2026/02/23 12:29:31 🔥🔥🔥 BSSAPP BACKEND STARTED — LOGIN ROUTE SHOULD EXIST 🔥🔥🔥
2026/02/23 12:29:31 🔐 JWT_SECRET yüklendi
MSSQL bağlantısı başarılı
2026/02/23 12:29:31 PostgreSQL bağlantısı başarılı
2026/02/23 12:29:31 ✅ Admin dept permissions seeded
2026/02/23 12:29:31 🟢 auditlog Init called, buffer: 1000
2026/02/23 12:29:31 🕵️ AuditLog sistemi başlatıldı (buffer=1000)
2026/02/23 12:29:31 ✉️ Graph Mailer hazır (App-only token) | from=baggiss@baggi.com.tr
2026/02/23 12:29:31 ✉️ Graph Mailer hazır
2026/02/23 12:29:31 🟢 auditlog worker STARTED
📋 [DEBUG] İlk 10 kullanıcı:
 - 1 : ctengiz
 - 2 : ali.kale
 - 5 : mehmet.keçeci
 - 6 : mert.keçeci
 - 7 : samet.keçeci
 - 9 : orhan.caliskan
 - 10 : nilgun.sara
 - 14 : rustem.kurbanov
 - 15 : caner.akyol
 - 16 : kemal.matyakupov
2026/02/23 12:29:32 ✅ Route+Perm registered → POST /api/auth/login [auth:login]
2026/02/23 12:29:32 ✅ Route+Perm registered → POST /api/auth/refresh [auth:refresh]
2026/02/23 12:29:32 ✅ Route+Perm registered → POST /api/password/forgot [auth:update]
2026/02/23 12:29:33 ✅ Route+Perm registered → GET /api/password/reset/validate/{token} [auth:view]
2026/02/23 12:29:33 ✅ Route+Perm registered → POST /api/password/reset [auth:update]
2026/02/23 12:29:34 ✅ Route+Perm registered → POST /api/password/change [auth:update]
2026/02/23 12:29:34 ✅ Route+Perm registered → GET /api/activity-logs [system:read]
2026/02/23 12:29:35 ✅ Route+Perm registered → POST /api/test-mail [system:update]
2026/02/23 12:29:35 ✅ Route+Perm registered → GET /api/roles/{id}/permissions [system:update]
2026/02/23 12:29:36 ✅ Route+Perm registered → POST /api/roles/{id}/permissions [system:update]
2026/02/23 12:29:36 ✅ Route+Perm registered → GET /api/users/{id}/permissions [system:update]
2026/02/23 12:29:36 ✅ Route+Perm registered → POST /api/users/{id}/permissions [system:update]
2026/02/23 12:29:37 ✅ Route+Perm registered → GET /api/permissions/routes [system:view]
2026/02/23 12:29:37 ✅ Route+Perm registered → GET /api/permissions/effective [system:view]
2026/02/23 12:29:38 ✅ Route+Perm registered → GET /api/permissions/matrix [system:view]
2026/02/23 12:29:38 ✅ Route+Perm registered → GET /api/role-dept-permissions/list [system:update]
2026/02/23 12:29:38 ✅ Route+Perm registered → GET /api/roles/{roleId}/departments/{deptCode}/permissions [system:update]
2026/02/23 12:29:39 ✅ Route+Perm registered → POST /api/roles/{roleId}/departments/{deptCode}/permissions [system:update]
2026/02/23 12:29:39 ✅ Route+Perm registered → GET /api/users/list [user:view]
2026/02/23 12:29:40 ✅ Route+Perm registered → POST /api/users [user:insert]
2026/02/23 12:29:40 ✅ Route+Perm registered → GET /api/users/{id} [user:update]
2026/02/23 12:29:41 ✅ Route+Perm registered → PUT /api/users/{id} [user:update]
2026/02/23 12:29:41 ✅ Route+Perm registered → DELETE /api/users/{id} [user:delete]
2026/02/23 12:29:41 ✅ Route+Perm registered → POST /api/users/{id}/admin-reset-password [user:update]
2026/02/23 12:29:42 ✅ Route+Perm registered → POST /api/users/{id}/send-password-mail [user:update]
2026/02/23 12:29:42 ✅ Route+Perm registered → POST /api/users/create [user:insert]
2026/02/23 12:29:43 ✅ Route+Perm registered → GET /api/lookups/users-perm [user:view]
2026/02/23 12:29:43 ✅ Route+Perm registered → GET /api/lookups/roles-perm [user:view]
2026/02/23 12:29:43 ✅ Route+Perm registered → GET /api/lookups/departments-perm [user:view]
