +72 -0
package/scripts/seed-tags.ts +48 -0
package/tests/api/feedback-bulk.test.ts +47 -0
package/tests/api/feedback-by-id.test.ts +67 -0
package/tests/api/feedback-comments-route-import.test.ts +26 -0
package/tests/api/feedback-create.test.ts +71 -0
package/tests/api/feedback-delete.test.ts +160 -0
package/tests/api/feedback-filter.test.ts +250 -0
package/tests/api/feedback-list.test.ts +234 -0
package/tests/api/feedback-route-assignee-condition.test.ts +32 -0
package/tests/api/feedback-similar.test.ts +46 -0
package/tests/api/feedback-sort.test.ts +261 -0
package/tests/api/feedback-status-enum.test.ts +49 -0
package/tests/api/feedback-status-filter.test.ts +117 -0
package/tests/api/feedback-submit-on-behalf.test.ts +269 -0
package/tests/api/feedback.test.ts +175 -0
package/tests/api/identify-jwt.test.ts +25 -0
package/tests/api/invitation-accept.test.ts +213 -0
package/tests/api/organization-invitations.test.ts +186 -0
package/tests/api/organization-members-list.test.ts +79 -0
package/tests/api/organization-members.test.ts +340 -0
package/tests/api/organizations.test.ts +149 -0
package/tests/api/register.test.ts +112 -0
package/tests/api/upload.test.ts +103 -0
package/tests/api/vote.test.ts +82 -0
package/tests/app/admin-feedback-detail-page.test.tsx +25 -0
package/tests/app/admin-feedback-list-page.test.tsx +25 -0
package/tests/app/admin-feedback-new-page.test.tsx +25 -0
package/tests/app/health-route-helpers.test.ts +27 -0
package/tests/app/login-page.test.ts +26 -0
package/tests/app/portal-page.test.ts +29 -0
package/tests/app/project-portal-overview.test.tsx +25 -0
package/tests/app/widget-page-import.test.ts +25 -0
package/tests/components/create-post-dialog-defaults.test.ts +43 -0
package/tests/components/feedback/duplicate-suggestions-inline.test.tsx +27 -0
package/tests/components/feedback/embedded-feedback-form.test.tsx +96 -0
package/tests/components/feedback/feedback-detail.test.tsx +25 -0
package/tests/components/feedback/feedback-stats.test.tsx +49 -0
package/tests/components/feedback-bulk-actions.test.tsx +39 -0
package/tests/components/feedback-i18n-keys.test.ts +70 -0
package/tests/components/feedback-list-controls-compile.test.ts +25 -0
package/tests/components/feedback-list-controls.test.tsx +204 -0
package/tests/components/feedback-list-item.test.tsx +67 -0
package/tests/components/landing/hero.test.tsx +46 -0
package/tests/components/layout/language-switcher.test.tsx +25 -0
package/tests/components/layout/sidebar.test.tsx +157 -0
package/tests/components/login-form.test.ts +25 -0
package/tests/components/organization-form.test.ts +32 -0
package/tests/components/organization-switcher.test.ts +25 -0
package/tests/components/pagination.test.tsx +43 -0
package/tests/components/portal-overview.test.tsx +25 -0
package/tests/components/profile-form.test.tsx +139 -0
package/tests/components/role-selector.test.ts +31 -0
package/tests/components/status-chart.test.tsx +90 -0
package/tests/e2e/auth.e2e.ts +323 -0
package/tests/e2e/feedback-actions.e2e.ts +471 -0
package/tests/e2e/feedback-attachment.e2e.ts +168 -0
package/tests/e2e/feedback-customer.e2e.ts +226 -0
package/tests/e2e/feedback-management.e2e.ts +565 -0
package/tests/e2e/feedback-submit.e2e.ts +133 -0
package/tests/e2e/feedback-view.e2e.ts +297 -0
package/tests/e2e/fixtures/test-data.ts +235 -0
package/tests/e2e/health-check.e2e.ts +230 -0
