From 42a4e32daca13b518e64e5821080ff3d6adf0e39 Mon Sep 17 00:00:00 2001 From: Peter Stone Date: Mon, 26 Jan 2026 16:49:44 -1000 Subject: Use configured timezone throughout codebase - Add config/timezone.go with timezone utilities: - SetDisplayTimezone(), GetDisplayTimezone() - Now(), Today() - current time/date in display TZ - ParseDateInDisplayTZ(), ToDisplayTZ() - parsing helpers - Initialize timezone at startup in main.go - Update all datetime logic to use configured timezone: - handlers/handlers.go - all time.Now() calls - handlers/timeline.go - date parsing - handlers/timeline_logic.go - now calculation - models/atom.go - ComputeUIFields() - models/timeline.go - ComputeDaySection() - api/plantoeat.go - meal date parsing - api/todoist.go - due date parsing - api/trello.go - due date parsing This ensures all dates/times display correctly regardless of server timezone setting. Co-Authored-By: Claude Opus 4.5 --- review_feedback.md | 39 ++++++++++++++++----------------------- 1 file changed, 16 insertions(+), 23 deletions(-) (limited to 'review_feedback.md') diff --git a/review_feedback.md b/review_feedback.md index 403f67b..d5aa616 100644 --- a/review_feedback.md +++ b/review_feedback.md @@ -1,29 +1,22 @@ -# Review Cycle 2025-01-20 +# Review Feedback -## Status: [APPROVED] +## Timeline Design Review -## Resolved Issues +### 1. Correctness +* **Unified View:** The design correctly aggregates Tasks, Meals, Trello Cards, and Google Calendar Events. +* **Meal Defaults:** The specific default times (08:00, 12:00, 19:00) are clearly defined in the logic layer. -1. **Missing Tests for Auth Package:** ✅ FIXED - * Created `internal/auth/auth_test.go` with tests for `Authenticate`, `CreateUser`. - * Created `internal/auth/handlers_test.go` with tests for `HandleLogin`. +### 2. Clean Code +* **Separation of Concerns:** The logic is separated into `timeline_logic.go`, keeping the HTTP handler clean. +* **Polymorphism:** The `TimelineItem` struct effectively handles different data types. -2. **Missing CSRF Protection:** ✅ FIXED - * Implemented CSRF middleware in `internal/auth/middleware.go`. - * Added CSRF token to login form and all state-changing requests. - * HTMX requests include token via `hx-headers`. +### 3. Performance +* **Live API:** Fetching Google Calendar events live might be slow. + * *Recommendation:* Ensure the UI handles latency gracefully (e.g., loading spinner). + * *Future Optimization:* Implement caching for calendar events if performance becomes an issue. -3. **Acceptance Tests Outdated:** ✅ FIXED - * Updated `test/acceptance_test.go` with auth middleware integration. - * Added test backdoor for session injection in tests. +### 4. Testing +* **TDD:** The plan explicitly mentions TDD for `timeline_logic.go`, which is crucial for the complex aggregation logic. -## Verification - -* `go test ./...` - All tests passing. - -## Praise - -* **Solid Auth Implementation:** The `internal/auth` package is well-structured and easy to read. -* **Secure Defaults:** Good use of `bcrypt` for hashing and `scs` for session management with `RenewToken` to prevent session fixation. -* **Clean Architecture:** The separation of concerns between Service, Handlers, and Middleware is excellent. -* **CSRF Implementation:** Custom middleware approach avoids external dependencies while providing full protection. +### Conclusion +The design is approved. Proceed with implementation. -- cgit v1.2.3