2026/02/23 12:29:44 ✅ Route+Perm registered → GET /api/lookups/modules [user:view]
2026/02/23 12:29:44 ✅ Route+Perm registered → GET /api/lookups/roles [user:view]
2026/02/23 12:29:45 ✅ Route+Perm registered → GET /api/lookups/departments [user:view]
2026/02/23 12:29:45 ✅ Route+Perm registered → GET /api/lookups/nebim-users [user:view]
2026/02/23 12:29:46 ✅ Route+Perm registered → GET /api/lookups/piyasalar [user:view]
2026/02/23 12:29:46 ✅ Route+Perm registered → GET /api/accounts [customer:view]
2026/02/23 12:29:46 ✅ Route+Perm registered → GET /api/customer-list [customer:view]
2026/02/23 12:29:47 ✅ Route+Perm registered → GET /api/today-currency [finance:view]
2026/02/23 12:29:47 ✅ Route+Perm registered → GET /api/export-pdf [finance:export]
2026/02/23 12:29:48 ✅ Route+Perm registered → GET /api/exportstamentheaderreport-pdf [finance:export]
2026/02/23 12:29:48 ✅ Route+Perm registered → GET /api/finance/customer-balances [finance:view]
2026/02/23 12:29:48 ✅ Route+Perm registered → GET /api/statements [finance:view]
2026/02/23 12:29:49 ✅ Route+Perm registered → GET /api/statements/{id}/details [finance:view]
2026/02/23 12:29:49 ✅ Route+Perm registered → POST /api/order/create [order:insert]
2026/02/23 12:29:50 ✅ Route+Perm registered → POST /api/order/update [order:update]
2026/02/23 12:29:50 ✅ Route+Perm registered → GET /api/order/get/{id} [order:view]
2026/02/23 12:29:51 ✅ Route+Perm registered → GET /api/orders/list [order:view]
2026/02/23 12:29:51 ✅ Route+Perm registered → GET /api/orders/production-list [order:update]
2026/02/23 12:29:51 ✅ Route+Perm registered → GET /api/orders/production-items/{id} [order:view]
2026/02/23 12:29:52 ✅ Route+Perm registered → POST /api/orders/production-items/{id}/insert-missing [order:update]
2026/02/23 12:29:52 ✅ Route+Perm registered → POST /api/orders/production-items/{id}/validate [order:update]
2026/02/23 12:29:53 ✅ Route+Perm registered → POST /api/orders/production-items/{id}/apply [order:update]
2026/02/23 12:29:53 ✅ Route+Perm registered → GET /api/orders/close-ready [order:update]
2026/02/23 12:29:54 ✅ Route+Perm registered → POST /api/orders/bulk-close [order:update]
2026/02/23 12:29:54 ✅ Route+Perm registered → GET /api/orders/export [order:export]
2026/02/23 12:29:54 ✅ Route+Perm registered → GET /api/order/check/{id} [order:view]
2026/02/23 12:29:55 ✅ Route+Perm registered → POST /api/order/validate [order:insert]
2026/02/23 12:29:55 ✅ Route+Perm registered → GET /api/order/pdf/{id} [order:export]
2026/02/23 12:29:56 ✅ Route+Perm registered → GET /api/order-inventory [order:view]
2026/02/23 12:29:56 ✅ Route+Perm registered → GET /api/orderpricelistb2b [order:view]
2026/02/23 12:29:57 ✅ Route+Perm registered → GET /api/min-price [order:view]
2026/02/23 12:29:57 ✅ Route+Perm registered → GET /api/products [order:view]
2026/02/23 12:29:57 ✅ Route+Perm registered → GET /api/product-detail [order:view]
2026/02/23 12:29:58 ✅ Route+Perm registered → GET /api/product-colors [order:view]
2026/02/23 12:29:58 ✅ Route+Perm registered → GET /api/product-colorsize [order:view]
2026/02/23 12:29:59 ✅ Route+Perm registered → GET /api/product-secondcolor [order:view]
2026/02/23 12:29:59 ✅ Route+Perm registered → GET /api/roles [user:view]
2026/02/23 12:29:59 ✅ Route+Perm registered → GET /api/departments [user:view]
2026/02/23 12:30:00 ✅ Route+Perm registered → GET /api/piyasalar [user:view]
