- Add GET /api/auth/reset-password/:token endpoint to handle email links
- Create password-reset-redirect store to track source app URLs
- Include callbackURL in reset emails for proper app redirection
- Add redirectTo parameter to forgotPassword in shared-auth
- Create /reset-password page in calendar app with DE/EN translations
- Update calendar authStore with resetPasswordWithToken method
Fixes 404 error when clicking password reset link from email
GDPR-compliant task management bot for Matrix with:
- Task CRUD: !add, !list, !done, !delete
- Priority support: !p1 to !p4
- Date shortcuts: @heute, @morgen, @übermorgen
- Project tags: #projektname
- Natural language keywords: hilfe, zeige aufgaben, heute
- Welcome messages and auto-pin help on room join
- Per-user task isolation via Matrix user ID
- Local JSON storage
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add keyword detection for German/English commands (hilfe, modelle, status)
- Send welcome message when users join the room
- Send bot introduction when invited to new rooms
- Add !pin command to pin help message
- Auto-pin help when joining new rooms
- Update help text with simpler command overview
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add !vision command to analyze images with vision models
- Add !vision:all command to compare all vision models
- Filter out specialized models (deepseek-r1) from !all comparison
- Add chatWithImage method to OllamaService for vision requests
- Switch Dockerfile from pnpm to npm for better compatibility
- Add .dockerignore and tsconfig.build.json
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add !all [question] command to query all models and compare responses
- Show response times for each model
- Update help text with new command and rename to Mana Chat
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use pnpm overrides to replace @matrix-org/matrix-sdk-crypto-nodejs with
an empty package since E2E encryption is not needed for these bots.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add three new Telegram bot services:
- telegram-nutriphi-bot: Nutrition tracking bot with Gemini AI analysis
- Photo meal analysis
- Daily nutrition goals and tracking
- Statistics and reports
- telegram-todo-bot: Todo list management bot
- Integration with Todo backend API
- Reminder scheduling
- User preferences per chat
- telegram-zitare-bot: Daily inspiration quotes bot
- Scheduled daily quotes
- Quote database with authors
- User subscription management
All bots use NestJS with nestjs-telegraf for Telegram integration.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Skip postinstall scripts for matrix-sdk-crypto-nodejs which
doesn't build on Alpine Linux. E2E encryption not needed.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Import LogLevel separately instead of LogService.LogLevel
- Change sendTyping to setTyping
- Use any type for event handler to avoid generic type issues
- Fix Buffer to Uint8Array conversion for OpenAI File API
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace Prometheus with VictoriaMetrics (2-year retention)
- Add DuckDB analytics module for business KPIs (unlimited retention)
- Add master overview dashboard combining all metrics
- Add business metrics dashboard for user growth tracking
- Add backup script for VictoriaMetrics snapshots and DuckDB
- Add ADR documentation for monitoring stack decision
Analytics API endpoints:
- GET /api/v1/analytics/health - Service health
- GET /api/v1/analytics/latest - Latest metrics snapshot
- GET /api/v1/analytics/growth - User growth over time
- GET /api/v1/analytics/monthly - Monthly aggregates
- POST /api/v1/analytics/snapshot - Manual snapshot trigger
- Add dev credentials pre-fill on login page (dev@manacore.local)
- Add initialPassword prop to LoginPage component
- Add seed script for dev user (pnpm db:seed:dev in mana-core-auth)
- Add OLLAMA_URL to .env.development for Mac Mini connection
- Fix telegram_user_id column type (integer -> bigint) for large user IDs
- Add local STT support via mana-stt service (Whisper MLX + Voxtral)
- Add STT provider config (local/openai) with fallback support
- Add Grafana dashboard for mana-stt service metrics
- Add ollama-metrics-proxy for LLM metrics collection
- Add Grafana dashboard for Ollama LLM metrics
Services added/updated:
- telegram-project-doc-bot: local STT integration
- mana-stt: Grafana dashboard
- ollama-metrics-proxy: new service for Ollama metrics
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add new NestJS-based Telegram bot for project documentation with:
- Drizzle ORM for database access
- OpenAI integration for AI features
- S3 storage support via AWS SDK
- Monorepo integration (dev scripts, database setup, MinIO bucket)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add mana-stt service with Whisper and Voxtral support for local
transcription. Includes setup script and launchd integration for
automatic startup on Mac Mini server.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add sourceAppUrl tracking during registration to redirect users back
to the app they registered from after email verification. Includes
URL validation for security (only *.mana.how, mana.how, localhost).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Better Auth generates verification URLs with /api/auth/verify-email path,
but NestJS uses /api/v1 prefix. This adds a passthrough controller to
handle the native Better Auth routes and properly verify user emails.
