Bypass JPA org lookup to avoid Hibernate cascade flush error
**************** triggers **************** which causes a Hibernate auto-flush. That flush fails because Organization.features was previously replaced with a pl...
Rebuild to pick up getOrganizationByDomain simplification
Remove eager feature-loading from getOrganizationByDomain
Features are an org-level concern unrelated to most callers of this method (e.g. registration, login domain resolution). Force-loading them via setFeatures() re...
Rebuild to pick up kamo-shared-library OrganizationService fix
Mutate features collection in-place to avoid cascade orphanRemoval error
Calling org.setFeatures(newList) replaces the Hibernate-tracked persistent collection, causing JpaSystemException when any query triggers auto-flush in an open ...
Use getReferenceById to avoid cascade orphanRemoval flush error on registration
Loading Organization via findById inside @Transactional caused Hibernate to detect the features collection was de-referenced during auto-flush, throwing JpaSyst...
Resend verification using email not userId, forward X-Forwarded-Host
SecurityService /register/resend-verification expects email in the body, not userId (which the login error response never includes). Also forward X-Forwarded-Ho...
Match kamo-internal avatar storage — 3 sizes, MinIO, separate upload step
Crop dialog now produces three PNG blobs (50/150/350px) via canvas, identical to kamo-internal's AvatarManager. After registration returns userId, the blobs are...
Add register-photo endpoint for unauthenticated post-registration avatar upload
POST **************** accepts userId + file/fileSm/fileMd/fileLg without a session. Guards: user must be unverified and have no avatar yet, preventing abuse aga...
Replace EMAIL_NOT_VERIFIED error with rich verification card
When login fails with EMAIL_NOT_VERIFIED the login card is now replaced by a polished "Check your inbox" screen: animated envelope SVG with opening flap and flo...
Extend photo upload to support AVIF and SVG formats
Adds image/avif and image/svg+xml to the file input accept list and validation regex. Updates the hint label to list all six formats. kamo-internal already acce...
Add react-easy-crop photo editor to registration upload step
Mirrors the PhotoCropDialog from kamo-internal's AvatarManager: - crop dialog opens immediately after file selection - pan by dragging, zoom via scroll or slide...
Add dao.repositories to JPA scan so EmailTemplateRepository is found
Same pattern as KamoInitializerService — explicit basePackages overrides default scanning and must include every package that has repositories.
Pass upstream error body through security proxy instead of generic message
Previously returned {error: "Upstream error"} on non-2xx, losing the real error message from SecurityService. Now forwards status code and body directly.
Align registration field names and response shape with frontend contract
Frontend sends nameFirst/nameLast but controller read firstName/lastName, causing 400 "First name is required". Success response now returns {status, userId, al...
Replace Redis session caching with direct Java API fetch in org route
Prevent stale ageReqType cache from showing age check incorrectly
- Org route: reduce Redis TTL from 24h to 5min and add ageReqTypeMember to stale detection so security fields stay fresh after DB changes - RegisterFlow: defa...
Add SecurityService and dao.repositories to EnableJpaRepositories scan
UserPhoneLookupRepository in recovery package was not picked up because EnableJpaRepositories only listed dao.repos and commerce. Added the SecurityService base...
Set browser tab title to 'Register - {org name}'
DynamicMetaLoader now calls useThemeConfig and updates document.title to 'Register - {org.title}' once the org loads. Static fallback in layout.tsx changed from...
Update all register links to /member path
Add /api/geoip route and wire country auto-detection
Proxies client IP to SecurityService GeoLite2 lookup, then sets the detected country in FormMyCountry automatically on page load.
Add GET /api/security/geoip/me for client IP country lookup
Reads real client IP from X-Forwarded-For / X-Real-IP headers, does a GeoLite2 lookup, and returns { country_code, country_name }. Used by kamo-register's count...
Add CAPCHA_SERVICE_URL to k8s configmap
Resolve TS errors from steps used before declaration and Capcha style cast
Move **************** useMemos above the useEffects that depend on them; import CSSVariables type and use it for the Capcha-widget style prop.
Add dao.repositories to EnableJpaRepositories scan
EmailTemplateRepository lives under dao.repositories.email, not dao.repos, so it was not picked up as a Spring bean.
Remove h*** env var, delete unused capchta demo component
Add DEFAULT false to email_verified column definition
Hibernate's schema migrator generates ALTER TABLE without a default, failing on tables with existing rows. columnDefinition forces it to include DEFAULT false s...
Correct Capcha listener cleanup and reset verified state on step exit
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Bump kamo-shared-library to 1.4.0
Restore DocumentNotFoundException dropped between 1.0.0 and 1.4.0
Replace h*** with kamo-capcha-widget inline in Finish step
Add /api/capcha/challenge proxy route
Resolve duplicate emailTemplateServiceClient bean conflict
**************** and **************** were identical @Components with the same default bean name, causing **************** at startup. Delete the duplicate in r...
Bump kamo-shared-library to 1.4.0
Docker Stage 1 builds kamo-shared-library main (now 1.4.0) and installs it to the local .m2; the service pom still referenced 1.0.0 which Maven could not find, ...
Apply SP6 correctness and implementation quality fixes
C1: use NEXT_PUBLIC_H***_SITE_KEY env var instead of hardcoded placeholder C2: change RegisterResponse.userId and all API params from number to string (Cockroac...
SP6 register wizard refactor — split PersonalInfo, add real registration API
- Replace FormPersonalInfo with FormName (name fields) and FormAvatar (Avatar Creator generator with generate/upload/skip modes for 13+) - Delete FormRecoveryEn...
SP5 migrate KamoCRM agereq to ALL_WORK_ELIGIBLE
Add KamoCRMAgeReqUpdateRunner (order 10) — conditional idempotent UPDATE on startup; WHERE clause checks old value so re-runs are no-ops. Errors are swallowed s...
Address 4 code-review findings in registration and login paths
- Hide raw exception message in /register 500 path; log instead - Fail-closed (503) on email-verified DB check failure in login - verifyEmailToken throws if use...
Implement SP4 email verification and registration wiring
- Delete legacy email/VerificationEmail.java (hardcoded SMTP stub) - Add **************** (mirrors recovery package pattern) - Add **************** — token gene...