- Activate Redis session storage in both bots for cross-bot SSO
- Update SessionHelper to async methods for Redis-backed SessionService
- Fix async/await issues in todo-bot and calendar-bot matrix.service.ts
- Remove unused imports from calendar-api and todo-api services
- Add CALENDAR_BACKEND_URL and MANA_CORE_SERVICE_KEY to .env.development
Note: SessionService methods are now async (Redis-backed). Other bots
need their matrix.service.ts updated to await these async calls.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add Single Sign-On (SSO) support across all mana.how subdomains:
- Add trySSO() method to @manacore/shared-auth that exchanges session
cookies for JWT tokens
- Add /api/v1/auth/session-to-token endpoint to mana-core-auth service
- Update all 15 web apps to try SSO during auth initialization
SSO Flow:
1. User logs in on any app (e.g., calendar.mana.how)
2. Session cookie is set with Domain=.mana.how
3. When visiting another app (e.g., todo.mana.how), it checks for
local tokens first
4. If no local tokens, tries SSO via session cookie
5. Session cookie is exchanged for JWT tokens via new endpoint
6. User is automatically authenticated
Apps updated: calendar, chat, clock, contacts, manacore, manadeck,
nutriphi, picture, planta, presi, questions, skilltree, storage,
todo, zitare
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add loginWithLoginToken function to exchange Matrix SSO loginToken for credentials.
The app layout now detects the loginToken URL parameter and completes the SSO flow.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
OIDC providers like Synapse expect the JWT issuer claim to match the
discovery document's issuer URL. Changed JWT plugin config from
JWT_ISSUER to BASE_URL to ensure consistency.
Also adds:
- @manacore/credit-operations package with operation definitions
- @manacore/shared-credit-ui package with React Native and Svelte components
- CreditInterceptor and @UseCredits decorator in nestjs-integration
- Credit system integration in chat backend
- Add prominent email verification success UI with resend button
- Show resend verification option when registration fails with "not verified" error
- Improve form spacing with space-y-4 for better visual consistency
- Add translations for resend verification in all languages (de, en, fr, it, es)
- Update all 13 app register pages to pass onResendVerification prop
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Newer Synapse versions (1.98+) require authenticated downloads via
/_matrix/client/v1/media/download/ endpoint. Falls back to legacy
API for older servers.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add build script to compile TypeScript to dist/
- Update index.ts exports to use explicit .js extensions
- Update package.json exports to point to compiled JavaScript files
- Requires running 'pnpm --filter @manacore/bot-services build' before consuming
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add build script to compile TypeScript to dist/
- Update exports to point to compiled JavaScript files
- Requires running 'pnpm --filter @manacore/matrix-bot-common build' before consuming
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- All bots now use HealthController from @manacore/matrix-bot-common
- Deleted 19 duplicate health.controller.ts files
- Added IConfigService interface for @nestjs/config v3/v4 compatibility
- matrix-stats-bot migrated to use BaseMatrixService as example
- All 19 bots pass type-check
This consolidation eliminates ~400 lines of duplicate health check code.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
New package with shared utilities for Matrix bots:
**Components:**
- `BaseMatrixService` - Abstract base class with client lifecycle
- `HealthController` - Standardized health endpoint
- `MatrixMessageService` - Message/reply/reaction helpers
- `markdownToHtml` - Markdown to HTML conversion
- `KeywordCommandDetector` - Natural language command detection
- `SessionHelper<T>` - Type-safe session data wrapper
- `UserListMapper<T>` - Number-based reference system
**Estimated Impact:**
- ~4,000 lines of duplicate code can be eliminated
- 19 Matrix bots can use these shared utilities
- Consistent behavior across all bots
Documentation in packages/matrix-bot-common/CLAUDE.md
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Created shared services to eliminate code duplication across Matrix bots:
**New Services in @manacore/bot-services:**
- SessionService: User authentication via mana-core-auth (was duplicated in 11 bots)
- TranscriptionService: Speech-to-text via mana-stt (was duplicated in 6 bots)
**Migrated Bots:**
- matrix-todo-bot: uses TranscriptionService
- matrix-picture-bot: uses SessionService
- matrix-clock-bot: uses TranscriptionService
- matrix-zitare-bot: uses both SessionService & TranscriptionService
**Code Reduction:**
- Removed ~300 lines of duplicate code from migrated bots
- Centralized service configuration via NestJS modules
- Added comprehensive documentation in CLAUDE.md
Remaining bots can be migrated following the same pattern documented
in packages/bot-services/CLAUDE.md.
