The login page uses inline JavaScript for the form submission handler.
Helmet's default CSP was blocking this, preventing users from logging in
via OIDC/SSO flows (e.g., Matrix Synapse).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Full NestJS bot with matrix-bot-sdk integration
- Deck CRUD: list, create, view, delete decks
- Card management: view cards and card details
- AI generation: generate decks with AI (30 Mana)
- Study sessions: start learning sessions
- Progress tracking: due cards, statistics
- Public features: featured decks, leaderboard
- Credit system: mana balance display
- German/English command aliases
- Number-based reference system for decks and cards
- JWT auth via mana-core-auth
- Runs on port 3321
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- List, search, and view contact details
- Create, edit, and delete contacts
- Toggle favorites and archive status
- Number-based reference system for easy commands
- German and English command aliases
- Login/logout via mana-core-auth
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Generate images via Picture backend with `!generate` command
- Support prompt options (--width, --height, --steps, --negative)
- Model selection with `!models` and `!model [id]`
- Image history and deletion
- Login/logout via mana-core-auth
- Credit balance display
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Email alerts were causing too many notifications. Changed default
from true to false so new users won't receive email notifications
unless explicitly enabled. Push notifications remain enabled.
Move queue name constants to separate file (queue-names.ts) to avoid
circular dependency between queue.module.ts and processor files.
The @Processor decorator evaluates at module load time, and importing
constants from queue.module.ts created a circular dependency that
resulted in undefined queue names.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Migrate all LLM consumers from direct Ollama calls to centralized
mana-llm service with OpenAI-compatible API.
Migrated services:
- matrix-ollama-bot
- telegram-ollama-bot
- chat-backend
- telegram-project-doc-bot
New env vars: MANA_LLM_URL, LLM_MODEL, LLM_TIMEOUT
Replaces: OLLAMA_URL, OLLAMA_MODEL, OLLAMA_TIMEOUT
- Update mana-search Dockerfile to use monorepo root context
- Update api-gateway Dockerfile to use monorepo root context
- Fix CI workflow to use context: . for mana-search
- Use pnpm --filter for proper workspace package installation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Swagger/OpenAPI documentation at /docs endpoint
- Add admin module for system-wide API key management
- Add scheduler for monthly credit reset and usage cleanup
- Add Docker Compose entry for Mac Mini deployment
- Document all endpoints with descriptions and examples
Implement custom NestJS API Gateway for mana-search, mana-stt, and mana-tts:
- API Key management with CRUD operations and key regeneration
- Redis-based sliding window rate limiting
- Credit-based billing with tier support (free, pro, enterprise)
- Usage tracking with daily aggregates
- Proxy services to backend microservices
- Prometheus metrics endpoint
- JWT auth for management API, API key auth for public API
Database schema uses separate `api_gateway` schema in shared manacore DB.
- NestJS bot that converts text messages to speech via mana-tts
- Commands: !voice, !voices, !speed, !status, !help
- User settings stored in-memory (voice, speed per user)
- Docker config for Mac Mini deployment
- Setup script for bot registration
Co-Authored-By: Claude <noreply@anthropic.com>
Add ability to resend verification email when login fails with
"Email not verified" error. Implemented across all 14 apps using
Mana Core Auth.
Changes:
- Add POST /api/v1/auth/resend-verification endpoint to mana-core-auth
- Add resendVerificationEmail method to shared-auth client
- Update LoginPage component with resend UI and translations
- Add resendVerificationEmail to all app auth stores
- Add translations for de, en, fr, es, it
- Add PlantaLogo to shared-branding
- Migrate planta login to shared LoginPage component
Add internationalization (DE + EN) to previously missing apps:
- todo: task management translations
- skilltree: skill/XP system translations
- nutriphi: nutrition tracking translations
- planta: plant care translations
- questions: research app translations
- matrix: chat client translations (layout integration)
Each app includes:
- svelte-i18n setup with SSR support
- localStorage persistence ({app}_locale pattern)
- i18n loading state in +layout.svelte
- German (default) and English translations
Updated CONSISTENCY_REPORT.md to mark i18n task as complete.
Also includes:
- mana-tts service placeholder files
- bot-services: Add registerAsync to AI, Calendar, Clock, Todo modules
- bot-services: Add convenience methods to ClockService for bot handlers
- bot-services: Make CreateEventInput.endTime optional with sensible defaults
- bot-services: Fix empty interface ESLint errors (use type aliases)
- questions-backend: Add missing schema columns (isDefault, sortOrder, deletedAt)
- questions-backend: Fix or() return type handling in question service
- questions-web: Add guard for undefined question ID in route params
- skilltree-web: Fix DBSchema type by not extending idb interface directly
- calendar-web: Fix Check icon prop (use weight instead of strokeWidth)
- matrix-mana-bot: Update clock handler to use new service methods
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove :ro flag from volume mounts (SearXNG needs write access)
- Simplify limiter.toml to match current SearXNG schema
- Disable link_token for API usage without browser
Add a simple login page at /login for OIDC authorization flows.
When users access the authorization endpoint without being logged in,
Better Auth redirects them to this page. After successful login,
users are redirected back to continue the authorization flow.
- Create OidcLoginController with login page HTML
- Add controller to AuthModule
- Exclude /login from global prefix
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Better Auth's OIDC discovery document advertises endpoints at
/api/auth/oauth2/* paths. Add routes for these native paths to
ensure Matrix Synapse and other OIDC clients can complete the
authorization flow.
