Add comprehensive admin dashboard to view and manage user data across all projects:
Backend:
- Add admin endpoints to Chat, Todo, Contacts, Calendar, Picture, Zitare, Presi
- Each backend exposes GET/DELETE /api/v1/admin/user-data/:userId
- Service-to-service auth via X-Service-Key header
Aggregation (mana-core-auth):
- GET /api/v1/admin/users - Paginated user list with search
- GET /api/v1/admin/users/:userId/data - Aggregated data from all backends
- DELETE /api/v1/admin/users/:userId/data - GDPR deletion across all projects
Frontend (ManaCore web):
- New User Data tab in admin navigation
- User search page at /admin/user-data
- User detail page with ProjectDataCard components
- GDPR deletion dialog with email confirmation
Presi:
- Migrate user_id from UUID to TEXT for Better Auth compatibility
- Add SQL migration script
- todo: Make task-content button fill full height for better click target
- matrix: Fix TypeScript errors by using Boolean() for template expressions
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Simplify navigation by removing unused sidebar mode from both apps:
Todo App:
- Remove isSidebarMode state, handlers, and localStorage persistence
- Remove sidebar-related CSS classes and styles
- Simplify TodoToolbar to pure wrapper component
Contacts App:
- Remove isSidebarMode state, handlers, and localStorage persistence
- Remove sidebar-related CSS from ContactsToolbar and ContactAlphabetView
- Always show view-mode-pill (no longer conditional on sidebar mode)
This removes ~250 lines of unused code across 5 files.
Simplify the bottom bars by removing the unused sidebar mode:
- Remove isSidebarMode prop from all components
- Remove sidebar-related CSS classes and styles
- Simplify CalendarToolbar to pure wrapper component
- Remove localStorage persistence for sidebar mode
This removes ~230 lines of unused code across 8 files.
- Add showTasksInCalendar setting (default: false) to hide task blocks
- Auto-scroll time-grid views to 12:00 on initial load for better UX
- Tasks can be re-enabled via settings toggle
- user-settings.svelte.ts: use getAuthUrl() for settings API
- contacts.ts: use getAuthUrl() for tags API client
- feedback.ts: use getAuthUrl() for feedback service
This fixes Mixed Content errors where the app was trying to reach
internal Docker URLs (http://mana-auth:3001) instead of production
URLs (https://auth.mana.how).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixes contacts-web using localhost URLs instead of production URLs.
SvelteKit bakes environment variables at build time, so we need to
inject runtime URLs via hooks.server.ts for Docker deployments.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added shared-tsconfig, shared-nestjs-setup, and shared-nestjs-health
packages required for the backend build.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The NutriPhi bot was failing with 413 "request entity too large" when
analyzing images via Base64. Added configurable bodyLimit option to
shared-nestjs-setup and set NutriPhi backend to 50mb.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add /bots route with bot overview grid
- Create BotCard component with expandable details
- Implement search and category filtering (AI, Productivity, Media, Lifestyle, Tools)
- Add bot data structure with commands, descriptions, and metadata
- Support starting chat with bots (creates DM or navigates to existing room)
- Add German and English translations
- Add robot icon to PillNavigation component
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add Single Sign-On (SSO) support across all mana.how subdomains:
- Add trySSO() method to @manacore/shared-auth that exchanges session
cookies for JWT tokens
- Add /api/v1/auth/session-to-token endpoint to mana-core-auth service
- Update all 15 web apps to try SSO during auth initialization
SSO Flow:
1. User logs in on any app (e.g., calendar.mana.how)
2. Session cookie is set with Domain=.mana.how
3. When visiting another app (e.g., todo.mana.how), it checks for
local tokens first
4. If no local tokens, tries SSO via session cookie
5. Session cookie is exchanged for JWT tokens via new endpoint
6. User is automatically authenticated
Apps updated: calendar, chat, clock, contacts, manacore, manadeck,
nutriphi, picture, planta, presi, questions, skilltree, storage,
todo, zitare
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Document cross-domain SSO with COOKIE_DOMAIN configuration
- Add production test credentials for automated testing
- Explain cookie-based SSO flow across *.mana.how subdomains
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The calendar frontend integrates with todo and contacts backends
for tasks and birthdays. The env vars were only available during
SSR, not in client-side JavaScript.
- Add PUBLIC_TODO_BACKEND_URL and PUBLIC_CONTACTS_API_URL injection
in hooks.server.ts
- Update todos.ts to use injected window variable
- Update birthdays.ts to use injected window variable
Fixes 404 errors on calendar.mana.how for /tasks/* and /contacts/birthdays
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add loginWithLoginToken function to exchange Matrix SSO loginToken for credentials.
