## Runtime Environment Fix
- Updated all web app hooks.server.ts to use $env/dynamic/private
- This allows Docker containers to inject env vars at runtime
- Updated docker-compose.staging.yml with HTTPS staging domains
- Fixes Mixed Content errors when accessing staging via domains
## New Features
- Added email service to mana-core-auth for sending emails
- Added storage module to chat backend
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Better Auth generates non-UUID user IDs (32-char base62 format like
'otUe1YrfENPdHnrF3g1vSBfpkQfambCZ'). Changed all `uuid('user_id')` to
`text('user_id')` in Drizzle schemas for consistency with auth system.
Affected packages/apps:
- apps/calendar, clock, picture, zitare
- games/figgos, voxelava
- packages/manadeck-database, news-database, uload-database
- services/mana-core-auth (feedback schema)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add referral code input to RegisterPage with live validation
- Create ReferralWidget for dashboard with stats, code sharing, and tier display
- Extend authService.signUp to accept optional referralCode parameter
- Add validateReferralCode function to authStore
- Create referrals.ts API service for frontend
- Add 'referral' widget type to dashboard configuration
- Fix drizzle.config.ts to include 'referrals' schema filter
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add console.log statements to JwtAuthGuard to diagnose
401 errors on /api/v1/settings endpoint.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add password reset functionality to mana-core-auth using Better Auth
- Add forgot-password and reset-password endpoints with DTOs
- Update shared-auth package with resetPassword method and endpoint
- Update manacore-web auth store with resetPassword method
- Refactor reset-password pages to use mana-core-auth instead of Supabase
- Remove Supabase dependencies from manacore-web package.json
- Remove Supabase server code (hooks.server.ts, supabase.ts, API routes)
- Update Dockerfile to remove shared-supabase dependency
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Auth fixes:
- Update fetchInterceptor skip patterns for ManaCore auth endpoints
- Fix URL matching to compare full origins instead of partial matches
- Update token manager state after successful login
- Remove Supabase session dependency from layouts
- Use authStore for auth state in route layouts
Dashboard fixes:
- Add network error detection in base-client to prevent infinite retries
- Update all 9 dashboard widgets to not retry on service unavailable
- Add /api/v1 prefix to all backend service URLs (chat, calendar, contacts, todo, zitare, picture, manadeck)
Commands:
- Add dev:manacore:backends to start all 9 dashboard backends
- Add dev:manacore:full to start web + all backends together
- Update COMMANDS.md with new commands and backend port table
Auth service:
- Fix TypeScript error: crossApp → cross_app in referrals schema
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update helmet middleware to allow cross-origin resource policy and
opener policy for proper CORS functionality with frontend apps.
Also add debug logging for configured CORS origins.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The JWT guards were using RS256 algorithm with jsonwebtoken library,
but Better Auth generates EdDSA tokens. This caused all authenticated
requests to fail with "Invalid token".
Changes:
- Replace jsonwebtoken with jose library
- Use JWKS endpoint for key fetching instead of static publicKey
- Support EdDSA algorithm used by Better Auth
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed remaining NestJS dependency injection issues by converting type-only imports to regular imports for all injectable services used in controllers and service dependencies.
Changes:
- feedback.service.ts: Fixed AiService import (was causing "argument Function at index [1]" error)
- auth.controller.ts: Fixed BetterAuthService import
- feedback.controller.ts: Fixed FeedbackService import
- credits.controller.ts: Fixed CreditsService import
- settings.controller.ts: Fixed SettingsService import
Root cause: Type-only imports (`import { type X }`) are erased at compile time, causing NestJS to fail dependency injection at runtime. All injectable classes must use regular imports.
Verified locally: All modules initialize successfully without DI errors.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Found and fixed type-only ConfigService imports in 6 service files that were causing "Nest can't resolve dependencies" errors:
- better-auth.service.ts (BetterAuthService)
- ai.service.ts (AiService)
- settings.service.ts
- feedback.service.ts
- credits.service.ts
- jwt-auth.guard.ts
- optional-auth.guard.ts
Type-only imports are erased at compile time, preventing NestJS from injecting the ConfigService class at runtime.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The `type` keyword on ConfigService import was causing NestJS to fail resolving the dependency at runtime, as type-only imports are erased during compilation. Changed to regular import to fix DI.
Error was: "Nest can't resolve dependencies of the AiService (?)"