package/tests/e2e/helpers/test-utils-helpers.test.ts +43 -0
package/tests/e2e/helpers/test-utils.ts +298 -0
package/tests/e2e/integration-placeholders.e2e.ts +199 -0
package/tests/e2e/organization.e2e.ts +292 -0
package/tests/e2e/permissions.e2e.ts +424 -0
package/tests/e2e/project-widget.e2e.ts +63 -0
package/tests/feedback/filters.test.ts +29 -0
package/tests/hooks/use-permissions.test.ts +52 -0
package/tests/lib/ai/classifier.test.ts +104 -0
package/tests/lib/ai/duplicate-detector.test.ts +234 -0
package/tests/lib/attachments-schema.test.ts +30 -0
package/tests/lib/auth/session.test.ts +49 -0
package/tests/lib/auth-client.test.ts +37 -0
package/tests/lib/auth-config.test.ts +26 -0
package/tests/lib/feedback-prefill.test.ts +52 -0
package/tests/lib/feedback-processor.test.ts +41 -0
package/tests/lib/feedback-schema.test.ts +33 -0
package/tests/lib/file-validator.test.ts +48 -0
package/tests/lib/get-feedback-by-id.test.ts +37 -0
package/tests/lib/invitations.test.ts +35 -0
package/tests/lib/login-schema.test.ts +36 -0
package/tests/lib/org-context.test.ts +95 -0
package/tests/lib/organization-access.test.ts +44 -0
package/tests/lib/organization-member-role-schema.test.ts +41 -0
package/tests/lib/permissions.test.ts +88 -0
package/tests/lib/portal-analytics.test.ts +25 -0
package/tests/lib/portal-contributors.test.ts +25 -0
package/tests/lib/portal-copy.test.ts +27 -0
package/tests/lib/portal-i18n.test.ts +30 -0
package/tests/lib/portal-leaderboard-settings.test.ts +25 -0
package/tests/lib/portal-modules.test.ts +25 -0
package/tests/lib/portal-seo.test.ts +25 -0
package/tests/lib/portal-sharing.test.ts +25 -0
package/tests/lib/portal-sorting.test.ts +25 -0
package/tests/lib/portal-theme.test.ts +25 -0
package/tests/lib/rate-limit.test.ts +142 -0
package/tests/lib/resolve-locale.test.ts +34 -0
package/tests/lib/services/backup.test.ts +145 -0
package/tests/lib/user-organizations.test.ts +42 -0
package/tests/lib/user-role-schema.test.ts +33 -0
package/tests/lib/user-schema.test.ts +25 -0
package/tests/setup.ts +74 -0
package/tsconfig.json +34 -0
package/types/bun-test.d.ts +31 -0

package/docs/plans/2026-01-02-user-registration.md ADDED Viewed

@@ -0,0 +1,628 @@
+# User Registration Implementation Plan
+> **For Claude:** REQUIRED SUB-SKILL: Use superpowers:executing-plans to implement this plan task-by-task.
+**Goal:** Implement user registration with Better Auth (email/password), create a profile + default organization, and provide a register UI.
+**Architecture:** Better Auth owns auth tables and session cookies. Business data (profiles/organizations/members) lives in our own tables linked by userId. A custom `/api/auth/register` route validates input, calls `auth.api.signUpEmail`, then creates profile/org/member records.
+**Tech Stack:** Next.js App Router, Better Auth, Drizzle ORM, Bun, Zod, Tailwind, shadcn/ui.
+**Skills:** @superpowers:test-driven-development, @senior-frontend, @ui-styling
+---
+### Task 1: Bootstrap Better Auth + schema generation
+**Files:**
+- Modify: `package.json`
+- Create: `lib/auth/config.ts`
+- Create: `app/api/auth/[...all]/route.ts`
+- Create (generated): `lib/db/schema/auth.ts`
+- Modify: `lib/db/schema/index.ts`
+**Step 1: Add dependencies**
+Run:
+```bash
+bun add better-auth zod
+```
+Expected: deps added in `package.json` and lockfile.