The app layout now detects the loginToken URL parameter and completes the SSO flow.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
All matrix bots use matrix-bot-sdk which has native dependencies
(cpu-features, ssh2) that cause QEMU emulation failures during CI
arm64 builds. Build amd64 only - can run on arm64 via Rosetta.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Build matrix-mana-bot only for linux/amd64 (arm64 fails due to QEMU)
- Move pnpm overrides for cpu-features and ssh2 to root package.json
- These native deps cause illegal instruction errors under QEMU emulation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
OIDC providers like Synapse expect the JWT issuer claim to match the
discovery document's issuer URL. Changed JWT plugin config from
JWT_ISSUER to BASE_URL to ensure consistency.
Also adds:
- @manacore/credit-operations package with operation definitions
- @manacore/shared-credit-ui package with React Native and Svelte components
- CreditInterceptor and @UseCredits decorator in nestjs-integration
- Credit system integration in chat backend
- Add zitare login page with standard pattern
- Add zitare forgot-password page
- Add planta forgot-password page
- Refactor planta register to use shared RegisterPage component
All apps now have consistent login, register, and forgot-password pages
using the shared auth-ui components and i18n translations.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add dynamic locale support to all login, register, and forgot-password
pages across apps. Pages now use $locale from svelte-i18n instead of
hardcoded language codes.
Apps updated:
- clock: login (also consolidated to standard pattern)
- manacore: register
- manadeck: register
- nutriphi: login, register, forgot-password
- picture: register, forgot-password
- planta: login
- questions: login, register, forgot-password
- skilltree: login, register, forgot-password
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Use ClockLogo from shared-branding
- Use translations from shared-i18n
- Change onSubmit to onSignUp pattern
- Add onResendVerification support
- Add amber color theming (#f59e0b)
- Remove manual loading/error state management
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add prominent email verification success UI with resend button
- Show resend verification option when registration fails with "not verified" error
- Improve form spacing with space-y-4 for better visual consistency
- Add translations for resend verification in all languages (de, en, fr, it, es)
- Update all 13 app register pages to pass onResendVerification prop
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Wrap Phosphor icon components in span elements with title attribute
since IconComponentProps doesn't support title prop directly.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Simplify vite.config.ts files to avoid type incompatibility errors
caused by different @types/node versions across the monorepo
- Add missing set() method to isSidebarMode store in matrix/web
Affected apps: calendar, chat, clock, contacts, manacore, manadeck,
matrix, nutriphi, picture, planta, presi, questions, storage, todo
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Define compiler options locally instead of extending shared-tsconfig
to fix drizzle-orm type compatibility issues. Also add missing
shared-vite-config dependency to skilltree/web.
Fixed backends:
- calendar, chat, clock, contacts, nutriphi
- picture, presi, questions, skilltree, todo
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- storage/planta: Define compiler options locally instead of extending
shared-tsconfig to fix decorator and drizzle-orm type issues
- matrix-calendar-bot: Add missing @manacore/bot-services dependency
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Rename "Mana Matrix" to "Manalink" (bridge metaphor)
- Add PWA manifest with app icons and shortcuts
- Configure Service Worker with Workbox caching strategies
- Add iOS/Android meta tags for installability
- Create bridge-themed SVG favicon
- Add icon generation script (sharp)
PWA features:
- Installable on iOS/Android homescreen
- Offline caching (NetworkFirst for API, CacheFirst for assets)
- App shortcuts for "New Chat"
- Auto-updating Service Worker
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove all 6 Telegram bot services to focus on Matrix as the sole
messaging platform for full UI/UX control and DSGVO compliance.
Removed services:
- telegram-nutriphi-bot
- telegram-ollama-bot
- telegram-project-doc-bot
- telegram-stats-bot
- telegram-todo-bot
- telegram-zitare-bot
Also:
- Remove Telegram bot scripts from package.json
- Remove telegram-stats-bot from docker-compose.macmini.yml
- Disable Watchtower Telegram notifications
- Remove Telegram devlog
- Add comprehensive MATRIX_BOT_ARCHITECTURE.md documentation
The Matrix-only approach provides:
- Full control over user experience
- Complete DSGVO compliance (all data on own servers)
- No dependency on third-party platforms
- Unified command patterns across all bots
Add new blueprints content collection and pages for documenting
architecture decisions, technology strategies and long-term planning.
- Add blueprints collection schema with status tracking (draft/proposal/accepted/implemented/superseded)
- Create index and detail pages for blueprints at /blueprints
- Add first blueprint: Mana Cluster & Federation Architecture
- Add ADR-002 in docs/decisions for internal reference
- Add nav.blueprints translation for all 5 languages
- Add blueprints link to main navigation
- Enforce login redirect for unauthenticated users
- Remove demo banner, AuthGateModal, and GuestWelcomeModal
- Remove guest mode state variables and CSS styles
- Simplify showLogout to always show when user is logged in
Affected apps: todo-web, contacts-web, clock-web, questions-web, chat-web
- Remove demo events and related data files
- Redirect unauthenticated users to /login
- Remove AuthGateModal, GuestWelcomeModal
- Remove demo banner and related CSS
- Simplify events store (no more demo checks)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add build script to compile TypeScript to dist/
- Update exports to point to compiled files
- Update calendar-web Dockerfile to build shared-vite-config
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
