docs(audit): align documentation with post-remediation backend reality
- Update data model enums to match backend models - Update API reference auth requirements - Add dispute module references and warning blocks - Add 2026-05-24 audit remediation callout to Overview - Generate task breakdowns and audit artifacts - Add doc alignment report (.taskmaster/reports/)
This commit is contained in:
@@ -117,17 +117,22 @@ The full route table mounted by `app.ts`:
|
||||
| `/api/marketplace/templates` | `services/marketplace/controllerRoutes.ts` | JWT (seller) | RequestTemplate CRUD |
|
||||
| `/api/marketplace/categories` | `services/marketplace/controllerRoutes.ts` | public read | Category list |
|
||||
| `/api/marketplace/shop-settings` | `services/marketplace/shopSettingsController.ts` | JWT (seller) | Shop profile |
|
||||
| `/api/payment` | `services/payment/paymentRoutes.ts` | JWT | Payment intent, status |
|
||||
| `/api/payment/shkeeper/webhook` | `services/payment/shkeeper/shkeeperWebhook.ts` | HMAC | Inbound from gateway |
|
||||
| `/api/payment/payout` | `services/payment/shkeeper/shkeeperPayoutService.ts` | JWT (seller/admin) | Withdraw to wallet |
|
||||
| `/api/payment` | `services/payment/paymentControllerRoutes.ts` + `paymentRoutes.ts` | JWT | Payment CRUD, health, export |
|
||||
| `/api/payment/decentralized` | `services/payment/decentralizedPaymentRoutes.ts` | mixed | Web3 save, verify, receiver |
|
||||
| `/api/payment/shkeeper` | `services/payment/shkeeper/shkeeperRoutes.ts` | mixed | Intents, webhook, release, refund, config |
|
||||
| `/api/payment/shkeeper/payout` | `services/payment/shkeeper/shkeeperPayoutRoutes.ts` | JWT (seller/admin) | Withdraw to wallet |
|
||||
| `/api/payment/request-network` | `services/payment/requestNetwork/requestNetworkRoutes.ts` | HMAC | Request Network webhooks |
|
||||
| `/api/chat` | `services/chat/chatRoutes.ts` | JWT | Conversations, messages |
|
||||
| `/api/notification` | `services/notification/notificationRoutes.ts` | JWT | List, mark read |
|
||||
| `/api/dispute` | `services/dispute/disputeRoutes.ts` | JWT | Open, evidence, resolve |
|
||||
| `/api/blog` | `services/blog/blogRoutes.ts` | mixed | Public read, admin write |
|
||||
| `/api/admin` | `services/admin/adminRoutes.ts` | JWT (admin) | Mod operations |
|
||||
| `/api/points` | `services/points/pointsRoutes.ts` | JWT | Balance, redemption |
|
||||
| `/api/notification` | `services/notification/notificationRoutes.ts` + `notificationControllerRouter` | JWT | List, mark read |
|
||||
| `/api/dispute` | `services/dispute/disputeRoutes.ts` | JWT | **Not implemented** — planned |
|
||||
| `/api/blog` | `services/blog/blogRoutes.ts` | mixed | **Not implemented** — planned |
|
||||
| `/api/admin` | `services/admin/adminRoutes.ts` | JWT (admin) | **Not implemented** — planned |
|
||||
| `/api/points` | `services/points/pointsRoutes.ts` | JWT | **Not implemented** — planned |
|
||||
| `/api/ai` | `services/ai/aiRoutes.ts` | JWT | OpenAI-backed helpers |
|
||||
| `/api/file` | `services/file/fileRoutes.ts` | JWT | Multipart upload |
|
||||
| `/api/files` | `services/file/fileRoutes.ts` | JWT | Multipart upload |
|
||||
| `/api/email` | `services/email/emailRoutes.ts` | JWT | Email dispatch |
|
||||
| `/api/trezor` | `services/trezor/trezorRoutes.ts` | JWT | Trezor hardware-wallet ops |
|
||||
| `/api/users` | `services/user/userRoutes.ts` | JWT | Legacy user profile routes |
|
||||
|
||||
Full per-endpoint details → [[03 - API Reference/API Overview]] and the service-specific reference docs.
|
||||
|
||||
@@ -179,10 +184,10 @@ flowchart TB
|
||||
pay --> market
|
||||
pay --> notify
|
||||
pay --> socket
|
||||
dispute --> market
|
||||
dispute --> chat
|
||||
dispute --> notify
|
||||
points --> notify
|
||||
dispute -.-> market
|
||||
dispute -.-> chat
|
||||
dispute -.-> notify
|
||||
points -.-> notify
|
||||
notify --> socket
|
||||
notify --> email
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user