+**Step 2: Create Better Auth config**
+Create `lib/auth/config.ts` (use relative imports so the Better Auth CLI can resolve modules):
+```ts
+import { betterAuth } from "better-auth";
+import { drizzleAdapter } from "better-auth/adapters/drizzle";
+import { nextCookies } from "better-auth/next-js";
+import { db } from "../db";
+if (!db) {
+  throw new Error("DATABASE_URL is not configured");
+}
+export const auth = betterAuth({
+  database: drizzleAdapter(db, {
+    provider: "pg",
+  }),
+  emailAndPassword: {
+    enabled: true,
+  },
+  plugins: [nextCookies()], // keep this last
+});
+```
+**Step 3: Mount Better Auth handler**
+Create `app/api/auth/[...all]/route.ts`:
+```ts
+import { auth } from "@/lib/auth/config";
+import { toNextJsHandler } from "better-auth/next-js";
+export const { GET, POST } = toNextJsHandler(auth);
+```
+**Step 4: Generate Better Auth Drizzle schema**
+Run:
+```bash
+bunx @better-auth/cli@latest generate --config lib/auth/config.ts --output lib/db/schema/auth.ts
+```
+Expected: a new Drizzle schema file defining Better Auth tables.
+**Step 5: Export schema for drizzle-kit**
+Update `lib/db/schema/index.ts`:
+```ts
+export * from "./auth";
+```
+**Step 6: Generate migration (no apply yet)**
+Run:
+```bash
+bun run db:generate
+```
+Expected: new SQL in `lib/db/migrations/`.
+**Step 7: Commit**
+```bash
+git add package.json bun.lockb lib/auth/config.ts app/api/auth/[...all]/route.ts lib/db/schema/auth.ts lib/db/schema/index.ts lib/db/migrations
+git commit -m "feat: add better-auth config and schema"
+```
+---
+### Task 2: Business domain schemas + slug helper
+**Files:**
+- Create: `lib/db/schema/user-profiles.ts`
+- Create: `lib/db/schema/organizations.ts`
+- Create: `lib/db/schema/organization-members.ts`
+- Modify: `lib/db/schema/index.ts`
+- Create: `lib/utils/slug.ts`
+**Step 1: Add schemas**
+Create `lib/db/schema/user-profiles.ts` (adjust `user` import based on generated auth schema name):
+```ts
+import { pgTable, text, timestamp } from "drizzle-orm/pg-core";
+import { user } from "./auth"; // update if generated export name differs
+export const userProfiles = pgTable("user_profiles", {
+  userId: text("user_id").primaryKey().references(() => user.id, { onDelete: "cascade" }),
+  name: text("name").notNull(),
+  createdAt: timestamp("created_at").defaultNow().notNull(),
+  updatedAt: timestamp("updated_at").defaultNow().notNull(),
+});
+```
+Create `lib/db/schema/organizations.ts`:
+```ts
+import { pgTable, text, timestamp } from "drizzle-orm/pg-core";
+export const organizations = pgTable("organizations", {
+  id: text("id").primaryKey(),
+  name: text("name").notNull(),
+  slug: text("slug").notNull().unique(),
+  createdAt: timestamp("created_at").defaultNow().notNull(),
+  updatedAt: timestamp("updated_at").defaultNow().notNull(),
+});
+```
+Create `lib/db/schema/organization-members.ts`:
+```ts
+import { pgTable, primaryKey, text, timestamp } from "drizzle-orm/pg-core";
+import { organizations } from "./organizations";
+import { user } from "./auth"; // update if generated export name differs
+export const organizationMembers = pgTable(
+  "organization_members",
+  {
+    organizationId: text("organization_id").notNull().references(() => organizations.id, { onDelete: "cascade" }),
+    userId: text("user_id").notNull().references(() => user.id, { onDelete: "cascade" }),
+    role: text("role").notNull(),
+    createdAt: timestamp("created_at").defaultNow().notNull(),
+  },
+  (t) => ({
+    pk: primaryKey({ columns: [t.organizationId, t.userId] }),
+  })
+);
+```
+Update `lib/db/schema/index.ts`:
+```ts
+export * from "./auth";
+export * from "./user-profiles";
+export * from "./organizations";
+export * from "./organization-members";
+```
+Create `lib/utils/slug.ts`:
+```ts
+export function generateSlug(name: string): string {
+  const base = name
+    .toLowerCase()
+    .trim()
+    .replace(/\s+/g, "-")
+    .replace(/[^\w-]/g, "")
+    .replace(/--+/g, "-");
+  const suffix = Math.random().toString(36).slice(2, 6);
+  return `${base}-${suffix}`;
+}
+```
+**Step 2: Generate migration**
+Run:
+```bash
+bun run db:generate
+```
+Expected: migration adds business tables.
