bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
662 Commits 2 Branches 3 Tags 60 MiB
b0e1a54481
Commit Graph

156 Commits

Author SHA1 Message Date
saravanakumardb1
b0e1a54481 fix(auth): enterprise SSO bcrypt hash + upgrade cost 10→12 
- Enterprise SAML/OIDC callbacks used raw 'sso_xxx' string as passwordHash
  which would crash bcrypt.compare(). Now uses userRepo.hashPassword(randomUUID())
- Added updateLastLogin() for existing enterprise SSO users
- Upgraded bcrypt cost factor from 10 to 12 per PRD spec
- All 53 auth tests passing
 2026-03-12 15:35:00 -07:00
saravanakumardb1
0c4e53a0ed feat(auth): Phase 6 — enterprise SAML/OIDC, magic link, HIBP, E2E specs 
6A: Enterprise IdP CRUD, SAML callback, OIDC callback, email domain lookup
6B: Magic link send/verify (15min TTL, anti-enumeration), HIBP breach check
6D: 3 new E2E specs (account-linking, step-up, enterprise) — total 8 SmartAuth specs
- All 53 auth tests passing
 2026-03-12 15:25:28 -07:00
saravanakumardb1
f4b9124065 feat(auth): add Phase 5C-5E endpoints + SDK methods — TOTP secret, push approvals, QR auth 
- GET /auth/mfa/totp/secret — retrieve decrypted TOTP secret for auth app
- POST /auth/mfa/push/create, GET /pending, POST /:id/respond, GET /:id/status
- POST /auth/qr/create, POST /auth/qr/confirm, GET /auth/qr/:id/status
- Kotlin SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- Swift SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- All 53 auth tests passing
 2026-03-12 15:01:51 -07:00
saravanakumardb1
ae13abfab2 fix(auth): address SmartAuth agent review gaps — Swift mock wiring, passkey SDK consistency, device list parity, JSDoc, SSR docs 2026-03-12 12:27:08 -07:00
saravanakumardb1
a613cf1bf9 test(auth): add SmartAuth integration tests + fix auth.routes.test mocks 
- Add 5 new tests: MFA challenge integration, risk scorer edge cases, login events wiring, device trust pure function
- Fix auth.routes.test.ts: add vi.mock stubs for login-events, risk-scorer, mfa, devices, config, event-bus
- Change afterEach from restoreAllMocks to clearAllMocks (preserves mock implementations between tests)
- Total: 42 smartauth tests, 951 platform-service tests all passing
 2026-03-12 11:27:50 -07:00
saravanakumardb1
0f4be0c325 feat(auth): wire login events into OAuth login helper 
- Record success login event with risk scoring after OAuth token issuance
- Import login-events repo + risk-scorer into oauth/routes
- Best-effort recording — never blocks OAuth login flow
 2026-03-12 11:19:11 -07:00
saravanakumardb1
82d7f157d9 feat(auth): wire login events + MFA challenge into login handler 
- Add recordLoginEvent() helper with risk scoring via scoreLoginRisk()
- On failed login: record 'failed' event with risk assessment
- On MFA-required: issue challenge token, record 'mfa_required' event
- On success: record 'success' event with risk assessment
- Import login-events repo, risk-scorer, mfa repo, challenge store, device repo
 2026-03-12 11:17:23 -07:00
saravanakumardb1
bdb3e95e00 fix(auth): clean up MFA routes — remove redundant imports, use userRepo.update() 
- Remove redundant dynamic import('node:crypto'), use top-level nodeCrypto
- Remove getCollection import, use userRepo.update() for mfaEnabled/mfaMethods
- Expand update() Pick type to include mfaEnabled, mfaMethods, emailVerified
- Remove unused _reply param from MFA policy PUT handler
 2026-03-12 11:12:33 -07:00
saravanakumardb1
362b915ea9 feat(auth): SmartAuth backend core — OAuth, MFA, passkeys, device trust, login events 
Phase 0A: OneAuth schema extension — UserDoc evolution + auth_providers container
Phase 0B: Progressive lockout + IP rate limiting on login
Phase 1A-1B: Google/Microsoft/Apple OAuth + account linking
Phase 1D: Enhanced /auth/me — products, providers, MFA status
Phase 2A-2C: TOTP MFA + challenge flow + admin policies
Phase 3A-3B: WebAuthn passkeys + device trust
Phase 4A: Login events + rule-based risk scoring