Routes added:
- GET /api/auth/oauth2/authorize
- POST /api/auth/oauth2/token
- GET /api/auth/oauth2/userinfo
- GET /api/auth/jwks
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add explicit path exclusions and path-to-regexp wildcard patterns
to ensure /api/auth/jwks and other OIDC routes are excluded from
the /api/v1 global prefix. This fixes JWKS endpoint accessibility
for Matrix Synapse OIDC integration.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Better Auth's discovery document points to /api/auth/jwks,
so we need to expose this route directly in NestJS.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix AiHandler to use correct service methods:
- setSessionModel instead of setModel
- clearSessionHistory instead of clearHistory
- compareModels for model comparison
- Fix TodoHandler to use index-based methods:
- completeTaskByIndex instead of completeTask
- deleteTaskByIndex instead of deleteTask
- Add deploy-mana-bot.sh script for full deployment automation
https://claude.ai/code/session_015bwcqVRiFmSydYTjvDJGTc
Introduces a unified Matrix bot that combines all features:
- AI Chat (Ollama integration)
- Todo management
- Calendar events
- Timers & Alarms
- Cross-feature orchestration (!summary, !ai-todo)
Architecture:
- Uses @manacore/bot-services for shared business logic
- Command router with natural language support
- Handlers delegate to shared services
- Orchestration layer for cross-feature AI features
This enables users to interact with a single bot for all features,
while standalone bots remain available for dedicated use cases.
https://claude.ai/code/session_015bwcqVRiFmSydYTjvDJGTc
Central search microservice for all ManaCore apps featuring:
- NestJS API on port 3021
- SearXNG meta-search engine integration (40+ search engines)
- Redis caching layer for search results and extracted content
- Content extraction with markdown conversion
- Prometheus metrics for monitoring
API Endpoints:
- POST /api/v1/search - Web search with categories/engines
- POST /api/v1/extract - Content extraction from URLs
- POST /api/v1/extract/bulk - Bulk extraction
- GET /health - Health check
- GET /metrics - Prometheus metrics
Search categories: general, news, science, it, images, videos
Supported engines: Google, Bing, DuckDuckGo, Wikipedia, arXiv,
GitHub, StackOverflow, and many more.
https://claude.ai/code/session_01Rk3YVJCU3nM8uvVPghRz6r
- Add Docker build configuration with npm overrides for matrix-sdk
- Update port from 3317 to 3318 to avoid conflict with Zitare bot
- Add tsconfig.build.json for production builds
- Add clock-bot service to docker-compose.macmini.yml
- Bot supports timers, alarms, and world clocks via Matrix chat
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use { path, method } syntax for NestJS global prefix excludes to ensure
OIDC routes (.well-known/*, api/oidc/*) are properly excluded from the
/api/v1 prefix.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add OidcController to expose Better Auth OIDC Provider endpoints
- Add handleOidcRequest method to BetterAuthService
- Exclude OIDC routes from global /api/v1 prefix
- Register OidcController in AuthModule
Endpoints:
- GET /.well-known/openid-configuration
- GET /api/oidc/authorize
- POST /api/oidc/token
- GET /api/oidc/userinfo
- GET /api/oidc/jwks
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Features:
- Random quotes and daily quote of the day
- 10 categories (motivation, wisdom, love, life, success, etc.)
- Search functionality
- Login integration with Zitare backend
- Favorites and lists management
- Voice note transcription via mana-stt
- Natural language command support (German/English)
- Add OIDC Provider plugin to Better Auth configuration
- Add OIDC database tables (oauth_applications, oauth_access_tokens,
oauth_authorization_codes, oauth_consents)
- Configure Synapse as OIDC client in homeserver.yaml
- Update Element Web config for SSO support
- Add seed script for OIDC clients (db:seed:oidc)
- Update Cloudflare tunnel config with Matrix URLs
This enables Single Sign-On between Mana Core Auth and Matrix/Synapse,
allowing users to authenticate via their existing Mana account.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Switch matrix-project-doc-bot from OpenAI Whisper to local mana-stt
- Add voice note support to matrix-nutriphi-bot (auto-analyze meals)
- Add voice note support to matrix-todo-bot (create todos via voice)
- All bots now use STT_URL config for the mana-stt service (port 3020)
- NestJS bot with matrix-bot-sdk integration
- Commands: !help, !login, !analyze, !today, !week, !goals, !favorites, !tips
- Integrates with NutriPhi backend API (port 3023)
- User session management with JWT authentication
- Image analysis via Gemini AI (NutriPhi backend)
- Port 3316
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add GET /api/auth/reset-password/:token endpoint to handle email links
- Create password-reset-redirect store to track source app URLs
- Include callbackURL in reset emails for proper app redirection
- Add redirectTo parameter to forgotPassword in shared-auth
- Create /reset-password page in calendar app with DE/EN translations
- Update calendar authStore with resetPasswordWithToken method
Fixes 404 error when clicking password reset link from email
GDPR-compliant task management bot for Matrix with:
- Task CRUD: !add, !list, !done, !delete
- Priority support: !p1 to !p4
- Date shortcuts: @heute, @morgen, @übermorgen
- Project tags: #projektname
- Natural language keywords: hilfe, zeige aufgaben, heute
- Welcome messages and auto-pin help on room join
- Per-user task isolation via Matrix user ID
- Local JSON storage
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