+**Step 3: Commit**
+```bash
+git add lib/db/schema lib/utils/slug.ts lib/db/migrations
+git commit -m "feat: add profile and organization schemas"
+```
+---
+### Task 3: Registration API (TDD)
+**Files:**
+- Create: `lib/validations/auth.ts`
+- Create: `app/api/auth/register/handler.ts`
+- Create: `app/api/auth/register/route.ts`
+- Test: `tests/api/register.test.ts`
+**Step 1: Write failing tests**
+Create `tests/api/register.test.ts`:
+```ts
+import { describe, it, expect } from "bun:test";
+import { buildRegisterHandler } from "@/app/api/auth/register/handler";
+import { APIError } from "better-auth/api";
+const makeDeps = () => {
+  const cookiesHeader = "session=token; Path=/; HttpOnly";
+  const auth = {
+    api: {
+      signUpEmail: async () => ({
+        headers: new Headers({ "set-cookie": cookiesHeader }),
+        response: new Response(JSON.stringify({
+          user: { id: "user_1", email: "john@example.com" },
+        }))
+      })
+    }
+  };
+  const db = {
+    transaction: async (fn: (tx: any) => Promise<void>) => fn({
+      insert: () => ({ values: async () => {} })
+    })
+  };
+  return { auth, db };
+};
+describe("POST /api/auth/register", () => {
+  it("registers a user and sets cookie", async () => {
+    const handler = buildRegisterHandler(makeDeps());
+    const req = new Request("http://localhost/api/auth/register", {
+      method: "POST",
+      body: JSON.stringify({ name: "John", email: "john@example.com", password: "Password123" })
+    });
+    const res = await handler(req);
+    const json = await res.json();
+    expect(res.status).toBe(201);
+    expect(json.data.user.email).toBe("john@example.com");
+    expect(res.headers.get("set-cookie")).toContain("session=");
+  });
+  it("returns 409 when email exists", async () => {
+    const deps = makeDeps();
+    deps.auth.api.signUpEmail = async () => {
+      throw new APIError("Email exists", { status: 409 });
+    };
+    const handler = buildRegisterHandler(deps);
+    const req = new Request("http://localhost/api/auth/register", {
+      method: "POST",
+      body: JSON.stringify({ name: "John", email: "john@example.com", password: "Password123" })
+    });
+    const res = await handler(req);
+    const json = await res.json();
+    expect(res.status).toBe(409);
+    expect(json.code).toBe("EMAIL_EXISTS");
+  });
+  it("validates email and password", async () => {
+    const handler = buildRegisterHandler(makeDeps());
+    const req = new Request("http://localhost/api/auth/register", {
+      method: "POST",
+      body: JSON.stringify({ name: "John", email: "bad-email", password: "weak" })
+    });
+    const res = await handler(req);
+    const json = await res.json();
+    expect(res.status).toBe(400);
+    expect(json.code).toBe("VALIDATION_ERROR");
+  });
+});
+```
+**Step 2: Run test to verify it fails**
+Run:
+```bash
+bun test tests/api/register.test.ts
+```
+Expected: FAIL because handler/validation do not exist.
