Refactor: Enhance Backend Security, Introduce Async AI Training Queue, and Implement OTP-Based Password Reset #112
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ai route using backend endpoint
Contributor
|
@afrinxnahar is attempting to deploy a commit to the afrin127329's projects Team on Vercel. A member of the Team first needs to authorize it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
This pull request consolidates a series of commits that strengthen the ScriptAI application's backend architecture, introduce scalable asynchronous processing for AI training tasks, and add a secure, user-friendly OTP-based password reset flow. The changes follow a minimal, clean approach with strict type safety via Zod schemas and TypeScript. We've prioritized DRY principles by centralizing Supabase client creation in shared packages, used NestJS guards for authentication, and leveraged BullMQ for reliable job queuing to handle high-volume AI workloads without blocking the main API.
Changes
OTP-Based Password Reset (full flow)
– Backend: /auth/forgot-password, /verify-otp, /reset-password with 6-digit OTP (10-min expiry, 5-attempt limit)
– Secure updates via Supabase service-role client
– Emails powered by Resend + Zod-validated DTOs
– Frontend: Modern react-hook-form + Zod resolver, animated errors, sonner toasts, auto-redirect
Async AI Training Queue
– BullMQ + Redis (password-protected) for long-running train-ai jobs
– Dedicated NestJS controller & processor with retries, backoff, and rate-limiting (100/min)
– Frontend now calls secure backend endpoint (POST /api/v1/train-ai) with JWT
Security & Consistency
– Centralised Supabase server client (@repo/supabase)
– JWT auth via SupabaseAuthGuard on all protected routes
– Added /test-db health check
– Removed unused code (~537 lines)
Database & Infra
– New tables: user_voices, dubbing_jobs with RLS + indexes
– Redis password + Docker Compose updates
– Added worker script (npm run start:worker)
Testing
npm run start:dev(API) andnpm run start:worker; test/test-db,/train-aiwith valid JWT; verify OTP flow with mock Resend.npm run dev; submit forgot-password form; check redirects, toasts, and animations.Screenshots (Password Reset UX)
Before: Basic form with manual error handling.
After: Animated, validated form with success toast and auto-redirect.
Email temp:
Next Steps