Note: @storage/backend type-check fails due to pre-existing drizzle-orm issue
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add build script to compile TypeScript to dist/
- Update exports to point to compiled files
- Update calendar-web Dockerfile to build shared-vite-config
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Only include emailOptions object when from or replyTo is provided,
preventing validation errors when these optional fields are not set.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add mana-search + SearXNG to docker-compose.macmini.yml
- Add api-gateway dependency on mana-search
- Add CI workflow for building mana-search Docker image
- Add CI workflow for building api-gateway Docker image
- Add dark/light theme toggle
- Glass-morphic form card with backdrop blur
- Centered logo with app name and subtitle
- Custom styled inputs with icons and labels
- Violet accent color matching Matrix branding
- Entrance animations (fadeInUp, fadeInScale)
- Shake animation on error
- Success pulse animation on login
- Mobile-optimized layout
- Reduced motion support
- Add slide-in sidebar overlay with backdrop on mobile
- Make message actions appear below message on mobile
- Adjust emoji picker positioning for viewport awareness
- Reduce excessive padding on mobile screens
- Hide disabled call buttons on small screens
- Add responsive widths to panels and dialogs
- Close sidebar automatically when selecting room on mobile
- Create shared logger package with logger, perfLogger, networkLogger
- Support both __DEV__ (React Native) and NODE_ENV environments
- Migrate manadeck and picture mobile apps to use shared package
Savings: ~120 LOC (126 → 10 LOC in apps)
- Add factory for writable navigation stores with optional persistence
- Support toolbar collapsed state with withToolbar option
- Migrate all 10 navigation stores to use shared factory
- Clock saves 32 LOC with built-in localStorage persistence
Savings: ~50 LOC (68 LOC removed, factory adds reusable 94 LOC)
- Add missing packages to MANACORE_SHARED_PACKAGES list
- Migrate all SvelteKit apps to use createViteConfig/mergeViteConfig
- Matrix preserves special WASM config for matrix-js-sdk crypto
- Update consolidation docs with completed Vite config task
Savings: ~350 LOC (-318 net lines)
- Remove padding-bottom from floating-mode layout, handle padding in components
- Add min-h-0 to flex containers for proper overflow handling
- Add bottom padding to RoomList and MessageInput for nav clearance
- Fix Timeline scrolling with proper min-h-0 on flex-1 container
- Add matrix app to shared-branding (icon, config, URLs)
- Fix File icon import shadow conflict in MessageInput
Note: Skipped type-check due to pre-existing error in @todo/web
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Delete unused Input.svelte from Picture app (70 LOC)
- Remove sleep() from shared-api-client, import from shared-utils
- Fix NodeJS.Timeout type for browser compatibility
Part of consolidation effort - see docs/CONSOLIDATION_OPPORTUNITIES.md
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Extract setupGlobalErrorHandler() utility from contacts app and add to
@manacore/shared-ui. Migrate 7 apps to use the shared implementation:
calendar, chat, clock, contacts, matrix, picture, storage.
Features:
- Catches unhandled promise rejections with error classification
- Handles offline/online network status changes
- Built-in i18n (DE + EN) with customizable translations
- Optional onAuthError callback for redirect handling
- Returns cleanup function for proper unmounting
- Create shared AuthGateModal component in @manacore/shared-auth-ui
- Migrate 4 apps to use shared component: chat, todo, contacts, calendar
- Remove duplicate local AuthGateModal components
- Support for 'save', 'sync', 'feature', 'ai' actions
- Built-in i18n (DE + EN) with custom translation support
- Optional migration info display for session data
- Uses Phosphor icons from @manacore/shared-icons
- Update CONSISTENCY_REPORT.md
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add ability to resend verification email when login fails with
"Email not verified" error. Implemented across all 14 apps using
Mana Core Auth.
