managarten

till/managarten

Fork 0

mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 19:01:08 +02:00

Commit graph

Author	SHA1	Message	Date
Till JS	546b94d472	feat(personas): move admin + internal endpoints from mana-auth to apps/api Schließt die platform/product-split-Lücke: HEAD's apps/api/src/index.ts referenziert seit dem Forms-M10d-Commit personasInternalRoutes / personasAdminRoutes — die Implementierung lag aber noch nicht im Repo. Build war strukturell broken bis hierhin. Was wandert von mana-auth nach apps/api: apps/api/src/modules/personas/ ├── schema.ts — pgSchema('personas') mit personas / │ persona_actions / persona_feedback; │ userId ist plain text (Cross-DB-FK auf │ mana-auth's auth.users geht nach Split nicht). ├── internal-routes.ts — service-key gated GET /due, POST /:id/actions │ und POST /:id/feedback. Append-only + │ idempotent über deterministische row-ids │ (tickId-i-tool / tickId-module). └── admin-routes.ts — admin-JWT gated CRUD; ruft mana-auth via /api/v1/admin/users + /api/v1/auth/register + /api/v1/internal/users/:id/persona-stamp für den User-Lifecycle. Persona-runner-Client zeigt jetzt auf apps/api: - config.ts: neues apiUrl-Feld (default http://localhost:3060, Env MANA_API_URL); authUrl bleibt für /api/v1/auth/login + spaces. - clients/mana-auth-internal.ts: drei Calls treffen jetzt /api/v1/personas/internal/* statt mana-auth's /api/v1/internal/personas/* — Datei-Name bleibt um Call-Site-Diff klein zu halten. - index.ts: ManaAuthInternalClient bekommt config.apiUrl statt authUrl. Seed/Cleanup-Skripte: - --api= als bevorzugter Flag, --auth= als Legacy-Alias (cached Shell-History würde sonst hart brechen). - default http://localhost:3060, Env MANA_API_URL. - Endpoint-Pfade umgeschrieben: POST /api/v1/admin/personas → /api/v1/personas/admin DELETE /api/v1/admin/personas/:id → /api/v1/personas/admin/:id drizzle.config.ts: schema-Array + schemaFilter um 'personas' erweitert. DB-push ist Pflicht-Schritt vor erstem Boot, sonst 42P01 auf /due. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-06 20:38:29 +02:00
Till JS	493db0c3b2	feat(personas): M2.a-c — persona schemas + admin endpoints + seed pipeline Continuation of docs/plans/mana-mcp-and-personas.md. Personas are the auto-test users the M3 runner will drive — they're real Mana users (kind='persona', tier='founder'), registered through the same Better Auth pipeline as humans, just stamped differently and metadata-tracked so the persona-runner knows how to role-play them. Schemas (auth namespace — personas are 1:1 with users, no reason for a separate platform.* schema that the plan originally sketched) - userKindEnum ('human' \| 'persona' \| 'system') + users.kind column, wired into better-auth additionalFields so the JWT/user object carry the flag. Default 'human' keeps every existing user untouched. - auth.personas — 1:1 descriptor (archetype, systemPrompt, moduleMix jsonb, tickCadence, lastActiveAt). CASCADE from users.id. - auth.persona_actions — tick-grouped audit of every tool call the runner makes (toolName, inputHash for dedup, result, latency). - auth.persona_feedback — structured 1-5 ratings per module per tick, plus free-text notes. This is where the runner writes the self-reflection step at end of each tick. Admin endpoints (/api/v1/admin/personas, admin-tier-gated) - POST / create-or-update by email. Uses auth.api.signUpEmail if the user's new, then stamps kind+tier+verified and upserts the personas row. Idempotent — safe to re-run after catalog edits. - GET / list with 7-day action count per persona. - GET /:id detail + recent 20 actions + per-module feedback aggregate. - DELETE /:id hard delete. Refuses non-persona users as defense-in-depth: an admin typo here would cascade through the full user-delete chain. Catalog + seed pipeline (scripts/personas/) - catalog.json 10 handwritten personas spanning 7 archetypes (adhd-student, ceo-busy, creative-parent, solo-dev, researcher, freelancer, overwhelmed-newbie). Five pairs of personas that will later share family/team spaces (cross-space setup is deferred to M2.d per the plan). - catalog.ts zod-validated loader. Refines email to require @mana.test TLD — non-existent, no bounce risk. - password.ts deterministic HMAC-SHA256(PERSONA_SEED_SECRET, email). No stored per-persona credentials; the runner re-derives on every login. Refuses the dev-fallback secret in production. - seed.ts POST /admin/personas per catalog entry. Flags: --auth=, --jwt=, --dry-run. - cleanup.ts Hard-delete every live persona. Warns when the live set drifts from the catalog. Root package.json: pnpm seed:personas pnpm seed:personas:cleanup Extends the ESLint root-ignore list with `scripts/**` so Bun-typed utility scripts don't fail the typed-parser check they weren't opted into. Consistent with the rest of scripts/ being .mjs+.sh. To go live (user action): pnpm docker:up cd services/mana-auth && bun run db:push export MANA_ADMIN_JWT=... pnpm seed:personas M2.d deferred: cross-space (family/team/practice) memberships between persona pairs. Better Auth's org-invite flow is multi-step and would roughly double the M2 scope; the persona-runner (M3) can operate in personal spaces first, shared-space tests land as their own milestone. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 13:55:14 +02:00

Author

SHA1

Message

Date

Till JS

546b94d472

feat(personas): move admin + internal endpoints from mana-auth to apps/api

Schließt die platform/product-split-Lücke: HEAD's apps/api/src/index.ts
referenziert seit dem Forms-M10d-Commit personasInternalRoutes /
personasAdminRoutes — die Implementierung lag aber noch nicht im Repo.
Build war strukturell broken bis hierhin.

