s0wlz (Matthias Puchstein)
ff5ad26cfc
- Switched to secure httpOnly, SameSite=Strict cookies for JWT authentication. - Refactored backend to use AppState for shared secrets and database pool caching. - Modernized frontend with Svelte 5 runes ($state) and removed localStorage reliance. - Gated destructive test endpoints behind debug_assertions and fixed unsafe test patterns. - Enhanced CI pipeline with cargo clippy, cargo fmt, and pinned pnpm version. - Updated documentation and implementation plans to match the hardened architecture.
1.2 KiB
1.2 KiB
TutorTool
Attendance tracker for tutoring sessions. Tutors manage courses, rooms, and slots; students check in via a public QR code link. Live at tutor.puchstein.dev.
Quickstart
make dev
# Backend: http://localhost:3000
# Frontend: http://localhost:5173
Demo credentials: admin@tutortool.com / admin
Stack
- Backend: Rust + Axum + SQLite (via SQLx), Secure httpOnly Cookie JWT auth
- Frontend: SvelteKit 5 (Svelte runes), TypeScript, adapter-static (SPA)
- Build: Vite + Cargo; 3-stage Docker build for production
Documentation
| Doc | Contents |
|---|---|
CLAUDE.md |
Agent guidance: commands, architecture, conventions |
GEMINI.md |
Same, with Gemini-specific context |
docs/testing.md |
E2E test pipeline (Playwright + test daemon) |
docs/specs/ |
Feature specs |
docs/plans/ |
Implementation plans |
docs/design_handoff/ |
UI design mocks |
Deployment
Kubernetes via deploy/ Helm chart on ITSH Cloud (tenant-5, Hetzner). CI via Gitea Actions at .gitea/workflows/ci.yml.