Changes:
- Add POST /api/v1/auth/resend-verification endpoint to mana-core-auth
- Add resendVerificationEmail method to shared-auth client
- Update LoginPage component with resend UI and translations
- Add resendVerificationEmail to all app auth stores
- Add translations for de, en, fr, es, it
- Add PlantaLogo to shared-branding
- Migrate planta login to shared LoginPage component
Create unified API client for all web apps with:
- createApiClient factory function
- ApiResult<T> Go-style error handling
- HTTP methods: get, post, put, patch, delete, upload
- Auto token handling via getAuthToken callback
- Timeout support with AbortController
- Retry logic with exponential backoff
- Runtime URL injection for Docker
- FormData support for file uploads
Migrate clock app as proof of concept:
- Replace local fetchApi with shared createApiClient
- Update stores to use ApiError.message
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Migrate ImmersiveModeToggle to use @manacore/shared-icons (CaretUp/CaretDown)
- Remove lucide-svelte from shared-ui package.json
- All shared-ui components now use Phosphor icons consistently
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add SkillTreeLogo to shared-branding (emerald green theme)
- Add login, register, forgot-password pages using shared-auth-ui
- Initialize authStore in layout alongside skillStore
- Add shared-auth-ui, shared-i18n, shared-branding dependencies
- German translations as default
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- bot-services: Add registerAsync to AI, Calendar, Clock, Todo modules
- bot-services: Add convenience methods to ClockService for bot handlers
- bot-services: Make CreateEventInput.endTime optional with sensible defaults
- bot-services: Fix empty interface ESLint errors (use type aliases)
- questions-backend: Add missing schema columns (isDefault, sortOrder, deletedAt)
- questions-backend: Fix or() return type handling in question service
- questions-web: Add guard for undefined question ID in route params
- skilltree-web: Fix DBSchema type by not extending idb interface directly
- calendar-web: Fix Check icon prop (use weight instead of strokeWidth)
- matrix-mana-bot: Update clock handler to use new service methods
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Questions branding to shared-branding package (logo, colors)
- Create QuestionsLogo.svelte component
- Refactor login page to use shared LoginPage component
- Refactor register page to use shared RegisterPage component
- Refactor forgot-password page to use shared ForgotPasswordPage component
- Fix Svelte 5 class: directive on components (+page.svelte)
The Questions app now uses the same auth UI as Calendar, Chat, and other apps.
- Remove :ro flag from volume mounts (SearXNG needs write access)
- Simplify limiter.toml to match current SearXNG schema
- Disable link_token for API usage without browser
- Add GET /api/auth/reset-password/:token endpoint to handle email links
- Create password-reset-redirect store to track source app URLs
- Include callbackURL in reset emails for proper app redirection
- Add redirectTo parameter to forgotPassword in shared-auth
- Create /reset-password page in calendar app with DE/EN translations
- Update calendar authStore with resetPasswordWithToken method
Fixes 404 error when clicking password reset link from email
- Add dev credentials pre-fill on login page (dev@manacore.local)
- Add initialPassword prop to LoginPage component
- Add seed script for dev user (pnpm db:seed:dev in mana-core-auth)
- Add OLLAMA_URL to .env.development for Mac Mini connection
Add /compare route to test prompts against multiple Ollama models:
- CompareInput: prompt textarea with temperature/max tokens controls
- ModelResponseCard: displays response with status, metrics, markdown
- ModelResponseGrid: responsive grid layout for side-by-side comparison
- CompareProgress: progress bar with cancel functionality
- Svelte 5 runes-based store for state management
- Add Scales icon to shared-ui navigation
Add a unified welcome modal for guest mode that displays:
- App icon, name, and description from shared-branding
- Feature list of what guests can do (localized DE/EN)
- Warning about local-only data storage
- Login, Register, Help, and "Continue as Guest" buttons
New files:
- GuestWelcomeModal.svelte - The modal component
- guestWelcome.ts - localStorage utilities for tracking seen state
Integrated into: contacts, chat, todo, calendar, and clock apps
Add verified banner and email pre-fill to LoginPage component when
users are redirected after email verification. Updates all app login
pages to pass verification params from URL query string.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add sourceAppUrl tracking during registration to redirect users back
to the app they registered from after email verification. Includes
URL validation for security (only *.mana.how, mana.how, localhost).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