- Add BetterAuthPassthroughController for /api/auth/* routes
- Add verifyEmail method to BetterAuthService
- Exclude /api/auth/* from global prefix in main.ts
- Register passthrough controller in AuthModule
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Better Auth requires emailVerification config to be a separate top-level
option, not under emailAndPassword. Added sendOnSignUp: true to trigger
verification emails on registration.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- NestJS-based Telegram bot with nestjs-telegraf
- Ollama service for API communication with Gemma 3 4B
- Commands: /start, /help, /models, /model, /mode, /clear, /status
- Multiple modes: default, classify, summarize, translate, code
- Chat history with context (last 10 messages)
- User access control via TELEGRAM_ALLOWED_USERS
- Health endpoint for monitoring
- Updated MAC_MINI_SERVER.md with Ollama documentation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add sendVerificationEmail function in email.service.ts
- Enable requireEmailVerification in Better Auth config
- New users must verify their email before logging in
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Change from auth.api.forgetPassword to auth.api.requestPasswordReset
to match Better Auth's actual endpoint naming.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Access inviter.user.name instead of inviter.name to match Better Auth's
organization plugin type structure.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add nodemailer-based email service with Brevo SMTP integration
- Implement password reset, invitation, and welcome email templates
- Update better-auth.config.ts to use email service for sendResetPassword and sendInvitationEmail
- Add SMTP environment variables to docker-compose.macmini.yml
- Change minimum password length from 12 to 8 characters
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add user metrics to mana-core-auth MetricsService:
- auth_users_total: Total registered users
- auth_users_verified: Email-verified users
- auth_users_created_today/this_week/this_month
- Create Grafana user-statistics dashboard with:
- User overview stats (total, verified, verification rate, new today)
- Registration period breakdown (today/week/month)
- User growth trends over time
- Enhance telegram-stats-bot /users command:
- Add yesterday comparison with trends
- Add week-over-week comparison
- Add mini bar chart for last 7 days registration
- Include user stats in daily Telegram report
- Add metrics module to calendar, chat, clock, contacts backends
- Add metrics module to mana-core-auth service
- Expose /metrics endpoint for Prometheus scraping
- Track HTTP requests, response times, and custom business metrics
Co-Authored-By: Claude <noreply@anthropic.com>
Adds a NestJS service that delivers Umami analytics via Telegram:
- Telegram commands: /start, /stats, /today, /week, /realtime, /users
- Scheduled reports: Daily at 9:00, Weekly on Monday at 9:00
- Umami API integration with token management
- User statistics from auth database
- Docker + CI/CD pipeline integration
Bot: @stats_mana_bot
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add rememberMe field to sessions schema
- Mock non-existent service imports in tests
- Add missing docker-entrypoint.sh for clock-backend
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Merge till-dev branch containing:
- Planta plant care tracking application
- Clock backend with alarms, timers, world clocks
- Zitare backend with favorites and lists
- Various app improvements and fixes
- Auth system updates
- Infrastructure improvements
Note: Some type-check issues may need resolution after merge.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Import SecurityEventsService and Referral services
- Provide mocks for all BetterAuthService dependencies
- Fixes 'Cannot resolve dependencies' error in test initialization
- E2E tests still need real database (works in CI with postgres containers)
Implements sliding window expiration for refresh tokens to allow active
users to stay signed in indefinitely while maintaining security through
inactivity timeouts.
Changes:
- Extend refresh token expiration from NOW on each refresh (not from login)
- Preserve rememberMe flag across token rotations
- Active users: stay signed in forever (7/30 day sliding window)
- Inactive users: signed out after 7 days (regular) or 30 days (rememberMe)
This matches industry standards (Gmail, Slack, GitHub) where active users
remain authenticated while inactive users are automatically signed out.
- Add safe-db-push.mjs script for safer database migrations
- Update docker-entrypoint.sh with db:push fallback when migrations fail
- Add validate-migrations.mjs script for CI migration validation
- Update CI workflow to use migration validation
- Update drizzle.config.ts with improved configuration
Add centralized error logging endpoint to mana-core-auth:
- Error logs database schema with app_id, error message, stack traces
- POST /error-logs endpoint for single errors
- POST /error-logs/batch endpoint for batch submissions
- Error logs service with automatic cleanup of old entries
- DTOs with validation for error log submissions
The DO block approach in migration 0001 may not work correctly with
Drizzle's migration parser. This new migration 0002 uses PostgreSQL's
native ALTER TABLE ADD COLUMN IF NOT EXISTS syntax which is simpler
and more reliable.
Each column addition is a separate statement for maximum compatibility.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The sessions table on staging was missing newer columns like remember_me,
refresh_token, device_id, etc. because the initial migration uses
CREATE TABLE IF NOT EXISTS which skips if the table already exists.
This migration adds all potentially missing columns to the sessions table
using IF NOT EXISTS checks for each column.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The migration was failing on staging because the auth schema already
existed from previous db:push operations. This fix makes all DDL
statements idempotent:
- CREATE SCHEMA IF NOT EXISTS for all schemas
- DO $$ BEGIN ... EXCEPTION WHEN duplicate_object ... END $$ for ENUMs
- CREATE TABLE IF NOT EXISTS for all tables
- CREATE INDEX IF NOT EXISTS for all indexes
- DO $$ BEGIN ... EXCEPTION WHEN duplicate_object ... END $$ for constraints
This ensures migrations can run safely against databases that already
have the schema partially or fully created.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The shared-nestjs-cors package was exporting raw TypeScript files, which caused
runtime errors in production Docker containers:
SyntaxError: Unexpected token 'export'
Changes:
- Add build script to compile TypeScript to JavaScript
- Update package.json to export compiled dist files instead of src
- Add build step to all backend Dockerfiles that use this package
- Package now builds to CommonJS in dist/ folder
Fixes staging deployment failures for mana-core-auth and other backends.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
