refactor: demonolith convex backend into domain-based folder structure

[DerpcatMusic]

Summary

• Split 33 monolith Convex files into 58 focused files across 15 domain folders
• All cross-domain internal.* and api.* paths updated to match new file structure
• Scrubbed Mapbox public token from git history (now only in .env.local)
• Compiles clean with npx convex dev --once

Folder structure

convex/
  users/          syncUser, getCurrent, roleManagement, profileImage
  instructors/    settings, publicProfiles, mapDiscovery, zones
  studios/        settings, publicProfiles, branches
  onboarding/     instructor, studio
  jobs/           postJob, browse, applications, studioManagement,
                  instructorTabs, review, checkIn, calendar,
                  lessonCompletion, cancellation, _helpers
  compliance/     instructor, instructorReview, studio
  notifications/  settings, inbox, core, pushDelivery, broadcast
  calendar/       googleCalendar, googleCalendarNode
  payments/       pricing, core, actions, invoicing, stripeCheckout
  access/         snapshots
  internal/       access
  security/       rateLimits, webhookSecurity
  auth/           otp, magicLink
  home/           instructorStats
  migrations/     index

Key changes

• jobs.ts (3,175 lines) → 11 focused files
• users.ts (2,023 lines) → 4 files + settings split to instructors/ and studios/
• paymentsV2.ts (2,350 lines) → 5 files
• All internal function paths updated (e.g. internal.jobs.cleanupCancelledJobs → internal.jobs.cancellation.cleanupCancelledJobs)

⚠️ Force merge required

This PR rewrites history to scrub a Mapbox token from old commits. Must be merged with force-push to master (temporarily unprotect the branch).

[kilo-code-bot]

Code Review Roast 🔥

Verdict: 2 Issues Found | Recommendation: Address before merge

Overview

Severity	Count
🚨 critical	0
⚠️ warning	1
💡 suggestion	1
🤏 nitpick	0

Issue Details (click to expand)

File	Line	Roast
convex/http.ts	220-231	as any type casts suppress type checking on webhook payload
convex/lib/authDedupe.ts	(see diff)	Profile merge no longer handles zones/coverage after H3 migration

---

🏆 Best part: The Didit webhook signature verification is actually solid — HMAC with constant-time comparison, timestamp validation, and fingerprint tracking for brute-force protection. Someone read the OWASP cheatsheet on this one, and I'm genuinely impressed.

💀 Worst part: Those as any casts on lines 220-231 in http.ts are like telling TypeScript to look away while you smuggle unvalidated data past. The applyDiditStudioWebhookV2 mutation receives payload, decision, and other fields as any — if the mutation's argument shape changes, this silently breaks at runtime.

📊 Overall: Like watching someone meticulously organize their desk by throwing everything into different drawers — technically a "refactor," but you hope they labeled the drawers correctly. The PR claims it compiles clean, but I'd feel better with a quick test of the cron job paths before merging.

Files Reviewed (18 files)

• convex/security/webhookSecurity.ts
• convex/security/rateLimits.ts
• convex/auth/otp.ts
• convex/auth/magicLink.ts
• convex/payments/core.ts
• convex/payments/actions.ts
• convex/payments/invoicing.ts
• convex/integrations/stripe/config.ts
• convex/integrations/stripe/connectV2.ts
• convex/internal/access.ts
• convex/lib/rateLimit.ts
• convex/lib/auth.ts
• convex/lib/validation.ts
• convex/lib/resendDevRouting.ts
• convex/http.ts
• convex/auth.ts
• convex/crons.ts
• convex/lib/authDedupe.ts

---

_{Reviewed by minimax-m2.7 · 2,807,567 tokens}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 58adb41a3b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Migrate client calls to new Convex module paths

This refactor removed monolith modules like paymentsV2, jobs, and users in favor of nested paths (e.g. payments/core, jobs/applications, users/getCurrent), but this code still calls old references such as api.paymentsV2.createStudioPaymentOfferV2. Those references resolve to function names that no longer exist in Convex, so these mutations/queries fail at runtime with “function not found,” breaking core studio job/payment flows.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Enforce Didit webhook throttle before processing

Invalid-signature attempts are recorded, but this handler never checks throttle state before continuing to process incoming requests. As a result, fingerprints that should be blocked can still hit this endpoint indefinitely and force full verification/mutation work on every retry, effectively disabling the intended invalid-signature rate limiting for the Didit webhook path.

Useful? React with 👍 / 👎.