+**Step 3: Implement validation + handler**
+Create `lib/validations/auth.ts`:
+```ts
+import { z } from "zod";
+export const passwordSchema = z
+  .string()
+  .min(8, "密码至少需要 8 个字符")
+  .regex(/[A-Z]/, "密码必须包含大写字母")
+  .regex(/[a-z]/, "密码必须包含小写字母")
+  .regex(/[0-9!@#$%^&*]/, "密码必须包含数字或特殊字符");
+export const registerSchema = z.object({
+  name: z.string().min(1, "请输入您的姓名").max(100),
+  email: z.string().email("请输入有效的邮箱地址").max(255).toLowerCase(),
+  password: passwordSchema,
+});
+export type RegisterInput = z.infer<typeof registerSchema>;
+```
+Create `app/api/auth/register/handler.ts`:
+```ts
+import { NextResponse } from "next/server";
+import { randomUUID } from "crypto";
+import { APIError } from "better-auth/api";
+import { registerSchema } from "@/lib/validations/auth";
+import { generateSlug } from "@/lib/utils/slug";
+import { organizations, organizationMembers, userProfiles } from "@/lib/db/schema";
+type RegisterDeps = {
+  auth: { api: { signUpEmail: (args: any) => Promise<{ headers: Headers; response: Response }> } };
+  db: { transaction: <T>(fn: (tx: any) => Promise<T>) => Promise<T> };
+};
+export function buildRegisterHandler(deps: RegisterDeps) {
+  return async function POST(req: Request) {
+    try {
+      const body = await req.json();
+      const parsed = registerSchema.safeParse(body);
+      if (!parsed.success) {
+        return NextResponse.json(
+          {
+            error: "Invalid request body",
+            code: "VALIDATION_ERROR",
+            details: parsed.error.issues,
+          },
+          { status: 400 }
+        );
+      }
+      const { name, email, password } = parsed.data;
+      const { headers, response } = await deps.auth.api.signUpEmail({
+        returnHeaders: true,
+        body: { name, email, password },
+      });
+      const authPayload = await response.json();
+      const userId = authPayload?.user?.id;
+      if (!userId) {
+        return NextResponse.json(
+          { error: "Registration failed", code: "REGISTRATION_FAILED" },
+          { status: 500 }
+        );
+      }
+      const orgName = `${name}'s Organization`;
+      const orgSlug = generateSlug(orgName);
+      const organizationId = randomUUID();
+      await deps.db.transaction(async (tx) => {
+        await tx.insert(userProfiles).values({ userId, name });
+        await tx.insert(organizations).values({ id: organizationId, name: orgName, slug: orgSlug });
+        await tx.insert(organizationMembers).values({ organizationId, userId, role: "admin" });
+      });
+      const res = NextResponse.json(
+        {
+          data: { user: authPayload.user },
+          message: "Registration successful",
+        },
+        { status: 201 }
+      );
+      const setCookie = headers.get("set-cookie");
+      if (setCookie) {
+        res.headers.set("set-cookie", setCookie);
+      }
+      return res;
+    } catch (error) {
+      if (error instanceof APIError) {
+        if (error.status === 409) {
+          return NextResponse.json(
+            { error: "邮箱已存在", code: "EMAIL_EXISTS" },
+            { status: 409 }
+          );
+        }
+        return NextResponse.json(
+          { error: error.message, code: "AUTH_ERROR" },
+          { status: error.status ?? 400 }
+        );
+      }
+      return NextResponse.json(
+        { error: "Registration failed", code: "REGISTRATION_FAILED" },
+        { status: 500 }
+      );
+    }
+  };
+}
+```
+Create `app/api/auth/register/route.ts`:
+```ts
+import { auth } from "@/lib/auth/config";
+import { db } from "@/lib/db";
+import { buildRegisterHandler } from "./handler";
+if (!db) {
+  throw new Error("DATABASE_URL is not configured");
+}
+export const POST = buildRegisterHandler({ auth, db });
+```
+**Step 4: Run tests to verify pass**
+Run:
+```bash
+bun test tests/api/register.test.ts
+```
+Expected: PASS.
