feat: add buyer-vendor messaging plugin#829
Open
kjedras wants to merge 3 commits into
Open
Conversation
Complete messaging plugin with security hardening from code review: - Atomic SSE token consumption (GETDEL instead of GET+DEL) - Atomic rate limiting via Lua script (INCR+EXPIRE in single call) - SSE frame injection prevention (sanitize last_event_id) - Transaction safety for message creation and read marking - LIKE pattern escaping in admin search - ReDoS protection for admin-supplied regex filters - Anonymization pagination loop for GDPR compliance - Reconcile job rewritten with single SQL aggregation (eliminates N+1) - Vendor orders scoped to seller (prevents cross-seller data leak) - Frontend SSE hooks rewritten with refs (fixes timer leak + re-render loop) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…bump Addresses ~40 issues from code review: - Security: XSS sanitization, crypto.randomUUID for IDs, admin auth fix - Chat blocking: block/unblock customers with reason, admin/vendor visibility - Rate limit: 10 → 20 messages/minute for better UX - Bug fixes: unblock SDK path (kebabCase mangling), NULLS LAST ordering - Architecture: compensation steps, batch processing, DB indexes - UI: shared layout hook, SSE backoff, pagination support - Registry: 3 missing files added, documentation updated Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Guilherme-B
reviewed
Apr 3, 2026
| // Check message rate limit: 20 per minute | ||
| const msgResult = await redisService.checkRateLimit( | ||
| `ratelimit:msg:${input.sender_id}`, | ||
| 20, |
There was a problem hiding this comment.
Should this not be configurable in the module's specs in medusa-config.ts?
jakub-borek
reviewed
Apr 24, 2026
| import { MESSAGING_REDIS_MODULE } from "../../../../modules/messaging-redis" | ||
| import type MessagingRedisModuleService from "../../../../modules/messaging-redis/service" | ||
|
|
||
| export const GET = async ( |
There was a problem hiding this comment.
SSE is fine for simple plugin, but I don't see this scaling well for a production-ready marketplace solution, due to SSE limitations, e.g.:
- most browsers only support around 6 SSE connections, so if some users open few windows each with different chat, it will break
- it's one way communication server -> customer, not a real-time chat
I'd consider switching to full websocket implementation using Socket.io. Unless for larger marketplaces we'll use custom integrations, like TalkJS/Sendbird?
Something to think about, in the end it's better to have something than nothing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan
🤖 Generated with Claude Code