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixes NestJS dependency injection error where AiService couldn't
resolve ConfigService dependency.
Error:
> Nest can't resolve dependencies of the AiService (?).
> Please make sure that the argument Function at index [0] is available
Root cause: AiModule was missing ConfigModule in its imports array,
but AiService constructor requires ConfigService to read ai.geminiApiKey.
This was preventing mana-core-auth from starting in staging deployment.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add settings module to mana-core-auth with REST API endpoints
- Create user_settings table with globalSettings and appOverrides (JSONB)
- Add createUserSettingsStore() factory in shared-theme package
- Integrate user settings in all app layouts (calendar, chat, contacts, etc.)
- Support for nav position, theme, locale settings with per-app overrides
- Optimistic updates with localStorage caching for offline support
- Add comprehensive documentation in docs/USER_SETTINGS.md
API Endpoints:
- GET /api/v1/settings - Get all user settings
- PATCH /api/v1/settings/global - Update global settings
- PATCH /api/v1/settings/app/:appId - Set app override
- DELETE /api/v1/settings/app/:appId - Remove app override
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Skip automatic migrations in Docker - tables are managed via 'pnpm db:push' locally
- Simplifies startup and avoids migration conflicts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add build:packages step to all test.yml jobs (fixes @manacore/shared-nestjs-auth not found)
- Handle missing coverage artifacts gracefully in test-coverage.yml
- Update .prettierignore to exclude apps-archived/ and problematic files
- Format all source files to pass CI checks
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Merged auth/complete into main with resolved conflicts:
- Kept Better Auth system (EdDSA JWT via JWKS)
- Removed all Coolify references
- Added dev:auth and dev:chat:full scripts for auth development
- Combined zitare scripts from main with auth scripts
- Exported both feedback.schema and organizations.schema
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Update auth.controller.spec.ts to expect accessToken/refreshToken/expiresIn
- Refactor jwt-validation.spec.ts to test minimal claims (sub, email, role, sid)
- Remove B2B/B2C org and credit_balance claims from tests (fetched via API now)
- Add Better Auth CLI config for schema generation
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- AUTHENTICATION_ARCHITECTURE.md: JWT flow, EdDSA vs RS256, JWKS usage
- CLAUDE.md: Guidelines to always use Better Auth native features
- Common mistakes and fixes documented
- Developer checklist for auth changes
- Replace jsonwebtoken RS256 validation with jose EdDSA
- Add JWKS endpoint to expose Better Auth public keys
- Use createRemoteJWKSet for token validation
- Fix issuer mismatch (use env var consistently)
- Add jwks table to schema for Better Auth JWT plugin
- Install jose library for JWT verification
- Add backHref prop to PageHeader component for back navigation
- Integrate PageHeader in Chat app (archive, documents, spaces, templates)
- Integrate PageHeader in Picture app (board, generate, profile, tags, upload)
- Integrate PageHeader in Manacore app (dashboard, organizations, teams)
- Integrate PageHeader in Presi app (home, profile)
- Integrate PageHeader in Zitare app (authors, lists)
- Update Picture, Manadeck, Presi profiles to use shared ProfilePage
- Create new profile pages for Manacore and Zitare using shared ProfilePage
- Add profile navigation links to Manacore and Zitare
- Add Mana subscription pages to Presi and Zitare
- Fix shared-profile-ui tsconfig.json (remove invalid extends)
- Add @manacore/shared-profile-ui dependency to all web apps
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add shared-feedback-types package with TypeScript types
- Add shared-feedback-service package with factory function
- Add shared-feedback-ui package with Svelte 5 components
- Add feedback module to mana-core-auth backend
- Add AI service using Gemini 2.0 Flash for title/category generation
- Add database schema and migration for feedback tables
- Integrate feedback page into Chat web app
- Add CORS support for X-App-Id header
- Add COMMANDS.md documentation for all dev commands
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Presi webapp:
- Add PillNavigation from @manacore/shared-ui
- Create navigation store for sidebar/collapsed state
- Update layout with floating/sidebar nav modes
- Hide nav on presentation and shared routes
- Add theme toggle and logout to navigation
Auth service:
- Fix JWT private key parsing by converting \n to actual newlines
- Required for Docker env vars where newlines are escaped
Environment:
- Add localhost:5174-5179 to CORS_ORIGINS for all webapp ports
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
