Add a unified welcome modal for guest mode that displays:
- App icon, name, and description from shared-branding
- Feature list of what guests can do (localized DE/EN)
- Warning about local-only data storage
- Login, Register, Help, and "Continue as Guest" buttons
New files:
- GuestWelcomeModal.svelte - The modal component
- guestWelcome.ts - localStorage utilities for tracking seen state
Integrated into: contacts, chat, todo, calendar, and clock apps
Add verified banner and email pre-fill to LoginPage component when
users are redirected after email verification. Updates all app login
pages to pass verification params from URL query string.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add sourceAppUrl tracking during registration to redirect users back
to the app they registered from after email verification. Includes
URL validation for security (only *.mana.how, mana.how, localhost).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use list format for environment variables as suggested in shoutrrr
issue #45 to avoid YAML parsing issues with colon in bot token.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add metrics module to calendar, chat, clock, contacts backends
- Add metrics module to mana-core-auth service
- Expose /metrics endpoint for Prometheus scraping
- Track HTTP requests, response times, and custom business metrics
Co-Authored-By: Claude <noreply@anthropic.com>
Remove auth check before loading data - the stores already handle
guest mode by loading from sessionStorage instead of API.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove the login redirect from the main dashboard page to allow
guest users to access the Clock app without authentication.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Clock: Replace local user-settings store with shared theme store
from @manacore/shared-theme to support nav settings properly
- All apps: Add optional chaining and fallback values when accessing
userSettings.nav.desktopPosition and userSettings.nav.hiddenNavItems
to prevent TypeError when user is not authenticated
Apps fixed: calendar, chat, clock, contacts, manacore, manadeck,
picture, todo
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Users can now use Calendar, Chat, Clock, and Todo without signing in.
Data is stored in sessionStorage (lost when tab closes).
Changes per app:
- Add session storage stores for temporary data
- Add AuthGateModal for login prompts
- Remove auth redirect from app layouts
- Add guest mode banner with item count
- Add sessionStorage return URL handling
When users sign in, session data is migrated to their cloud account.
Update all tracking script URLs and admin dashboard links to use the
new stats.mana.how subdomain for Umami web analytics.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added missing (app)/+page.svelte that shows:
- Current time display
- Quick links to World Clock, Alarms, Timers, Stopwatch
This fixes the 404 on the root route.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
drizzle-kit looks for drizzle.config.json by default, but project
uses drizzle.config.ts. Added explicit --config flag.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The alarms page imports 'toast' but the store exported 'toasts'.
Add alias to support both import styles.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add missing files that were never committed:
- Stores: alarms, timers, stopwatch, world-clocks, user-settings, navigation
- API modules: alarms, timers
- Components: WorldMap
- Skeletons: AlarmsSkeleton, TimersSkeleton, WorldClockSkeleton
- Fix clock-landing type-check to not fail on missing deps
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add essential files that were never committed to git:
- app.css with Tailwind imports
- theme.svelte.ts store
- toast.ts store
- ToastContainer.svelte component
- AppLoadingSkeleton.svelte component
- i18n setup with de/en locales
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
These essential files were never committed:
- svelte.config.js
- vite.config.ts
- tsconfig.json
- src/app.html
Without these, SvelteKit cannot build the app.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The prepare script only runs during local pnpm install, not during
workspace-level installation in Docker. Adding explicit svelte-kit sync
step before vite build to generate SvelteKit entry points.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
SvelteKit apps need `svelte-kit sync` to run before build to generate
the entry points. This was missing from several web apps, causing
Docker builds to fail with "Could not resolve entry module 'index.html'".
Fixed apps:
- clock-web
- todo-web
- calendar-web
- manacore-web
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add drizzle.config.ts to clock-backend
- Add missing shared-types package to all web app Dockerfiles
- Add shared-splitscreen to todo-web Dockerfile
These packages were missing from the Docker build context,
causing TypeScript compilation errors during image builds.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add rememberMe field to sessions schema
- Mock non-existent service imports in tests
- Add missing docker-entrypoint.sh for clock-backend
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Merge till-dev branch containing:
- Planta plant care tracking application
- Clock backend with alarms, timers, world clocks
- Zitare backend with favorites and lists
- Various app improvements and fixes
- Auth system updates
- Infrastructure improvements
Note: Some type-check issues may need resolution after merge.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The shared-nestjs-cors package was exporting raw TypeScript files, which caused
runtime errors in production Docker containers:
SyntaxError: Unexpected token 'export'
Changes:
- Add build script to compile TypeScript to JavaScript
- Update package.json to export compiled dist files instead of src
- Add build step to all backend Dockerfiles that use this package
- Package now builds to CommonJS in dist/ folder
Fixes staging deployment failures for mana-core-auth and other backends.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add required name field (min 2 chars) to all registration forms to fix
Better Auth validation error. Updates backend DTO, shared-auth service,
shared-auth-ui RegisterPage component, i18n translations, and all app
auth stores and register pages.
SvelteKit pre-compresses static files (config.json.br, config.json.gz)
during build. When docker-entrypoint.sh regenerates config.json at
runtime, the server still serves the stale compressed versions.
This fix removes the .br and .gz files after generating the fresh
config.json, ensuring browsers receive the correct runtime configuration.
Affected apps: calendar, chat, clock, contacts, manacore
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add missing @manacore/better-auth-types package to backend Docker builds.
The shared-nestjs-auth package depends on this new types package.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add missing @manacore/better-auth-types package to Docker builds.
The shared-auth package now depends on this new types package.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added zod ^3.25.76 to package.json dependencies for:
- @clock/web
- @contacts/web
This fixes build failures in pre-push hook where runtime.ts config validation
required zod but it wasn't listed as a dependency.