2026/02/23 12:30:01 ✅ Route+Perm registered → POST /api/roles/{id}/departments [user:update]
2026/02/23 12:30:01 ✅ Route+Perm registered → POST /api/roles/{id}/piyasalar [user:update]
2026/02/23 12:30:01 ✅ Route+Perm registered → POST /api/users/{id}/roles [user:update]
2026/02/23 12:30:02 ✅ Route+Perm registered → POST /api/admin/users/{id}/piyasa-sync [admin:user.update]
2026/02/23 12:30:02 🌍 CORS Allowed Origin: http://ss.baggi.com.tr/app
2026/02/23 12:30:02 🚀 Server running at: 0.0.0.0:8080
2026/02/23 12:30:43 ➡️  POST /api/auth/login | auth=false
2026/02/23 12:30:44 🔎 LOGIN DEBUG | mk_user_found=false err=mk_user not found hash_len=0
2026/02/23 12:30:44 🟡 LEGACY LOGIN PATH: x
2026/02/23 12:30:44 🟡 LEGACY LOGIN QUERY HIT: x
2026/02/23 12:30:44 ❌ LEGACY SCAN ERROR: sql: no rows in result set
2026/02/23 12:30:44 ⬅️  POST /api/auth/login | status=401 | 279.0065ms
2026/02/23 12:30:44 ⚠️ LOGGER: claims is NIL
2026/02/23 12:30:44 🧾 auditlog INSERT | actor_dfusr=<nil> actor_user=<nil> role=public nav /api/auth/login target=<nil>
2026/02/23 12:30:50 ➡️  POST /api/auth/login | auth=false
2026/02/23 12:30:50 🧪 MK USER FROM DB
2026/02/23 12:30:50 🧪 ID=5 role_id=3 role_code='admin' depts=[UST_YONETIM]
2026/02/23 12:30:50 🔎 LOGIN DEBUG | mk_user_found=true err=<nil> hash_len=60
2026/02/23 12:30:50 🧪 LOGIN RESPONSE USER DEBUG
2026/02/23 12:30:50 🧪 user.ID        = 5
2026/02/23 12:30:50 🧪 user.Username  = mehmet.keçeci
2026/02/23 12:30:50 🧪 user.RoleID    = 3
2026/02/23 12:30:50 🧪 user.RoleCode  = 'admin'
2026/02/23 12:30:50 🧪 user.IsActive  = true
2026/02/23 12:30:50 ⬅️  POST /api/auth/login | status=200 | 593.239ms
2026/02/23 12:30:50 ⚠️ LOGGER: claims is NIL
2026/02/23 12:30:50 🧾 auditlog INSERT | actor_dfusr=<nil> actor_user=<nil> role=public nav /api/auth/login target=<nil>
2026/02/23 12:30:52 🔐 GLOBAL AUTH user=5 role=admin
2026/02/23 12:30:52 ➡️  GET /api/finance/customer-balances | auth=true
2026/02/23 12:30:52 AUTH_MIDDLEWARE PASS user=5 role=admin method=GET path=/api/finance/customer-balances
2026/02/23 12:30:52 🔐 PERM CHECK user=5 role=3 dept=[UST_YONETIM] finance:view
2026/02/23 12:30:53   ↳ ROLE+DEPT OVERRIDE = true
2026/02/23 12:33:21 ⬅️  GET /api/finance/customer-balances | status=200 | 2m28.8586087s
2026/02/23 12:33:21 ✅ LOGGER CLAIMS user=mehmet.keçeci role=admin id=5
2026/02/23 12:33:21 🧾 auditlog INSERT | actor_dfusr=5 actor_user=mehmet.keçeci role=admin nav /api/finance/customer-balances target=<nil>
2026/02/23 13:40:17 ➡️  POST /api/auth/refresh | auth=false
2026/02/23 13:40:18 ⬅️  POST /api/auth/refresh | status=200 | 852.618ms
2026/02/23 13:40:18 ⚠️ LOGGER: claims is NIL
2026/02/23 13:40:18 🧾 auditlog INSERT | actor_dfusr=<nil> actor_user=<nil> role=public nav /api/auth/refresh target=<nil>
2026/02/23 13:40:18 🔐 GLOBAL AUTH user=5 role=admin
2026/02/23 13:40:18 ➡️  GET /api/finance/customer-balances | auth=true
2026/02/23 13:40:18 AUTH_MIDDLEWARE PASS user=5 role=admin method=GET path=/api/finance/customer-balances
2026/02/23 13:40:18 🔐 PERM CHECK user=5 role=3 dept=[UST_YONETIM] finance:view
2026/02/23 13:40:19   ↳ ROLE+DEPT OVERRIDE = true
2026/02/23 13:42:46 ⬅️  GET /api/finance/customer-balances | status=200 | 2m27.9525306s
2026/02/23 13:42:46 ✅ LOGGER CLAIMS user=mehmet.keçeci role=admin id=5
2026/02/23 13:42:46 🧾 auditlog INSERT | actor_dfusr=5 actor_user=mehmet.keçeci role=admin nav /api/finance/customer-balances target=<nil>
exit status 1