Add Single Sign-On (SSO) support across all mana.how subdomains:
- Add trySSO() method to @manacore/shared-auth that exchanges session
cookies for JWT tokens
- Add /api/v1/auth/session-to-token endpoint to mana-core-auth service
- Update all 15 web apps to try SSO during auth initialization
SSO Flow:
1. User logs in on any app (e.g., calendar.mana.how)
2. Session cookie is set with Domain=.mana.how
3. When visiting another app (e.g., todo.mana.how), it checks for
local tokens first
4. If no local tokens, tries SSO via session cookie
5. Session cookie is exchanged for JWT tokens via new endpoint
6. User is automatically authenticated
Apps updated: calendar, chat, clock, contacts, manacore, manadeck,
nutriphi, picture, planta, presi, questions, skilltree, storage,
todo, zitare
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add dynamic locale support to all login, register, and forgot-password
pages across apps. Pages now use $locale from svelte-i18n instead of
hardcoded language codes.
Apps updated:
- clock: login (also consolidated to standard pattern)
- manacore: register
- manadeck: register
- nutriphi: login, register, forgot-password
- picture: register, forgot-password
- planta: login
- questions: login, register, forgot-password
- skilltree: login, register, forgot-password
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add prominent email verification success UI with resend button
- Show resend verification option when registration fails with "not verified" error
- Improve form spacing with space-y-4 for better visual consistency
- Add translations for resend verification in all languages (de, en, fr, it, es)
- Update all 13 app register pages to pass onResendVerification prop
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Simplify vite.config.ts files to avoid type incompatibility errors
caused by different @types/node versions across the monorepo
- Add missing set() method to isSidebarMode store in matrix/web
Affected apps: calendar, chat, clock, contacts, manacore, manadeck,
matrix, nutriphi, picture, planta, presi, questions, storage, todo
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove all 6 Telegram bot services to focus on Matrix as the sole
messaging platform for full UI/UX control and DSGVO compliance.
Removed services:
- telegram-nutriphi-bot
- telegram-ollama-bot
- telegram-project-doc-bot
- telegram-stats-bot
- telegram-todo-bot
- telegram-zitare-bot
Also:
- Remove Telegram bot scripts from package.json
- Remove telegram-stats-bot from docker-compose.macmini.yml
- Disable Watchtower Telegram notifications
- Remove Telegram devlog
- Add comprehensive MATRIX_BOT_ARCHITECTURE.md documentation
The Matrix-only approach provides:
- Full control over user experience
- Complete DSGVO compliance (all data on own servers)
- No dependency on third-party platforms
- Unified command patterns across all bots
Add new blueprints content collection and pages for documenting
architecture decisions, technology strategies and long-term planning.
- Add blueprints collection schema with status tracking (draft/proposal/accepted/implemented/superseded)
- Create index and detail pages for blueprints at /blueprints
- Add first blueprint: Mana Cluster & Federation Architecture
- Add ADR-002 in docs/decisions for internal reference
- Add nav.blueprints translation for all 5 languages
- Add blueprints link to main navigation
Replaced the matrix-mana-gateway-bot devlog with a more comprehensive post
covering all 55 commits: 3 new microservices (mana-llm, mana-crawler,
mana-notify), Matrix Web Client Phase 3 features, and the massive codebase
consolidation with 8 new shared packages saving ~2,500 LOC.
- Add factory for writable navigation stores with optional persistence
- Support toolbar collapsed state with withToolbar option
- Migrate all 10 navigation stores to use shared factory
- Clock saves 32 LOC with built-in localStorage persistence
Savings: ~50 LOC (68 LOC removed, factory adds reusable 94 LOC)
- Add missing packages to MANACORE_SHARED_PACKAGES list
- Migrate all SvelteKit apps to use createViteConfig/mergeViteConfig
- Matrix preserves special WASM config for matrix-js-sdk crypto
- Update consolidation docs with completed Vite config task
Savings: ~350 LOC (-318 net lines)
Add ability to resend verification email when login fails with
"Email not verified" error. Implemented across all 14 apps using
Mana Core Auth.
