bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
180 Commits 2 Branches 3 Tags 60 MiB
d829c41fd4
Commit Graph

180 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
saravanakumardb1
d829c41fd4 docs: update migration checklist — Phases 1-4 complete 2026-02-15 15:38:11 -08:00
saravanakumardb1
c6937b74a6 docs(migration): mark Phase 2 Commit 17 complete 
- Updated Phase 2 checklist with Android migration commit hash 63aa2ae
 2026-02-15 15:19:12 -08:00
saravanakumardb1
855ebffcf6 docs(migration): mark Phase 2 Commit 16 complete 
- Added Phase 2 progress checklist
- Marked Commit 16 complete with learning_voice_ai_agent hash 26d2a8b
 2026-02-15 15:15:08 -08:00
saravanakumardb1
e7c8023aa8 docs(migration): mark Commit 15 complete with test commit hash 2026-02-15 15:09:54 -08:00
saravanakumardb1
8a7a0495b0 test(platform-service): add route-level tests for Phase 1 migration behaviors 
- Added auth register route tests for default provisioning and best-effort fallback
- Added license activate route tests for token issuance, product device limits, and lockout
- Added Stripe webhook route tests for any-product fallback and plan normalization
- Verified: tsc --noEmit clean, 23 test files / 189 tests passing
 2026-02-15 15:09:23 -08:00
saravanakumardb1
d236f19d42 docs(migration): track Phase 1 commit progress and review fixes 
- Added checklist with commit hashes for commits 9-14
- Marked commit 15 pending
- Documented post-implementation bugfix commits from systematic review
 2026-02-15 15:01:54 -08:00
saravanakumardb1
b987dec92c fix(platform-service): make Stripe webhook product routing resilient 
- Added cross-product fallback lookup by stripeCustomerId when metadata lacks productId
- Ensure invoice payments are stored under the resolved subscription productId
- Normalize checkout metadata plan value before persistence/sync
- Keep auth plan sync aligned with resolved product context
- Verified: tsc --noEmit clean, 20 test files / 183 tests passing
 2026-02-15 15:01:02 -08:00
saravanakumardb1
a699dd9073 fix(platform-service): harden register/stripe flows for multi-product correctness 
- Make auth register provisioning truly best-effort (warn on failure, do not fail signup)
- Process Stripe webhook events for all products (remove non-default skip)
- Derive updated subscription plan from Stripe price IDs on subscription.updated
- Sync derived plan to auth users and backend plan sync endpoint
- Verified: tsc --noEmit clean, 20 test files / 183 tests passing
 2026-02-15 14:59:27 -08:00
saravanakumardb1
0c3c109bf1 feat(platform-service): add settings module with device overrides 
- Added settings module (types, repository, routes)
- Endpoints: GET/PUT /settings, GET/PUT/DELETE /settings/device/:deviceId
- Enforced userId from JWT and productId request scoping
- Added settings Cosmos container registration and route registration in server
- Added module tests for settings schemas and route export
- Verified: tsc --noEmit clean, 20 test files / 183 tests passing
 2026-02-15 14:57:20 -08:00
saravanakumardb1
84681cbf75 feat(platform-service): add user plan update to auth module for Stripe webhooks 
- Added auth repository updatePlan(userId, productId, plan) helper
- Stripe webhook handlers now sync plan changes into auth users container
- Handles checkout completion and cancellation downgrade paths
- Keeps existing backend sync behavior intact
- Verified: tsc --noEmit clean, 19 test files / 178 tests passing
 2026-02-15 14:47:26 -08:00
saravanakumardb1
a264538c5e feat(platform-service): register hook provisions subscription + license from product config 
- /auth/register now validates product from products cache
- Automatically provisions initial subscription using product defaultPlan + trialDays
- Automatically provisions initial license using product licensePrefix + deviceLimits
- Keeps auth user creation as primary flow while adding provisioning side-effects
- Verified: tsc --noEmit clean, 19 test files / 178 tests passing
 2026-02-15 14:44:31 -08:00
saravanakumardb1
5e38342930 feat(platform-service): licenses/activate issues JWT tokens + IP lockout 
- /licenses/activate now enforces in-memory IP lockout window for failed attempts
- Device limit enforcement now reads from product config by plan (deviceLimits)
- Successful activation returns { license, accessToken, refreshToken }
- Re-activation on existing device also returns tokens
- Keeps existing license validity checks (status, expiry)
- Verified: tsc --noEmit clean, 19 test files / 178 tests passing
 2026-02-15 14:42:58 -08:00
saravanakumardb1