Was wandert von mana-auth nach apps/api:

  apps/api/src/modules/personas/
    ├── schema.ts          — pgSchema('personas') mit personas /
    │                        persona_actions / persona_feedback;
    │                        userId ist plain text (Cross-DB-FK auf
    │                        mana-auth's auth.users geht nach Split nicht).
    ├── internal-routes.ts — service-key gated GET /due, POST /:id/actions
    │                        und POST /:id/feedback. Append-only +
    │                        idempotent über deterministische row-ids
    │                        (tickId-i-tool / tickId-module).
    └── admin-routes.ts    — admin-JWT gated CRUD; ruft mana-auth via
                             /api/v1/admin/users + /api/v1/auth/register
                             + /api/v1/internal/users/:id/persona-stamp
                             für den User-Lifecycle.

Persona-runner-Client zeigt jetzt auf apps/api:

  - config.ts: neues apiUrl-Feld (default http://localhost:3060,
    Env MANA_API_URL); authUrl bleibt für /api/v1/auth/login + spaces.
  - clients/mana-auth-internal.ts: drei Calls treffen jetzt
    /api/v1/personas/internal/* statt mana-auth's
    /api/v1/internal/personas/* — Datei-Name bleibt um Call-Site-Diff
    klein zu halten.
  - index.ts: ManaAuthInternalClient bekommt config.apiUrl statt authUrl.

Seed/Cleanup-Skripte:

  - --api= als bevorzugter Flag, --auth= als Legacy-Alias (cached
    Shell-History würde sonst hart brechen).
  - default http://localhost:3060, Env MANA_API_URL.
  - Endpoint-Pfade umgeschrieben:
      POST   /api/v1/admin/personas        → /api/v1/personas/admin
      DELETE /api/v1/admin/personas/:id    → /api/v1/personas/admin/:id

drizzle.config.ts: schema-Array + schemaFilter um 'personas' erweitert.
DB-push ist Pflicht-Schritt vor erstem Boot, sonst 42P01 auf /due.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-06 20:38:29 +02:00

Till JS

493db0c3b2

feat(personas): M2.a-c — persona schemas + admin endpoints + seed pipeline

Continuation of docs/plans/mana-mcp-and-personas.md. Personas are the
auto-test users the M3 runner will drive — they're real Mana users
(kind='persona', tier='founder'), registered through the same Better
Auth pipeline as humans, just stamped differently and metadata-tracked
so the persona-runner knows how to role-play them.

Schemas (auth namespace — personas are 1:1 with users, no reason for a
separate platform.* schema that the plan originally sketched)

- userKindEnum ('human' | 'persona' | 'system') + users.kind column,
  wired into better-auth additionalFields so the JWT/user object carry
  the flag. Default 'human' keeps every existing user untouched.
- auth.personas — 1:1 descriptor (archetype, systemPrompt, moduleMix
  jsonb, tickCadence, lastActiveAt). CASCADE from users.id.
- auth.persona_actions — tick-grouped audit of every tool call the
  runner makes (toolName, inputHash for dedup, result, latency).
- auth.persona_feedback — structured 1-5 ratings per module per tick,
  plus free-text notes. This is where the runner writes the
  self-reflection step at end of each tick.

Admin endpoints (/api/v1/admin/personas, admin-tier-gated)

- POST /            create-or-update by email. Uses auth.api.signUpEmail
                    if the user's new, then stamps kind+tier+verified
                    and upserts the personas row. Idempotent — safe to
                    re-run after catalog edits.
- GET  /            list with 7-day action count per persona.
- GET  /:id         detail + recent 20 actions + per-module feedback
                    aggregate.
- DELETE /:id       hard delete. Refuses non-persona users as
                    defense-in-depth: an admin typo here would cascade
                    through the full user-delete chain.

Catalog + seed pipeline (scripts/personas/)

- catalog.json      10 handwritten personas spanning 7 archetypes
                    (adhd-student, ceo-busy, creative-parent, solo-dev,
                    researcher, freelancer, overwhelmed-newbie).
                    Five pairs of personas that will later share
                    family/team spaces (cross-space setup is deferred
                    to M2.d per the plan).
- catalog.ts        zod-validated loader. Refines email to require
                    @mana.test TLD — non-existent, no bounce risk.
- password.ts       deterministic HMAC-SHA256(PERSONA_SEED_SECRET,
                    email). No stored per-persona credentials; the
                    runner re-derives on every login. Refuses the
                    dev-fallback secret in production.
- seed.ts           POST /admin/personas per catalog entry. Flags:
                    --auth=, --jwt=, --dry-run.
- cleanup.ts        Hard-delete every live persona. Warns when the
                    live set drifts from the catalog.

Root package.json:
  pnpm seed:personas
  pnpm seed:personas:cleanup

Extends the ESLint root-ignore list with `scripts/**` so Bun-typed
utility scripts don't fail the typed-parser check they weren't opted
into. Consistent with the rest of scripts/ being .mjs+.sh.

To go live (user action):
  pnpm docker:up
  cd services/mana-auth && bun run db:push
  export MANA_ADMIN_JWT=...
  pnpm seed:personas

M2.d deferred: cross-space (family/team/practice) memberships between
persona pairs. Better Auth's org-invite flow is multi-step and would
roughly double the M2 scope; the persona-runner (M3) can operate in
personal spaces first, shared-space tests land as their own milestone.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 13:55:14 +02:00

2 commits