apply changes

src/app/api/auth/github/callback/route.ts

@@ -57,7 +57,6 @@ export async function GET(request: NextRequest) {
         const githubUser = await userResponse.json();
 
         // Check if user exists
-        // TODO: After Turso migration, add syncStatus, lastSyncAt, syncError to this select
         const existingUsers = await db
             .select({
                 id: users.id,
@@ -66,6 +65,9 @@ export async function GET(request: NextRequest) {
                 avatarUrl: users.avatarUrl,
                 role: users.role,
                 githubAccessToken: users.githubAccessToken,
+                syncStatus: users.syncStatus,
+                lastSyncAt: users.lastSyncAt,
+                syncError: users.syncError,
                 createdAt: users.createdAt,
                 updatedAt: users.updatedAt,
             })

src/app/api/sync/run/route.ts

@@ -7,10 +7,16 @@
 
 import { NextRequest, NextResponse } from "next/server";
 import { getCurrentUser } from "@/lib/auth";
-import { runFullSync, runMaintainerSync, runContributorSync, reconcileOpenTriageIssue1, syncContributorPRsDirect, SYNC_INTERVAL_MS } from "@/lib/sync/github-sync";
 import { db } from "@/db";
 import { users } from "@/db/schema";
 import { eq } from "drizzle-orm";
+import { runMaintainerSync, runContributorSync, syncContributorPRsDirect, reconcileOpenTriageIssue1 } from "@/lib/sync/github-sync";
+
+const SYNC_INTERVAL_MS = 5 * 60 * 1000; // 5 minutes
+
+// Layer 2 Defense: In-memory set to prevent race conditions
+// This provides instant protection before database queries
+const activeSyncs = new Set<string>();
 
 export async function POST(request: NextRequest) {
     try {
@@ -23,11 +29,22 @@ export async function POST(request: NextRequest) {
             return NextResponse.json({ error: "GitHub access token not found" }, { status: 400 });
         }
 
-        // TODO: Uncomment after Turso migration
-        // Circuit breaker logic commented out until sync_status column exists in production
-        /*
-        // Get current user record to check sync status
-        const userRecord = await db.select()
+        // Layer 2 Defense: In-memory check (FAST - prevents race conditions)
+        if (activeSyncs.has(user.id)) {
+            console.log(`[SyncRun] User ${user.id} sync blocked by in-memory guard`);
+            return NextResponse.json({
+                error: "Sync already in progress",
+                status: "SYNCING",
+                message: "Please wait for the current sync to complete"
+            }, { status: 429 });
+        }
+
+        // Layer 1 Defense: Database check (PERSISTENT - survives restarts)
+        const userRecord = await db.select({
+            id: users.id,
+            syncStatus: users.syncStatus,
+            lastSyncAt: users.lastSyncAt,
+        })
             .from(users)
             .where(eq(users.id, user.id))
             .limit(1);
@@ -40,7 +57,7 @@ export async function POST(request: NextRequest) {
 
         // Circuit breaker: Check if sync already in progress
         if (currentSyncStatus === 'SYNCING') {
-            console.log(`[SyncRun] User ${user.id} sync already in progress`);
+            console.log(`[SyncRun] User ${user.id} sync already in progress (DB status)`);
             return NextResponse.json({
                 error: "Sync already in progress",
                 status: "SYNCING",
@@ -57,14 +74,17 @@ export async function POST(request: NextRequest) {
             }, { status: 202 });
         }
 
-        // Set status to SYNCING before starting
+        // Add to in-memory set FIRST (before DB update)
+        activeSyncs.add(user.id);
+        console.log(`[SyncRun] Added user ${user.id} to activeSyncs. Size: ${activeSyncs.size}`);
+
+        // Set database status to SYNCING
         await db.update(users)
             .set({
                 syncStatus: 'SYNCING',
                 syncError: null
             })
             .where(eq(users.id, user.id));
-        */
 
         console.log(`[SyncRun] Starting sync for user ${user.id}`);
 
@@ -89,15 +109,12 @@ export async function POST(request: NextRequest) {
             // Always reconcile the critical openTriage#1 issue to ensure immediate state sync
             const reconcileResult = await reconcileOpenTriageIssue1(user.githubAccessToken);
 
-            // TODO: Uncomment after Turso migration
-            /*
             // Mark sync as COMPLETED
             await db.update(users).set({
                 syncStatus: 'COMPLETED',
                 lastSyncAt: new Date().toISOString(),
                 syncError: null
             }).where(eq(users.id, user.id));
-            */
 
             console.log(`[SyncRun] Sync completed for user ${user.id}`);
 
@@ -116,21 +133,20 @@ export async function POST(request: NextRequest) {
         } catch (syncError: any) {
             console.error(`[SyncRun] Error syncing for user ${user.id}:`, syncError);
 
