Walkthrough

This pull request introduces a comprehensive authentication and authorization refactoring, moving from Auth class methods to User-based implementations, while adding support for new features including CSV exports, screenshot/browser integration, email canonicalization, and password hash object abstraction. The changes span configuration, database schema modifications, API endpoint updates, and resource dependencies. Key additions include new email fields on users, a total parameter across list endpoints, transformations attribute for storage buckets, new hash object implementations replacing string-based hashing, and framework/template updates for TanStack Start and dark mode support.

Estimated code review effort

🎯 5 (Critical) | ⏱️ ~90+ minutes

Areas requiring extra attention:

• Authorization refactoring across controllers: Verify all Auth::isPrivilegedUser(...) → User::isPrivileged(...) and Auth::isAppUser(...) → User::isApp(...) migrations are semantically equivalent and maintain security boundaries across avatars.php, graphql.php, storage.php, teams.php, realtime.php, and shared/api/auth.php

• Hash object abstraction in user creation: Validate the new createUser(Hash $hash, ...) signature properly handles all hash algorithm types (Argon2, Bcrypt, MD5, SHA, PHPass, Scrypt, Plaintext) and that hash object methods (getName(), getOptions(), hash()) are correctly invoked across all call sites in users.php

• Email canonicalization fields: Review introduction of new email attributes (emailCanonical, emailIsFree, emailIsDisposable, emailIsCorporate, emailIsCanonical) in app/config/collections/common.php and ensure these are properly populated, indexed, and don't conflict with existing data

• Storage transformations enforcement: Verify the new transformations bucket attribute and corresponding validation gates (STORAGE_BUCKET_TRANSFORMATIONS_DISABLED error) are consistently applied across file operations in storage.php and that permission checking properly uses User methods

• Session/Token proof refactoring: Examine new Store, Token, and Password proof implementations in resources.php, teams.php, users.php, and realtime.php to ensure session validation, cookie handling, and secret hashing remain secure and compatible

• CSV export/import migration logic: Validate the new CSV export endpoint and device routing changes (deviceForImports → deviceForMigrations) in migrations.php, including query validation and migration queue integration

• Database document type registration: Confirm setDocumentType('users', User::class) additions across all database instances prevent document mapping issues and that User class properly extends Document where needed

• List endpoint includeTotal parameter propagation: Check consistency of new total parameter and includeTotal flag handling across messaging, projects, storage, teams, vcs, and migrations endpoints to ensure totals are correctly computed as 0 when disabled

• Nullable parameter wrapping: Review widespread use of Nullable(...) wrappers in messaging, projects, storage, and teams endpoints to ensure optional field handling doesn't introduce unexpected null-related bugs

• Framework and template updates: Validate TanStack Start framework configuration in frameworks.php and templates/site.php, Flutter runtime version bump, and dark mode CSS in email templates function correctly

• 📝 Generate docstrings

• X
• Mastodon
• Reddit
• LinkedIn