Calendar and Chat apps already had zod installed (^4.2.0).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Replace window injection and build-time env vars with runtime config
loaded from /config.json (generated by Docker entrypoint). This fixes
the staging deployment issue where apps were requesting localhost URLs
instead of production URLs.
Changes:
- Add runtime.ts config loader with Zod validation (fail-hard in prod)
- Disable SSR via +layout.ts (apps are client-only SPAs)
- Update API clients and auth stores to use async config getters
- Add docker-entrypoint.sh scripts to generate config.json at startup
- Update Dockerfiles with ENTRYPOINT for config generation
- Simplify docker-compose.staging.yml env vars (12-factor pattern)
- Add static/config.json as dev fallback (localhost defaults)
- Fix onMount return type (Svelte 5 compatibility)
- Add zod dependency to Picture app
- Add backward compat exports for Contacts app
Apps updated:
- Clock (port 3017)
- Chat (port 3002)
- Picture (port 3006)
- Contacts (port 3015)
- Calendar (port 3016)
- Manacore (multi-app platform)
Benefits:
- Build once, deploy anywhere (same Docker image for all envs)
- Configuration in environment, not code (12-factor compliance)
- Fail-hard on missing/invalid config in production
- No accidental SSR localhost fallbacks
- Schema validation ensures all required URLs are present
- Fix 121 accessibility warnings across 9 web apps (manacore, clock, chat,
manadeck, calendar, zitare, contacts, picture, todo)
- Add proper ARIA attributes (role, tabindex, aria-label) to interactive elements
- Add onkeydown handlers alongside onclick for keyboard accessibility
- Add svelte-ignore comments for intentional patterns (modals, dropdowns)
- Update svelte-check threshold from error to warning in pre-commit hook
- Fix script compatibility for bash 3.x (remove associative arrays)
- Add comprehensive documentation for svelte-check patterns and fixes
All web apps now pass svelte-check with 0 errors and 0 warnings.
Pre-commit hooks will block any future commits with warnings.
- Add backendUrl parameter to initializeWebAuth() for interceptor config
- Expand isTokenExpiredResponse() to match more error patterns:
- "invalid token", "token validation failed", "claim" (jose errors)
- ERR_JWT_EXPIRED error code
- Update all web apps to pass backendUrl for automatic refresh:
- picture (3006), chat (3002), zitare (3007), contacts (3015)
- calendar (3014), clock (3017), todo (3018)
- Fix API client default port in picture web app
This prevents users from being randomly signed out when JWT expires.
The interceptor now catches 401 responses and automatically refreshes
the token before retrying the request.
- Rename route /labels to /tags and /label/[id] to /tag/[id]
- Rename LabelSelector component to TagSelector
- Update all UI texts from "Labels" to "Tags"
- Update navigation items and references
- Align terminology with Calendar and Contacts apps
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Users were getting signed out after ~15 minutes because API clients were
reading tokens directly from localStorage without triggering the refresh
logic. The tokenManager exists with proper refresh capability but was
never being used.
Changes:
- Add getValidToken() method to auth stores in 9 web apps
- Update API clients to use authStore.getValidToken() instead of localStorage
- Token refresh now happens proactively before requests fail
Apps updated: chat, calendar, picture, zitare, contacts, todo, clock, manacore, manadeck
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated all web app hooks.server.ts to use $env/dynamic/private
instead of process.env for reading environment variables
- This allows Docker containers to inject env vars at runtime
- Updated docker-compose.staging.yml with HTTPS staging domains
- Fixes Mixed Content errors when accessing staging via domains
Affected apps: clock, chat, calendar, todo, manacore
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Better Auth generates non-UUID user IDs (32-char base62 format like
'otUe1YrfENPdHnrF3g1vSBfpkQfambCZ'). Changed all `uuid('user_id')` to
`text('user_id')` in Drizzle schemas for consistency with auth system.
Affected packages/apps:
- apps/calendar, clock, picture, zitare
- games/figgos, voxelava
- packages/manadeck-database, news-database, uload-database
- services/mana-core-auth (feedback schema)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
All three apps were hardcoding localhost:3001 for auth, which broke
staging deployments. Now uses hooks.server.ts to inject the correct
PUBLIC_MANA_CORE_AUTH_URL_CLIENT at runtime (same pattern as chat-web).
Changes:
- Add hooks.server.ts to todo, calendar, clock web apps
- Update auth.svelte.ts to use window.__PUBLIC_MANA_CORE_AUTH_URL__
- Update user-settings.svelte.ts to use runtime URL
- Fix feedback services to use runtime URL
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The production stage was copying node_modules to /app, but pnpm creates
symlinks pointing to ../../../../../node_modules/.pnpm/ (relative to the
app's node_modules location). When the directory structure changed, these
symlinks broke, causing "Cannot find package" errors.
Fix:
- Keep same directory structure in production (/app/apps/*/apps/web)
- Copy the root .pnpm store that symlinks point to
- Copy the app's node_modules which contains the symlinks
Affected apps: todo, manacore, chat, calendar, clock
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
npm doesn't understand pnpm's workspace:* protocol. Copy node_modules
from the builder stage to get all dependencies including workspace packages.
Affected: todo, manacore, chat, calendar, clock web apps.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The production stage was silently ignoring npm install failures with
`|| true`, causing dependencies to be missing at runtime.
Affected: clock, manacore, chat, calendar web apps.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change calendar-web, clock-web, todo-web, manacore-web from adapter-auto/netlify to adapter-node
- This ensures the 'build' directory is created for Docker production stage
- adapter-node outputs to 'build' folder which Dockerfiles expect
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