New sub-modules: oauth/, mfa/, passkeys/, devices/, login-events/
New containers: auth_providers, auth_mfa, auth_mfa_policies, auth_passkeys, auth_devices, auth_login_events
Tests: 37 new (946 total, all passing), typecheck clean
 2026-03-12 10:55:41 -07:00
saravanakumardb1
a31fdfe55a feat(predictive-analytics): complete admin UI for churn prediction and health scoring 
- Add health-dashboard page with 6-dimension health cards and anomaly detection
- Add predictive/at-risk page with user risk profiles and segmentation
- Add predictive/campaigns page with campaign management and stats
- Add predictive-client.ts API client with full type coverage
- Update all 3 roadmaps to reflect complete implementation status
 2026-03-03 13:48:37 -08:00
saravanakumardb1
dfeed4c10f fix(diagnostics): add missing crypto import for randomUUID [BUG-5] 2026-03-03 12:27:03 -08:00
saravanakumardb1
8749aa211d fix(feedback-client): update tests to use fetch instead of post 2026-03-03 12:26:02 -08:00
saravanakumardb1
7552b8c8e8 fix(diagnostics): remove unused updateSessionStats import [BUG-4] 2026-03-03 12:25:55 -08:00
saravanakumardb1
eb83b83035 fix(diagnostics): resolve FilterMap type error in performance-profile-repository [BUG-3] 2026-03-03 12:24:54 -08:00
saravanakumardb1
7714ab51fb fix(events): add missing platform event schemas for campaign engine and notifications 2026-03-03 12:24:39 -08:00
saravanakumardb1
03cda3a74f fix(platform-service): resolve type errors in diagnostics and ab-testing modules 2026-03-03 12:22:35 -08:00
saravanakumardb1
914e344a92 fix(feedback-client): correct ApiClient method usage and types 2026-03-03 12:20:43 -08:00
saravanakumardb1
05ad9dbedc feat(diagnostics): Phase 4 - automated triggers, crash sessions, session replay, profiling [4.1][4.2][4.3][4.4] 2026-03-03 12:18:58 -08:00
saravanakumardb1
eab854375e feat(ai-diagnostics): add proactive alerts API and complete [4.3] 2026-03-03 12:17:11 -08:00
saravanakumardb1
460ed6d0c0 feat(ai-diagnostics): add admin UI insights page [4.1] 2026-03-03 12:15:09 -08:00
saravanakumardb1
1cba69948f feat(ai-diagnostics): add REST API routes [3.3] 2026-03-03 11:57:00 -08:00
saravanakumardb1
71cbb570ef feat(ai-diagnostics): add query parser and executor [3.1-3.2] 2026-03-03 11:53:59 -08:00
saravanakumardb1
44fa045ec5 feat(ab-testing): AI hypothesis generation and admin dashboard UI [3.1][3.2][3.3][4.1][4.2][4.3] 2026-03-03 11:53:48 -08:00
saravanakumardb1
97b3ffb21d feat(ai-diagnostics): add LLM analyzer with prompts and insight generation [2.1-2.2] 2026-03-03 11:52:12 -08:00
saravanakumardb1
1ff02934fa feat(ai-diagnostics): add telemetry linking and context enrichment [1.3] 2026-03-03 11:50:28 -08:00
saravanakumardb1
8951ab2c92 feat(ai-diagnostics): add HDBSCAN clustering algorithm [1.2.3] 2026-03-03 11:49:05 -08:00
saravanakumardb1
783067e17d feat(ab-testing): bucketing, statistics, guardrails, routes [1.2][2.1][2.2] 2026-03-03 11:48:50 -08:00
saravanakumardb1
917ea03af9 feat(ai-diagnostics): add vector search repository with cosmos integration [1.2.2] 2026-03-03 11:48:12 -08:00
saravanakumardb1
50b7e22985 feat(ai-diagnostics): add Azure OpenAI embedding pipeline [1.2.1] 2026-03-03 11:47:12 -08:00
saravanakumardb1
8cdddd7c23 feat(ai-diagnostics): implement error normalization and fingerprinting [1.1.3] 2026-03-03 11:45:52 -08:00
saravanakumardb1
4de01269b5 feat(ai-diagnostics): add error clustering types and cosmos containers [1.1.1-1.1.2] 2026-03-03 11:44:23 -08:00
saravanakumardb1
3efdd97057 feat(broadcasts): Rich media support in backend types 
- BroadcastMedia interface for image/video/gif/audio
- Extended BroadcastMetrics with media engagement tracking
- Updated CreateBroadcastSchema with media array validation
 2026-03-03 08:36:00 -08:00
saravanakumardb1
30583a1768 feat(diagnostics): implement Phase 1.5 — event bus, audit, rate limiting 
1.5.2 Event Bus: Add warn to noopLog, update comments