Changes:
- Add POST /api/v1/auth/resend-verification endpoint to mana-core-auth
- Add resendVerificationEmail method to shared-auth client
- Update LoginPage component with resend UI and translations
- Add resendVerificationEmail to all app auth stores
- Add translations for de, en, fr, es, it
- Add PlantaLogo to shared-branding
- Migrate planta login to shared LoginPage component
Update all 15 web apps to consistent dependency versions:
- @sveltejs/kit: ^2.47.1 (was mixed ^2.0.0 to ^2.47.1)
- svelte: ^5.41.0 (was mixed ^5.0.0 to ^5.41.0)
- svelte-check: ^4.3.3 (was mixed ^4.0.0 to ^4.3.3)
- typescript: ^5.9.3 (was mixed ^5.0.0 to ^5.9.3)
Benefits:
- Consistent type checking behavior across apps
- All apps benefit from latest Svelte 5 features
- Easier maintenance with unified versions
Migrate 4 web apps from @tailwindcss/postcss to @tailwindcss/vite:
- chat
- manadeck
- manacore
- presi
Changes per app:
- Replace @tailwindcss/postcss with @tailwindcss/vite in package.json
- Add tailwindcss() to vite.config.ts plugins array
- Delete postcss.config.js (no longer needed)
Benefits:
- Faster builds with native Vite integration
- Consistent build pipeline across all 14 web apps
- Simplified configuration (no separate PostCSS config)
- Add matrix-mana-bot to docker-compose.macmini.yml
- Add setup-mana-bot.sh script for bot registration
- Add dev:matrix:* scripts to root package.json
- Add devlog entry documenting the new architecture
The gateway bot is now ready for deployment alongside
the existing standalone Matrix bots.
https://claude.ai/code/session_015bwcqVRiFmSydYTjvDJGTc
Add verified banner and email pre-fill to LoginPage component when
users are redirected after email verification. Updates all app login
pages to pass verification params from URL query string.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add sourceAppUrl tracking during registration to redirect users back
to the app they registered from after email verification. Includes
URL validation for security (only *.mana.how, mana.how, localhost).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add success and failure pages for email verification:
- /email-verified - shows success message with login button
- /verification-failed - shows error message with relevant actions
These pages are redirected to from mana-core-auth's verify-email endpoint.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use list format for environment variables as suggested in shoutrrr
issue #45 to avoid YAML parsing issues with colon in bot token.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Clock: Replace local user-settings store with shared theme store
from @manacore/shared-theme to support nav settings properly
- All apps: Add optional chaining and fallback values when accessing
userSettings.nav.desktopPosition and userSettings.nav.hiddenNavItems
to prevent TypeError when user is not authenticated
Apps fixed: calendar, chat, clock, contacts, manacore, manadeck,
picture, todo
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Display latest devlog entries on the homepage
- Show category badges, dates, commits, and read time
- Link to full devlog overview
- Responsive grid layout with hover effects
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add devlog content collection with schema for development reports
- Create devlog index page with card-based post listing
- Create devlog detail page with prose styling for markdown content
- Add first devlog entry: Production Launch (2026-01-23)
- Add devlog link to navbar navigation
- Add i18n translations for devlog in all languages (de, en, it, fr, es)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update all tracking script URLs and admin dashboard links to use the
new stats.mana.how subdomain for Umami web analytics.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The prepare script only runs during local pnpm install, not during
workspace-level installation in Docker. Adding explicit svelte-kit sync
step before vite build to generate SvelteKit entry points.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
SvelteKit apps need `svelte-kit sync` to run before build to generate
the entry points. This was missing from several web apps, causing
Docker builds to fail with "Could not resolve entry module 'index.html'".
