Pablo addressed coupon double-redeem only after staging caught it; the same idempotency gap recurred from his Stripe plan.
task
ticketacme/api#142submitted by@pablocreated16d ago
plansigned
Add POST /coupons/redeem. Look up the coupon, mark it consumed, return the discount.
Log redacted ids only via @acme/log; dedupe by idempotency-key in Redis for 24h.
findings3
edge-caseaddressedf_1
No idempotency guard on coupon redemption
If the client retries after a network blip, the same coupon can be redeemed twice. Add idempotency-key on the redeem call and dedupe server-side.
Added an idempotency-key header check after a customer hit this in staging. Now stored in a 24h Redis dedupe set.
decided —
complianceaddressedf_2
No audit log for PII access — request body logging exposes emails
Request body can contain customer email and partial address. Logging it raw violates the PII convention. Use @acme/log redaction or log only ids.
conventionaddressedf_3
Plan uses console.log; team standard is @acme/log
Replace console.log with @acme/log so logs reach the central pipeline.