1.5.3 Audit: Already implemented in all handlers

1.5.4 Rate Limiting: Add diagnostics keys (10/hr, 12/min, 100/min)

Delivery Templates: Add 4 diagnostics email templates (ready for wiring)

Tests: Update count to 12 templates (was 8)

All 839 tests passing
 2026-03-03 08:19:41 -08:00
saravanakumardb1
8614e3f0f1 fix(feedback): address 6 bugs/gaps from systematic review 
- Fix search icon positioning (add relative container)
- Fix toast variant from 'destructive' to 'error'
- Remove non-existent screenshotUrl fields from delete endpoint
- Fix misleading blob path comment (blob stays at initial location)
- Add download screenshot function and button
- Add pointer-events-none to search icon
 2026-03-03 07:03:27 -08:00
saravanakumardb1
3ded5ad751 fix(diagnostics,test): fix flaky test and test configuration 
- Add DB_PROVIDER=memory to vitest config for diagnostics tests
- Fix flaky timestamp comparison in 'should update a session' test
  - Add 10ms delay between create and update
  - Use toBeGreaterThanOrEqual instead of strict inequality
- All 17 diagnostics tests now pass
 2026-03-03 00:01:20 -08:00
saravanakumardb1
fdaffdb13c docs(feedback): fix 8 bugs/gaps identified in systematic review 
- Fix inconsistent screenshotUrl fields (removed, SAS generated on-demand)
- Fix blob path pattern to match feedbackScreenshots container
- Clarify flow: direct upload to final container (no temp/move)
- Add rate limiting specs to endpoint table
- Clarify access control: users submit but cannot view (security)
- Remove sas.ts from appendix (not created)
- Align size limits to 5MB consistently
- Add missing screenshotContentType and screenshotSizeBytes
 2026-03-03 00:00:14 -08:00
saravanakumardb1
6f9b799cc4 fix(jobs): add missing 'warn' method to logger type in runner.ts 
The JobContext type requires log.warn but runner.ts loggers only
defined info/error. This caused TypeScript errors when passing log
to job handlers.

