bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
660 Commits 2 Branches 3 Tags 60 MiB
f4b9124065
Commit Graph

660 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
saravanakumardb1
f4b9124065 feat(auth): add Phase 5C-5E endpoints + SDK methods — TOTP secret, push approvals, QR auth 
- GET /auth/mfa/totp/secret — retrieve decrypted TOTP secret for auth app
- POST /auth/mfa/push/create, GET /pending, POST /:id/respond, GET /:id/status
- POST /auth/qr/create, POST /auth/qr/confirm, GET /auth/qr/:id/status
- Kotlin SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- Swift SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- All 53 auth tests passing
 2026-03-12 15:01:51 -07:00
saravanakumardb1
b1b3fe42df feat(llm-router): add @bytelyst/llm-router — pure-code LLM router for free-tier providers 
- 4 providers: Groq, OpenRouter, Together AI, Cerebras
- Regex-based prompt classifier (code/math/reasoning/creative/general)
- Instance-level round-robin state (no shared module globals)
- Sliding-window health tracker (latency, error rate, rate-limit rate)
- Auto-fallback on 429/5xx with per-attempt latency tracking
- Telemetry hook for all routing decisions (auto + explicit)
- OpenRouter recommended headers (HTTP-Referer, X-Title)
- 47 tests across 5 test files, zero runtime deps
 2026-03-12 13:45:49 -07:00
saravanakumardb1
ae13abfab2 fix(auth): address SmartAuth agent review gaps — Swift mock wiring, passkey SDK consistency, device list parity, JSDoc, SSR docs 2026-03-12 12:27:08 -07:00
saravanakumardb1
a613cf1bf9 test(auth): add SmartAuth integration tests + fix auth.routes.test mocks 
- Add 5 new tests: MFA challenge integration, risk scorer edge cases, login events wiring, device trust pure function
- Fix auth.routes.test.ts: add vi.mock stubs for login-events, risk-scorer, mfa, devices, config, event-bus
- Change afterEach from restoreAllMocks to clearAllMocks (preserves mock implementations between tests)
- Total: 42 smartauth tests, 951 platform-service tests all passing
 2026-03-12 11:27:50 -07:00
saravanakumardb1
0f4be0c325 feat(auth): wire login events into OAuth login helper 
- Record success login event with risk scoring after OAuth token issuance
- Import login-events repo + risk-scorer into oauth/routes
- Best-effort recording — never blocks OAuth login flow
 2026-03-12 11:19:11 -07:00
saravanakumardb1
82d7f157d9 feat(auth): wire login events + MFA challenge into login handler 
- Add recordLoginEvent() helper with risk scoring via scoreLoginRisk()
- On failed login: record 'failed' event with risk assessment
- On MFA-required: issue challenge token, record 'mfa_required' event
- On success: record 'success' event with risk assessment
- Import login-events repo, risk-scorer, mfa repo, challenge store, device repo
 2026-03-12 11:17:23 -07:00
saravanakumardb1
10494ae0e4 feat(auth): SmartAuth tracker-web — OAuth proxy, MFA verify, login page with Google Sign-In 
- Add OAuth proxy route with productId forwarding via getRequestProductId
- Add MFA verify proxy route
- Update login page with Google Sign-In button (env-gated) and MFA challenge flow
- Fix completeAuth to avoid redundant router.push before window.location.href
- Add NEXT_PUBLIC_GOOGLE_CLIENT_ID to .env.example
- Add MessageEvent to ESLint globals for popup message handler
 2026-03-12 11:15:44 -07:00
saravanakumardb1
ac798a727e test(auth): SmartAuth Playwright E2E specs — login, MFA settings, security dashboard, devices, passkeys 
- smartauth-login.spec.ts: Google Sign-In button presence, MFA challenge not shown initially
- smartauth-mfa-settings.spec.ts: MFA status, setup/disable flows with API mocking
- smartauth-security-dashboard.spec.ts: stats cards, login events table, suspicious filter
- smartauth-devices.spec.ts: device list, trust badges, revoke all button
- smartauth-passkeys.spec.ts: passkey list, add button, empty state, device type labels
 2026-03-12 11:13:41 -07:00
saravanakumardb1
067a23449f feat(auth): SmartAuth admin-web — OAuth proxy, MFA settings, devices, passkeys, security dashboard 
- Add 15 API proxy routes for SmartAuth endpoints (OAuth, MFA, devices, passkeys, security)
- Add MFA Settings page (/settings/security) with TOTP setup/verify/disable flow
- Add Device Management page (/settings/devices) with trust badges and revoke actions
- Add Passkey Management page (/settings/passkeys) with WebAuthn registration
- Add Admin Security Dashboard (/ops/security) with stats, provider distribution, login events
- Update login page with Google Sign-In button (env-gated) and MFA challenge flow
- Add sidebar nav links for new security pages
- Fix sidebar nav highlighting for nested routes (exact match for parent items)
- Add NEXT_PUBLIC_GOOGLE_CLIENT_ID to .env.example
 2026-03-12 11:13:14 -07:00
saravanakumardb1
bdb3e95e00 fix(auth): clean up MFA routes — remove redundant imports, use userRepo.update() 
- Remove redundant dynamic import('node:crypto'), use top-level nodeCrypto
- Remove getCollection import, use userRepo.update() for mfaEnabled/mfaMethods
- Expand update() Pick type to include mfaEnabled, mfaMethods, emailVerified
- Remove unused _reply param from MFA policy PUT handler
 2026-03-12 11:12:33 -07:00
saravanakumardb1
362b915ea9 feat(auth): SmartAuth backend core — OAuth, MFA, passkeys, device trust, login events 
Phase 0A: OneAuth schema extension — UserDoc evolution + auth_providers container
Phase 0B: Progressive lockout + IP rate limiting on login
Phase 1A-1B: Google/Microsoft/Apple OAuth + account linking
Phase 1D: Enhanced /auth/me — products, providers, MFA status
Phase 2A-2C: TOTP MFA + challenge flow + admin policies
Phase 3A-3B: WebAuthn passkeys + device trust
Phase 4A: Login events + rule-based risk scoring