Fixed apps:
- clock-web
- todo-web
- calendar-web
- manacore-web
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Users were getting signed out after ~15 minutes because API clients were
reading tokens directly from localStorage without triggering the refresh
logic. The tokenManager exists with proper refresh capability but was
never being used.
Changes:
- Add getValidToken() method to auth stores in 9 web apps
- Update API clients to use authStore.getValidToken() instead of localStorage
- Token refresh now happens proactively before requests fail
Apps updated: chat, calendar, picture, zitare, contacts, todo, clock, manacore, manadeck
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated all web app hooks.server.ts to use $env/dynamic/private
instead of process.env for reading environment variables
- This allows Docker containers to inject env vars at runtime
- Updated docker-compose.staging.yml with HTTPS staging domains
- Fixes Mixed Content errors when accessing staging via domains
Affected apps: clock, chat, calendar, todo, manacore
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add referral code input to RegisterPage with live validation
- Create ReferralWidget for dashboard with stats, code sharing, and tier display
- Extend authService.signUp to accept optional referralCode parameter
- Add validateReferralCode function to authStore
- Create referrals.ts API service for frontend
- Add 'referral' widget type to dashboard configuration
- Fix drizzle.config.ts to include 'referrals' schema filter
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace custom settings implementations with GlobalSettingsSection
- Add appId prop to all GlobalSettingsSection instances
- Remove duplicate local theme/language controls
- Standardize settings across Chat, Picture, and Manacore apps
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- manacore-web: Update todo, calendar, contacts service files to use
runtime URLs from window instead of import.meta.env (baked at build time)
- manacore-web: Add backend URL env vars to docker-compose.staging.yml
- manacore-web: Fix fallback ports (todo: 3017→3018, calendar: 3014→3016)
- todo-web: Update API client to use runtime URL from window
This enables Docker containers to use runtime-injected URLs instead of
build-time environment variables.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Same fix as todo, calendar, clock - uses hooks.server.ts to inject
PUBLIC_MANA_CORE_AUTH_URL_CLIENT at runtime for Docker deployments.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The production stage was copying node_modules to /app, but pnpm creates
symlinks pointing to ../../../../../node_modules/.pnpm/ (relative to the
app's node_modules location). When the directory structure changed, these
symlinks broke, causing "Cannot find package" errors.
Fix:
- Keep same directory structure in production (/app/apps/*/apps/web)
- Copy the root .pnpm store that symlinks point to
- Copy the app's node_modules which contains the symlinks
Affected apps: todo, manacore, chat, calendar, clock
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
npm doesn't understand pnpm's workspace:* protocol. Copy node_modules
from the builder stage to get all dependencies including workspace packages.
Affected: todo, manacore, chat, calendar, clock web apps.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The production stage was silently ignoring npm install failures with
`|| true`, causing dependencies to be missing at runtime.
Affected: clock, manacore, chat, calendar web apps.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add password reset functionality to mana-core-auth using Better Auth
- Add forgot-password and reset-password endpoints with DTOs
- Update shared-auth package with resetPassword method and endpoint
- Update manacore-web auth store with resetPassword method
- Refactor reset-password pages to use mana-core-auth instead of Supabase
- Remove Supabase dependencies from manacore-web package.json
- Remove Supabase server code (hooks.server.ts, supabase.ts, API routes)
- Update Dockerfile to remove shared-supabase dependency
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add MIDDLEWARE_URL as build argument and environment variable
for SvelteKit's $env/static/private at build time.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change calendar-web, clock-web, todo-web, manacore-web from adapter-auto/netlify to adapter-node
- This ensures the 'build' directory is created for Docker production stage
- adapter-node outputs to 'build' folder which Dockerfiles expect
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add complete Docker deployment infrastructure for 4 new applications:
- Dockerfiles for backend (NestJS) and web (SvelteKit) apps
- docker-entrypoint.sh scripts with PostgreSQL wait and schema push
- Updated docker-compose.staging.yml with 7 new services
- Updated CI/CD workflows with build matrix and health checks