- Add warn: (...a: unknown[]) => void to startRunner log param
- Add warn: (...a: unknown[]) => void to tick log param
- Add warn: (...a: unknown[]) => void to executeJob log param
 2026-03-02 23:57:21 -08:00
saravanakumardb1
e712968d3d test(feedback): Phase 1.5 - add screenshot and deviceContext schema tests 2026-03-02 23:56:59 -08:00
saravanakumardb1
ecb9f67c99 fix(broadcasts): Fix percentage rollout bucketing logic 
- Use userId only as seed instead of userId + percentage
- Prevents users from being re-bucketed when rollout % increases
- Ensures deterministic assignment for phased rollouts
 2026-03-02 23:56:42 -08:00
saravanakumardb1
e4681fbbb2 fix(broadcasts): Fix metrics increment bug in updateBroadcastMetrics 
- Change from merge pattern to explicit increment pattern
- Each metric field is properly incremented instead of overwritten
- Prevents race condition data loss
 2026-03-02 23:56:09 -08:00
saravanakumardb1
cfbaa92539 feat(feedback): Phase 1.3 - add SAS endpoint and screenshot view/delete routes 2026-03-02 23:55:47 -08:00
saravanakumardb1
b5fb2b683b fix(surveys): Create missing surveys module 
- types.ts: Survey, Question, SurveyResponse, conditional logic, validation
- repository.ts: CRUD + analytics + CSV export with proper type casting
- routes.ts: Admin CRUD + public endpoints (13 routes)

Fixes missing module from Phase 1 implementation
 2026-03-02 23:54:59 -08:00
saravanakumardb1
8d2ba9c1cc feat(feedback): Phase 1.2 - extend repository with screenshot support and blob path generation 2026-03-02 23:52:57 -08:00
saravanakumardb1
acfbd7c9d7 feat(feedback): Phase 1.1 - add screenshot fields and deviceContext to FeedbackDoc 2026-03-02 23:52:18 -08:00
saravanakumardb1
1b11db3f6f feat(broadcasts,surveys): Phase 1 complete - backend modules 
- broadcasts/types.ts: Broadcast, BroadcastTarget, BroadcastMetrics, InAppMessage
- broadcasts/repository.ts: CRUD + delivery tracking + read receipts
- broadcasts/targeting.ts: evaluateTarget(), semver, FNV-1a hash
- broadcasts/routes.ts: Admin CRUD + public endpoints (14 routes)
- surveys/types.ts: Survey, Question, SurveyResponse, conditional logic
- surveys/repository.ts: CRUD + analytics + CSV export
- surveys/routes.ts: Admin CRUD + public endpoints (13 routes)
- cosmos-init.ts: 7 new containers with TTL policies
- server.ts: Register broadcastRoutes + surveyRoutes

Implements Phase 1 of platform_BROADCAST_SURVEY_ROADMAP.md
 2026-03-02 23:51:23 -08:00
saravanakumardb1
6a23a02cd4 fix(diagnostics): BUG-4, BUG-5, BUG-7, BUG-8 - race condition, transactions, test isolation, auth validation 
- BUG-4: Add optimistic concurrency control with retry to updateSessionStats
- BUG-5: Document transaction limitations in batch operations
- BUG-7: Fix test isolation with unique productIds per test run
- BUG-8: Add session ownership validation to ingest endpoints
 2026-03-02 23:47:14 -08:00
saravanakumardb1
4ffb28d8d2 fix(diagnostics): BUG-3 - add authentication check to /diagnostics/config endpoint 2026-03-02 23:45:36 -08:00
saravanakumardb1
4cb8b499af fix(diagnostics): BUG-1, BUG-2 - DRY violation - centralize generateId and buildPk in types.ts 2026-03-02 23:43:11 -08:00
saravanakumardb1
fb71981e53 test(diagnostics): add diagnostics.test.ts with 14+ tests for Phase 1 2026-03-02 23:38:21 -08:00
saravanakumardb1
a66a689d7d feat(diagnostics): Phase 1 complete - types, repository, routes 
- types.ts: Session, Trace, Log, Screenshot schemas with Zod validation
- repository.ts: CRUD operations with composite partition keys
- routes.ts: REST endpoints for session management and data ingest

TODOs for Phase 2:
- TODO-1: Event bus integration
- TODO-2: PII redaction implementation
- TODO-6: PII redaction in log ingest
- TODO-7: Fatal log alerting
- TODO-8: Blob SAS token generation
 2026-03-02 23:36:59 -08:00