New sub-modules: oauth/, mfa/, passkeys/, devices/, login-events/
New containers: auth_providers, auth_mfa, auth_mfa_policies, auth_passkeys, auth_devices, auth_login_events
Tests: 37 new (946 total, all passing), typecheck clean
 2026-03-12 10:55:41 -07:00
saravanakumardb1
2c330387fc feat(auth): native SDK passkey + BLAuthUI Swift + Kotlin social/MFA 
SmartAuth v2 SDK extensions for both Swift and Kotlin platform SDKs:

Swift (BLAuthClient.swift):
- Social login, MFA, passkeys, providers, devices, step-up, login history
- New types: BLMfaChallenge, BLTotpSetup, BLMfaStatus, BLAuthProvider, etc.
- BLAuthState: added .mfaRequired case

Swift (BLAuthUI.swift) — 4 reusable views:
- BLLoginView, BLMfaChallengeView, BLPasskeyView, BLStepUpSheet

Kotlin (BLAuthClient.kt):
- Social login, MFA, providers, devices, step-up, login history
- MFA challenge detection in login(), encodeMap() helper

Kotlin (BLPasskeyManager.kt) — Credential Manager passkey wrapper
Kotlin (BLAuthUI.kt) — 5 Compose screens matching Swift BLAuthUI
Kotlin build.gradle.kts — Credential Manager dependencies

Tests: Swift (6 methods), Kotlin (5 methods)
 2026-03-12 10:55:32 -07:00
saravanakumardb1
53f2a97d40 feat(auth): SmartAuth SDK packages — OAuth, MFA, passkeys, devices, RS256, auth-ui 
Phase 1C: @bytelyst/auth-client + @bytelyst/react-auth Google Sign-In
- loginWithGoogle/Microsoft/Apple(idToken) → POST /auth/oauth/:provider
- getProviders/linkProvider/unlinkProvider → provider management
- React context: loginWithGoogle, providers state, refreshProviders

Phase 2D: MFA + Social Login SDK + Auth UI
- verifyMfa/setupTotp/verifyTotpSetup/disableMfa/getMfaStatus
- regenerateRecoveryCodes → recovery code management
- React context: mfaRequired/mfaChallenge/mfaMethods state, verifyMfa action
- login() handles MfaLoginResult (returns false, sets MFA state)
- NEW @bytelyst/auth-ui: LoginForm, MfaChallenge, SocialButtons components

