Walkthrough

This pull request implements a comprehensive architectural refactoring and feature expansion. Key changes include: migrating authentication logic from Auth-based constants to User document-based authorization patterns; introducing new token/password proof mechanisms via Utopia auth libraries; implementing multi-stage Docker builds with production and development targets; expanding database schemas with email metadata attributes and file transformation capabilities; adding new API features including avatar screenshots generation and CSV export functionality; integrating a Resend email provider; establishing centralized platform configuration management; introducing CoreDNS for testing; and upgrading multiple core dependencies. The refactoring spans infrastructure, configuration, database models, authentication flows, and API controllers throughout the codebase.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Areas requiring extra attention:

• Authentication and authorization migration: Systematic replacement of Auth-based checks with User document methods across controllers (avatars, health, graphql, locale, messaging, teams, users, vcs, storage, shared/api, shared/api/auth) requires verification that all access control logic remains semantically equivalent
• Token and session handling refactoring: New Password, Token, and Store proof mechanisms introduced in teams, users, and resource registration (app/init/resources.php) need careful validation of credential generation, validation, and serialization
• Platform configuration and CORS integration: New platform context propagation through app/controllers/general.php and app/init/resources.php, including origin validation and CORS handling, affects routing and cross-origin request policies
• Database schema and document type registration: Addition of email metadata attributes (emailCanonical, emailIsFree, emailIsDisposable, emailIsCorporate, emailIsCanonical) and transformations attribute; setDocumentType('users', User::class) registrations across multiple database instances require schema consistency verification
• Docker multi-stage build and CoreDNS infrastructure: Dockerfile refactoring from single-stage to production/development targets and new CoreDNS service integration with static IP addressing (172.16.238.100) should be validated for development and production workflows
• Storage bucket transformations feature: New transformations boolean attribute added to bucket creation/update/retrieval across createBucket, updateBucket, and related endpoints; requires consistency check across all affected paths
• Messaging provider integration: New Resend email provider support (createResendProvider, updateResendProvider) follows existing provider patterns but adds new provider branching logic that should be verified for correctness
• API endpoint parameter and validator changes: Widespread addition of Nullable wrappers for optional parameters, total/includeTotal flags for pagination, and new parameter validators across multiple list endpoints (projects, storage, migrations, messaging) requires consistency review
• Config adapter and resource dependencies: Introduction of ConfigAdapter for Config::load calls and new public resources (allowedHostnames, originValidator, redirectValidator, cors, proofForPassword, proofForToken, proofForCode) affects dependency injection and initialization order
• Dependency version upgrades: Bumped versions for utopia-php packages (config: 0.2.* → 1.., database: 2.* → 3., dns: 0.3. → 1.4.*) and new dependencies (utopia-php/auth, utopia-php/emails) may introduce breaking API changes requiring compatibility verification

• 📝 Generate docstrings

• X
• Mastodon
• Reddit
• LinkedIn