17772ed42a feat(platform-service): auth/refresh returns both accessToken + refreshToken 
- Refresh endpoint now rotates refresh token and returns both tokens
- Keeps existing refresh token validation semantics
- Verified: tsc --noEmit clean, 19 test files / 178 tests passing
 2026-02-15 14:40:34 -08:00
saravanakumardb1
a9ac953ed1 feat(platform-service): add plan field to auth UserDoc + auth responses 
- Added plan to auth UserDoc model and token payload typing
- Register flow initializes user.plan from product default plan
- Login/Register/Me responses now include user.plan
- Access tokens now include optional plan claim
- Verified: tsc --noEmit clean, 19 test files / 178 tests passing
 2026-02-15 14:39:42 -08:00
saravanakumardb1
0fee7e9ee7 test(platform-service): add products module tests and fix product schema defaults 
- Added products.test.ts covering CreateProductSchema and UpdateProductSchema
- Added route export smoke test for productRoutes
- Fixed CreateProductSchema packageName default validation (allow empty default)
- Verified: tsc --noEmit clean, 19 test files / 178 tests passing
 2026-02-15 14:36:33 -08:00
saravanakumardb1
c0830e3dec refactor(platform-service): remove BILLING_INTERNAL_KEY guard from server.ts 
- Billing routes (subscriptions, usage, plans, licenses) now registered directly
- No more X-Internal-Key header check — JWT-based productId auth is sufficient
- BILLING_INTERNAL_KEY removed from config schema and AKV secret resolution
- 166 tests pass, tsc clean
 2026-02-15 14:30:30 -08:00
saravanakumardb1
60617ab050 refactor(platform-service): replace PRODUCT_ID with getRequestProductId(req) in all modules 
- 26 files updated: all repositories accept productId parameter instead of env var
- All route handlers extract productId via getRequestProductId(req) (JWT → header → env fallback)
- Repositories: auth, flags, audit, notifications, licenses, plans, referrals, usage, subscriptions, invitations
- Routes: all above + promos, items, memory, public, ratelimit, stripe
- lib/webhooks.ts: dispatchWebhook accepts optional productId parameter
- Stripe webhook handler uses metadata-based productId (no client JWT available)
- Ratelimit default config uses DEFAULT_PRODUCT_ID at startup
- 166 tests pass, tsc --noEmit clean
 2026-02-15 14:29:11 -08:00
saravanakumardb1
8e5c6dc2d6 refactor(platform-service): auth routes + types — add productId to login/register schemas 
- LoginSchema and RegisterSchema now require productId field
- Login/Register routes use productId from request body (not env var)
- PRODUCT_ID import removed from auth/routes.ts
- Test fixtures updated with productId: 'lysnrai'
 2026-02-15 14:18:59 -08:00
saravanakumardb1
8cc70db676 refactor(platform-service): auth/jwt.ts — productId from caller, issuer → 'bytelyst-platform' 
- createAccessToken() and createRefreshToken() now require productId parameter
- Issuer changed from PRODUCT_ID env var to generic 'bytelyst-platform'
- verifyToken() validates against 'bytelyst-platform' issuer
- auth/routes.ts callers updated to pass productId (still from PRODUCT_ID env var for now)
- Refresh endpoint reads productId from user doc
 2026-02-15 14:16:49 -08:00
saravanakumardb1
465d429e09 feat(platform-service): add Fastify onRequest hook to parse JWT → req.jwtPayload 
- Best-effort JWT parsing on every request (non-blocking for unauthenticated routes)
- Attaches parsed payload to req.jwtPayload for downstream use by getRequestProductId()
- Invalid/expired tokens silently ignored — auth-required routes handle their own validation
 2026-02-15 14:15:17 -08:00
saravanakumardb1
365061566a feat(platform-service): add getRequestProductId() + getRequestProductConfig() helpers 
- New lib/request-context.ts with product validation against cache
- Priority: JWT payload > X-Product-Id header > env var fallback
- Rejects unknown or disabled products with 400 Bad Request
- Augments FastifyRequest with jwtPayload type declaration
- getRequestProductConfig() for modules needing product-specific values
 2026-02-15 14:14:17 -08:00
saravanakumardb1
755c16dbfb feat(platform-service): add products module (types, repository, cache, routes) 
- New products container in Cosmos DB (partition key: /id)
- ProductDoc: displayName, licensePrefix, deviceLimits, trialDays, status
- In-memory cache loaded on startup via loadProductCache()
- CRUD routes: GET/POST /products, GET/PUT /products/:id
- Cache refreshed after admin writes (create/update)
- Registered before all other modules in server.ts
 2026-02-15 14:13:03 -08:00
Saravana Achu Mac
588d164ea0 docs(workstreams): align checklist with service consolidation 2026-02-15 08:58:58 -08:00
