- Add isTokenValid() to decode JWT and check exp claim
- Refresh tokens 60 seconds before expiry (buffer)
- Auto-fetch fresh token via SSO-Link when cached token expires
- Clear invalid sessions when refresh fails
- Prevents "exp claim timestamp check failed" errors
JWT tokens from mana-core-auth expire after 15 minutes, but sessions
were cached for 7 days. Now tokens are transparently refreshed when
they expire, keeping users authenticated.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Export the following from @manacore/bot-services:
- LOGIN_MESSAGES: Pre-defined auth error messages for all bot types
- AUTH_ERROR_MESSAGES: Same as LOGIN_MESSAGES (preferred name)
- formatAuthErrorMessage(): Helper to create custom auth error messages
These are used by bots to show consistent error messages when token
refresh fails and the user needs to re-authenticate.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
mana-core-auth has a double prefix (/api/v1/api/v1/auth) due to
global prefix + controller prefix. Update SessionService to use
the correct paths.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
After successful !login, the bot now stores a persistent link between
the Matrix user ID and the Mana account in mana-core-auth. This allows
the bot to auto-authenticate users in the future without requiring
another !login command.
Changes:
- Add createMatrixUserLink() method to SessionService
- Call link creation after successful login
- Add MANA_CORE_SERVICE_KEY to todo and calendar bot docker config
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Activate Redis session storage in both bots for cross-bot SSO
- Update SessionHelper to async methods for Redis-backed SessionService
- Fix async/await issues in todo-bot and calendar-bot matrix.service.ts
- Remove unused imports from calendar-api and todo-api services
- Add CALENDAR_BACKEND_URL and MANA_CORE_SERVICE_KEY to .env.development
Note: SessionService methods are now async (Redis-backed). Other bots
need their matrix.service.ts updated to await these async calls.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Created shared services to eliminate code duplication across Matrix bots:
**New Services in @manacore/bot-services:**
- SessionService: User authentication via mana-core-auth (was duplicated in 11 bots)
- TranscriptionService: Speech-to-text via mana-stt (was duplicated in 6 bots)
**Migrated Bots:**
- matrix-todo-bot: uses TranscriptionService
- matrix-picture-bot: uses SessionService
- matrix-clock-bot: uses TranscriptionService
- matrix-zitare-bot: uses both SessionService & TranscriptionService
**Code Reduction:**
- Removed ~300 lines of duplicate code from migrated bots
- Centralized service configuration via NestJS modules
- Added comprehensive documentation in CLAUDE.md
Remaining bots can be migrated following the same pattern documented
in packages/bot-services/CLAUDE.md.
Note: @storage/backend type-check fails due to pre-existing drizzle-orm issue
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