-            // TODO: Uncomment after Turso migration
-            /*
-            // Mark sync as FAILED
+            // Mark sync as FAILED with error message
             await db.update(users).set({
                 syncStatus: 'FAILED',
                 syncError: syncError.message || 'Unknown error'
             }).where(eq(users.id, user.id));
-            */
-
-            console.error(`[SyncRun] Sync failed for user ${user.id}:`, syncError);
 
             return NextResponse.json({
                 error: "Sync failed",
                 message: syncError.message || "Internal server error"
             }, { status: 500 });
+        } finally {
+            // CRITICAL: Always remove from in-memory set, even on error
+            activeSyncs.delete(user.id);
+            console.log(`[SyncRun] Removed user ${user.id} from activeSyncs. Size: ${activeSyncs.size}`);
         }
     } catch (error) {
         console.error("POST /api/sync/run error:", error);

src/app/api/sync/status/route.ts

@@ -1,25 +1,51 @@
 /**
- * TODO: Re-enable after Turso migration
+ * Sync Status API Route
  * 
- * This endpoint is temporarily disabled because it queries sync_status columns  
- * that don't exist in the production Turso database yet.
- * 
- * To re-enable:
- * 1. Run migration: add_sync_status.sql on Turso
- * 2. Uncomment the code below
- * 3. Deploy
+ * GET /api/sync/status - Check current sync status for the authenticated user
+ * Used by frontend to poll sync progress without triggering new syncs
  */
 
-// Endpoint disabled until migration
-export function GET() {
-    return new Response(
-        JSON.stringify({
-            error: "Endpoint temporarily disabled",
-            message: "Sync status tracking not yet available"
-        }),
-        {
-            status: 503,
-            headers: { 'Content-Type': 'application/json' }
+import { NextRequest, NextResponse } from "next/server";
+import { getCurrentUser } from "@/lib/auth";
+import { db } from "@/db";
+import { users } from "@/db/schema";
+import { eq } from "drizzle-orm";
+
+export async function GET(request: NextRequest) {
+    try {
+        const user = await getCurrentUser(request);
+        if (!user) {
+            return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+        }
+
+        // Get user's sync status
+        const userRecord = await db.select({
+            syncStatus: users.syncStatus,
+            lastSyncAt: users.lastSyncAt,
+            syncError: users.syncError,
+        })
+            .from(users)
+            .where(eq(users.id, user.id))
+            .limit(1);
+
+        if (!userRecord || userRecord.length === 0) {
+            return NextResponse.json({ error: "User not found" }, { status: 404 });
         }
-    );
+
+        const { syncStatus, lastSyncAt, syncError } = userRecord[0];
+
+        return NextResponse.json({
+            status: syncStatus || 'IDLE',
+            lastSyncAt: lastSyncAt || null,
+            error: syncError || null,
+            isIdle: syncStatus === 'IDLE' || syncStatus === 'COMPLETED',
+            isSyncing: syncStatus === 'SYNCING',
+            isPending: syncStatus === 'PENDING',
+            hasFailed: syncStatus === 'FAILED',
+        });
+
+    } catch (error) {
+        console.error("GET /api/sync/status error:", error);
+        return NextResponse.json({ error: "Internal server error" }, { status: 500 });
+    }
 }

src/db/schema.ts

@@ -39,11 +39,10 @@ export const users = sqliteTable("users", {
     role: text("role"),  // email: text("email"),
     githubAccessToken: text("github_access_token"),
 
-    // TODO: Uncomment after running Turso migration (add_sync_status.sql)
-    // Sync status tracking (Phase 2)
-    // syncStatus: text("sync_status").default("IDLE"),  // IDLE | PENDING | SYNCING | COMPLETED | FAILED
-    // lastSyncAt: text("last_sync_at"),                 // ISO timestamp
-    // syncError: text("sync_error"),                     // Error message if failed
+    // Sync status tracking (Phase 2) - Re-enabled after Turso migration
+    syncStatus: text("sync_status").default("IDLE"),  // IDLE | PENDING | SYNCING | COMPLETED | FAILED
+    lastSyncAt: text("last_sync_at"),                 // ISO timestamp
+    syncError: text("sync_error"),                     // Error message if failed
 
     createdAt: text("created_at").notNull(),
     updatedAt: text("updated_at").notNull(),

src/lib/auth.ts

@@ -66,7 +66,6 @@ export async function getCurrentUser(request: NextRequest) {
         console.log("[getCurrentUser] Token verified, user_id:", payload.user_id);
 
         // Fetch full user from database
-        // TODO: After Turso migration, re-add syncStatus, lastSyncAt, syncError to this select
         const userRecords = await db
             .select({
                 id: users.id,
@@ -75,6 +74,9 @@ export async function getCurrentUser(request: NextRequest) {
                 avatarUrl: users.avatarUrl,
                 role: users.role,
                 githubAccessToken: users.githubAccessToken,
+                syncStatus: users.syncStatus,
+                lastSyncAt: users.lastSyncAt,
+                syncError: users.syncError,
                 createdAt: users.createdAt,
                 updatedAt: users.updatedAt,
             })