+**Step 5: Commit**
+```bash
+git add lib/validations/auth.ts app/api/auth/register/handler.ts app/api/auth/register/route.ts tests/api/register.test.ts
+git commit -m "feat: add register api with validation"
+```
+---
+### Task 4: Register UI
+**Files:**
+- Create: `app/(auth)/register/page.tsx`
+- Create: `components/auth/register-form.tsx`
+**Step 1: Implement UI**
+Create `app/(auth)/register/page.tsx`:
+```tsx
+import { headers } from "next/headers";
+import { redirect } from "next/navigation";
+import { auth } from "@/lib/auth/config";
+import { RegisterForm } from "@/components/auth/register-form";
+export default async function RegisterPage() {
+  const session = await auth.api.getSession({ headers: await headers() });
+  if (session) redirect("/dashboard");
+  return (
+    <div className="min-h-screen bg-slate-50 flex items-center justify-center px-4">
+      <div className="w-full max-w-md">
+        <div className="text-center mb-6">
+          <h1 className="text-3xl font-semibold">Echo</h1>
+          <p className="text-sm text-muted-foreground">创建新账户以继续</p>
+        </div>
+        <RegisterForm />
+      </div>
+    </div>
+  );
+}
+```
+Create `components/auth/register-form.tsx`:
+```tsx
+"use client";
+import { useState } from "react";
+import { useRouter } from "next/navigation";
+import { Button } from "@/components/ui/button";
+import { Input } from "@/components/ui/input";
+import { Label } from "@/components/ui/label";
+import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/components/ui/card";
+export function RegisterForm() {
+  const router = useRouter();
+  const [isLoading, setIsLoading] = useState(false);
+  const [errors, setErrors] = useState<Record<string, string>>({});
+  const [formData, setFormData] = useState({ name: "", email: "", password: "", confirmPassword: "" });
+  const handleChange = (e: React.ChangeEvent<HTMLInputElement>) => {
+    const { name, value } = e.target;
+    setFormData((prev) => ({ ...prev, [name]: value }));
+    setErrors((prev) => ({ ...prev, [name]: "" }));
+  };
+  const validateForm = () => {
+    const nextErrors: Record<string, string> = {};
+    if (!formData.name.trim()) nextErrors.name = "请输入您的姓名";
+    if (!formData.email) nextErrors.email = "请输入邮箱地址";
+    if (!formData.password) nextErrors.password = "请输入密码";
+    if (formData.password !== formData.confirmPassword) nextErrors.confirmPassword = "两次输入的密码不一致";
+    setErrors(nextErrors);
+    return Object.keys(nextErrors).length === 0;
+  };
+  const onSubmit = async (e: React.FormEvent) => {
+    e.preventDefault();
+    if (!validateForm()) return;
+    setIsLoading(true);
+    try {
+      const res = await fetch("/api/auth/register", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          name: formData.name,
+          email: formData.email,
+          password: formData.password,
+        }),
+      });
+      const json = await res.json();
+      if (!res.ok) {
+        if (json.code === "VALIDATION_ERROR") {
+          const fieldErrors: Record<string, string> = {};
+          for (const issue of json.details ?? []) {
+            const key = issue.path?.[0];
+            if (key) fieldErrors[key] = issue.message;
+          }
+          setErrors(fieldErrors);
+        } else if (json.code === "EMAIL_EXISTS") {
+          setErrors({ email: "邮箱已存在" });
+        }
+        return;
+      }
+      router.push("/dashboard");
+    } finally {
+      setIsLoading(false);
+    }
+  };
+  return (
+    <Card>
+      <CardHeader>
+        <CardTitle>创建账户</CardTitle>
+        <CardDescription>填写以下信息注册新账户</CardDescription>
+      </CardHeader>
+      <CardContent>
+        <form onSubmit={onSubmit} className="space-y-4">
+          <div className="space-y-2">
+            <Label htmlFor="name">姓名</Label>
+            <Input id="name" name="name" value={formData.name} onChange={handleChange} disabled={isLoading} />
+            {errors.name ? <p className="text-sm text-destructive">{errors.name}</p> : null}