Saravana Dhandapani
6acb3c05cd docs(workstreams): link MindLyst Android mic + blob upload commits 2026-02-15 04:04:46 -08:00
Saravana Dhandapani
4d062ea6ca docs(workstreams): link MindLyst iOS voice blob upload 2026-02-15 03:57:40 -08:00
Saravana Dhandapani
5eba8f5b60 docs(workstreams): link triageResult + blob media ref work 2026-02-15 03:52:19 -08:00
Saravana Dhandapani
e64bba258f feat(platform-service): allow memory-items to store blob media refs 2026-02-15 03:50:51 -08:00
Saravana Dhandapani
759fd78f3e docs(workstreams): link MindLyst iOS/Android memory-items wiring commits 2026-02-15 03:45:54 -08:00
Saravana Dhandapani
224c78f90f docs(workstreams): note MindLyst iOS posting memory-items 2026-02-15 03:37:49 -08:00
Saravana Dhandapani
1011fd85f8 feat(platform-service): restrict blob SAS/list/info to user scope 2026-02-15 03:31:27 -08:00
saravanakumardb1
63ab1631e1 docs(workstreams): update progress — TestFlight builds, delete history, sessions design, devops docs, production readiness 2026-02-15 03:25:05 -08:00
Saravana Dhandapani
17c41e8441 feat(platform-service): add memory-items API backed by Cosmos 2026-02-15 03:20:09 -08:00
saravanakumardb1
cb728d3dfe docs: update agent docs — add missing packages, fix stale service refs, update test counts 2026-02-15 01:09:29 -08:00
saravanakumardb1
4d78c45e85 docs: mark all 13 lysnr-* secrets as seeded, remove kv.txt + kv_azure.txt, update audit + rotation docs 2026-02-15 00:53:04 -08:00
Saravana Dhandapani
7b529b420c docs: kv values 2026-02-15 00:51:19 -08:00
Saravana Dhandapani
469efc6b8a chore: add kv export audit 2026-02-15 00:43:29 -08:00
Saravana Dhandapani
7c72ed702a ci: add lysnr kv seeder 2026-02-15 00:31:31 -08:00
saravanakumardb1
a7dd0a3daf chore: add kv.txt seed script for 13 lysnr-* secrets + update audit doc recovery status 2026-02-14 23:52:16 -08:00
saravanakumardb1
3bfdb7a084 docs: add git history recovery summary to KV audit, gitignore kv.txt seed file 2026-02-14 23:43:27 -08:00
saravanakumardb1
e5a481fb05 docs: holistic devops docs review — fix stale refs, rewrite KV rotation doc, delete scratchpad + outdated files 2026-02-14 23:24:41 -08:00
Saravana Dhandapani
e4a9998e4b devops: kv action 2026-02-14 23:11:48 -08:00
Saravana Dhandapani
ea44a73b62 docs(devops): add environment variables and Key Vault audit 
Comprehensive audit of environment variables and Azure Key Vault secrets:
- Scanned all 35+ environment variables used across services
- Audited all 17 secrets in Azure Key Vault
- Identified critical gap: ZERO LysnrAI secrets in Key Vault
- MindLyst: 12 secrets (fully populated)
- MyWisprAI: 7 secrets (partially populated)
- LysnrAI: 0 secrets (100% missing)
- Listed 13 missing critical/high priority secrets
- Provided remediation plan with seed script instructions
- Added secret rotation strategy
- Included quick fix commands for Azure CLI

Critical findings:
- Missing Cosmos DB, JWT, Stripe, Gemini API keys for LysnrAI
- Code expects lysnr-* prefixed secrets but none exist
- Immediate action required to seed Key Vault

Co-Authored-By: Warp <agent@warp.dev>
 2026-02-14 23:05:56 -08:00
Saravana Dhandapani
598a84513a docs(devops): add comprehensive Azure resource inventory 
Added AZURE_RESOURCE_INVENTORY.md with complete Azure infrastructure documentation:
- Subscription details and resource groups
- Full resource tree with all 13 Azure resources
- Cosmos DB databases (mindlyst, lysnrai, mywisprai) with all containers
- Storage, Key Vault, OpenAI, Speech Services, Notification Hubs
- Environment variables and resource IDs
- Geographic distribution and cost optimization notes
- Azure CLI quick commands

Co-Authored-By: Warp <agent@warp.dev>
 2026-02-14 22:59:46 -08:00
saravanakumardb1
dcf6914419 docs: move Azure KV and portal setup docs into docs/devops/ 2026-02-14 22:52:06 -08:00
saravanakumardb1
25594381ab feat: add AKV seed script and AZURE_KEYVAULT_URL to .env.example 2026-02-14 22:25:04 -08:00
saravanakumardb1
81999dcbb3 feat(services): wire AKV secret resolution in platform-service and extraction-service startup 2026-02-14 22:18:01 -08:00
saravanakumardb1
2e5b4de0c4 feat(config): add Azure Key Vault secret resolution with env fallback 2026-02-14 22:15:02 -08:00
saravanakumardb1
fb3bc750eb fix: update .env.example comments, Grafana dashboard, and debug-service.md for consolidated services 2026-02-14 22:01:55 -08:00
saravanakumardb1
7c18cb45f4 docs: mark Phase 5 complete in consolidation roadmap 2026-02-14 21:54:50 -08:00
saravanakumardb1
11ca4e95e3 docs: Phase 5 update AGENTS.md, package.json, monitoring for consolidated services 2026-02-14 21:54:09 -08:00