till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-15 21:39:39 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
managarten/docs/URL_SCHEMA.md
Till JS bfa8a0a773 fix(mana-auth): /api/v1/auth/login mints JWT via auth.handler instead of api.signInEmail 
Previous attempt (commit 55cc75e7d) tried to fix the broken JWT mint
in /api/v1/auth/login by switching the cookie name from
`mana.session_token` to `__Secure-mana.session_token` for production.
That was necessary but not sufficient: Better Auth's session cookie
value isn't just the raw session token, it's `<token>.<HMAC>` where
the HMAC is derived from the better-auth secret. Reconstructing the
cookie from auth.api.signInEmail's JSON response only gave us the raw
token, so /api/auth/token's get-session middleware still couldn't
validate it and the JWT mint kept silently failing.

Real fix: do the sign-in via auth.handler (the HTTP path) rather than
auth.api.signInEmail (the SDK path). The handler returns a real fetch
Response with a Set-Cookie header containing the fully signed cookie
envelope. We capture that header verbatim and forward it as the cookie
on the /api/auth/token request, which now passes validation and mints
the JWT correctly.

Verified end-to-end on auth.mana.how:

  $ curl -X POST https://auth.mana.how/api/v1/auth/login \
      -d '{"email":"...","password":"..."}'
  {
    "user": {...},
    "token": "<session token>",
    "accessToken": "eyJhbGciOiJFZERTQSI...",   ← real JWT now
    "refreshToken": "<session token>"
  }

Side benefits:
- The email-not-verified path is now handled by checking
  signInResponse.status === 403 directly, no more catching APIError
  with the comment-noted async-stream footgun.
- X-Forwarded-For is forwarded explicitly so Better Auth's rate limiter
  and our security log see the real client IP.
- The leftover catch block now only handles unexpected exceptions
  (network errors etc); the FORBIDDEN-checking logic in it is dead but
  harmless and left in for defense in depth.
2026-04-08 16:25:55 +02:00

5.4 KiB
Raw Blame History

URL Schema - mana.how

This document defines the URL schema for all mana.how subdomains.

Naming Convention

  • Landing Pages: Plural form (e.g., calendars.mana.how)
  • Web Apps: Singular form (e.g., calendar.mana.how)
  • APIs: Singular + -api suffix (e.g., calendar-api.mana.how)
  • Short URLs: Redirect to Web Apps for convenience

Complete URL Mapping

Core Apps (Production)

App Web App API Status
Calendar calendar.mana.how api.mana.how/calendar Active
Clock clock.mana.how api.mana.how/clock Active
Todo todo.mana.how api.mana.how/todo Active
Contacts contacts.mana.how api.mana.how/contacts Active
Chat chat.mana.how api.mana.how/chat Active
Storage storage.mana.how api.mana.how/storage Active
Zitare zitare.mana.how api.mana.how/zitare Active
NutriPhi nutriphi.mana.how api.mana.how/nutriphi Active
Presi presi.mana.how api.mana.how/presi Active
SkillTree skilltree.mana.how api.mana.how/skilltree Active
Photos photos.mana.how api.mana.how/photos Active

Platform Services

Service URL Description
Main Dashboard mana.how Main landing/dashboard
Auth Service auth.mana.how Central authentication (mana-auth)
API Gateway api.mana.how Unified API gateway
Media Service media.mana.how Image/video processing
LLM Service llm.mana.how LLM abstraction layer
LLM Playground playground.mana.how LLM testing interface
File Storage files.mana.how MinIO/S3 file access

Automation

Service URL Description
N8N n.mana.how Workflow automation

Monitoring & Admin

Service URL Description
Grafana grafana.mana.how Metrics dashboards
Umami (internal :8010) Web analytics

Umami Tracking (Analytics)

For web analytics, the following apps are tracked in Umami:

Umami Website ID Display Name Domain
mana-webapp Dashboard mana.how
chat-webapp Chat chat.mana.how
todo-webapp Todo todo.mana.how
calendar-webapp Calendar calendar.mana.how
clock-webapp Clock clock.mana.how
contacts-webapp Contacts contacts.mana.how
storage-webapp Storage storage.mana.how
zitare-webapp Zitare zitare.mana.how
nutriphi-webapp NutriPhi nutriphi.mana.how
presi-webapp Presi presi.mana.how
skilltree-webapp SkillTree skilltree.mana.how
photos-webapp Photos photos.mana.how

Short URL Redirects

Convenience redirects for quick access to Web Apps:

Short URL Redirects To
cal.mana.how calendar.mana.how
clok.mana.how clock.mana.how
con.mana.how contact.mana.how
pic.mana.how picture.mana.how
zit.mana.how zitare.mana.how

Hosting

Landing Pages (Astro Static Sites)

Platform: Cloudflare Pages

Landing pages are deployed via Cloudflare Pages using Wrangler CLI:

# Deploy individual landing page
pnpm deploy:landing:calendar
pnpm deploy:landing:clock
pnpm deploy:landing:todo
pnpm deploy:landing:contacts
pnpm deploy:landing:chat
pnpm deploy:landing:picture
pnpm deploy:landing:zitare

# Deploy all landing pages
pnpm deploy:landing:all

Cloudflare Project Names:

App Cloudflare Project Custom Domain
Calendar calendars-landing calendars.mana.how
Clock clocks-landing clocks.mana.how
Todo todos-landing todos.mana.how
Contacts contacts-landing contacts.mana.how
Chat chats-landing chats.mana.how
Picture pictures-landing pictures.mana.how
Zitare zitares-landing zitares.mana.how

Web Apps & APIs

Platform: Mac Mini (self-hosted) via Docker + Cloudflare Tunnel

DNS Configuration

Web apps and APIs are routed via Cloudflare Tunnel to the Mac Mini. Landing pages use Cloudflare Pages.

Cloudflare Tunnel (Web Apps & APIs)

All *.mana.how subdomains are routed via Cloudflare Tunnel to the Mac Mini Docker containers. No A records needed — Cloudflare manages the DNS.

CNAME Records (Cloudflare - Landing Pages)

calendars.mana.how   CNAME  calendars-landing.pages.dev
clocks.mana.how      CNAME  clocks-landing.pages.dev
todos.mana.how       CNAME  todos-landing.pages.dev
contacts.mana.how    CNAME  contacts-landing.pages.dev
chats.mana.how       CNAME  chats-landing.pages.dev
pictures.mana.how    CNAME  pictures-landing.pages.dev
zitares.mana.how     CNAME  zitares-landing.pages.dev

Short URL Redirects (Cloudflare Redirect Rules or CNAME)

cal.mana.how   → 301 redirect to calendar.mana.how
clok.mana.how  → 301 redirect to clock.mana.how
con.mana.how   → 301 redirect to contact.mana.how
pic.mana.how   → 301 redirect to picture.mana.how
zit.mana.how   → 301 redirect to zitare.mana.how

Adding a New App

  1. Create landing page in apps/{app}/apps/landing/
  2. Add wrangler.toml with project name {apps}-landing
  3. Add deploy script to root package.json
  4. Create Cloudflare Pages project: npx wrangler pages project create {apps}-landing
  5. Add custom domain in Cloudflare dashboard
  6. Update this documentation