+          </div>
+          <div className="space-y-2">
+            <Label htmlFor="email">邮箱</Label>
+            <Input id="email" name="email" type="email" value={formData.email} onChange={handleChange} disabled={isLoading} />
+            {errors.email ? <p className="text-sm text-destructive">{errors.email}</p> : null}
+          </div>
+          <div className="space-y-2">
+            <Label htmlFor="password">密码</Label>
+            <Input id="password" name="password" type="password" value={formData.password} onChange={handleChange} disabled={isLoading} />
+            {errors.password ? <p className="text-sm text-destructive">{errors.password}</p> : null}
+          </div>
+          <div className="space-y-2">
+            <Label htmlFor="confirmPassword">确认密码</Label>
+            <Input id="confirmPassword" name="confirmPassword" type="password" value={formData.confirmPassword} onChange={handleChange} disabled={isLoading} />
+            {errors.confirmPassword ? <p className="text-sm text-destructive">{errors.confirmPassword}</p> : null}
+          </div>
+          <Button type="submit" className="w-full" disabled={isLoading}>
+            {isLoading ? "注册中..." : "注册"}
+          </Button>
+          <p className="text-center text-sm text-muted-foreground">
+            已有账户？<a className="text-primary" href="/login">登录</a>
+          </p>
+        </form>
+      </CardContent>
+    </Card>
+  );
+}
+```
+**Step 2: Manual verification**
+Run:
+```bash
+bun dev
+```
+Check:
+- `/register` renders correctly on mobile/desktop.
+- Invalid inputs show inline errors.
+- Successful submit redirects to `/dashboard`.
+**Step 3: Commit**
+```bash
+git add app/(auth)/register/page.tsx components/auth/register-form.tsx
+git commit -m "feat: add register page and form"
+```
+---
+### Task 5: Migration apply + smoke check
+**Files:**
+- None (commands only)
+**Step 1: Apply migrations locally**
+Run:
+```bash
+bun run db:migrate
+```
+Expected: migrations applied successfully.
+**Step 2: Smoke test**
+Run:
+```bash
+bun test
+```
+Expected: all tests pass (existing warning-only lint is acceptable).
+**Step 3: Commit (if any artifacts)**
+Only if new migration metadata or files are created.

package/docs/plans/2026-01-03-roles-permissions-design.md ADDED Viewed

@@ -0,0 +1,20 @@
+# Roles and Permissions Design
+**Date:** 2026-01-03
+## Goal
+Define a minimal RBAC module with explicit roles and permissions, and align the user schema and validation with the role model.
+## Architecture
+We will add a pure, side-effect-free RBAC module at `lib/auth/permissions.ts`. It will export a `UserRole` union type, a `PERMISSIONS` constant map, a `Permission` union derived from the map, and a `ROLE_PERMISSIONS` record that defines which roles can perform each action. The module will expose `hasPermission(role, permission)` and `canSubmitOnBehalf(role)` helpers. The design is intentionally simple: no I/O, no session coupling, and conservative defaults (unknown roles return false). This provides a stable base for middleware and UI gating without over-engineering.
+To keep data models consistent, we will add a `role` column to the Drizzle `user` table definition in `lib/db/schema/auth.ts`, defaulting to `customer`. We will also add a Zod `userRoleSchema` (and type export) in `lib/validations/auth.ts` so validation and user input handling are aligned with the same role list. The `customer` role represents end users and is granted only `CREATE_FEEDBACK`.
+## Data Flow
+Callers pass a role string and permission identifier to the RBAC module. The module returns a boolean. No database or external services are involved.
+## Error Handling
+Unknown roles or missing mappings return false. This prevents accidental over-permissioning.
+## Testing
+Unit tests will cover role-to-permission mapping, `hasPermission`, and `canSubmitOnBehalf`. Validation tests will assert `userRoleSchema` accepts known roles and rejects unknown ones.