Phase 3: Passkeys + Device SDK
- getPasskeyRegisterOptions/verifyPasskeyRegistration
- getPasskeyAuthOptions/verifyPasskeyAuth/listPasskeys/deletePasskey
- listDevices/trustDevice/revokeDevice/revokeAllDevices

Phase 4C: @bytelyst/auth RS256 support
- createJwtUtils({ algorithm: 'RS256', rsaPrivateKey, rsaPublicKey })
- Dual verification: RS256 first, HS256 fallback (migration-safe)
- Remote JWKS support via jwksUrl option
- Backward-compatible: HS256 remains default

Phase 5B: Admin security endpoints
- getSecurityOverview/unlockUser/exportAuthData/cancelDeletion

Tests: 101 total (36 auth-client + 21 react-auth + 13 auth-ui + 31 auth)
Builds: all 4 packages pass tsc
 2026-03-12 10:50:56 -07:00
saravanakumardb1
c8b520ba12 chore: sync chat history workflows and repo metadata 2026-03-11 09:13:49 -07:00
saravanakumardb1
9a00fbd86a fix(workflow): add FlowMonk to agent-doc generator 2026-03-10 23:35:29 -07:00
saravanakumardb1
ad2891040d docs(audit): add FlowMonk workspace audit and refresh inventory 2026-03-10 22:29:11 -07:00
saravanakumardb1
a45aa8c3fe feat(design-tokens): add flowmonk product-specific token namespace (--fm-*) 2026-03-10 19:35:19 -07:00
saravanakumardb1
ac525563dc test(packages): add file-store tests for @bytelyst/event-store (9 tests), SSE hub tests for @bytelyst/fastify-sse (12 tests) 2026-03-10 18:48:07 -07:00
saravanakumardb1
07d698e700 feat(packages): add @bytelyst/event-store, @bytelyst/fastify-sse, @bytelyst/webhook-dispatch — reusable event infrastructure for product backends 2026-03-10 18:37:01 -07:00
saravanakumardb1
38653bd9ec ci: update CI/CD configuration 2026-03-10 11:32:25 -07:00
saravanakumardb1
aff78c55a4 fix(mcp-server): align notes tool outputs with contracts 2026-03-10 09:54:08 -07:00
saravanakumardb1
ec3dd4bd66 feat(mcp-server): add notes tool integration 2026-03-10 09:39:07 -07:00
saravanakumardb1
925e9b6b0f ci: update CI/CD configuration 2026-03-06 13:55:01 -08:00
saravanakumardb1
b52ffc84e1 docs(fastify-core): resolve follow-up todos 2026-03-06 13:53:29 -08:00
saravanakumardb1
49db2cd2af fix(platform-service): pin vitest pool to threads 2026-03-06 13:52:44 -08:00
saravanakumardb1
87f4955861 docs(fastify-core): record review fix progress 2026-03-06 13:44:51 -08:00
saravanakumardb1
63b0d20b07 fix(fastify-core): address jwt rollout review findings 2026-03-06 13:44:22 -08:00
saravanakumardb1
39caac159b docs(fastify-core): update migration progress log 2026-03-06 13:39:00 -08:00
saravanakumardb1
e4baa2fc16 refactor(platform-service): use shared optional jwt context 2026-03-06 12:57:00 -08:00
saravanakumardb1
cfca118c71 feat(fastify-core): add shared optional jwt context 2026-03-06 12:52:49 -08:00
saravanakumardb1
acfad8a042 feat(fastify-core): harden lifecycle and readiness support 2026-03-06 12:47:29 -08:00
saravanakumardb1
fb21c5d14d docs(fastify-core): add audit and remediation roadmap 2026-03-06 12:37:28 -08:00
saravanakumardb1
8f63713c52 docs(inventory): refresh platform and workspace capability maps 2026-03-05 22:59:45 -08:00
saravanakumardb1
d365bc59d6 refactor(mcp-server): tighten MCP tool typing after review 2026-03-05 22:37:53 -08:00
saravanakumardb1
b199ea7976 fix(mcp-server): align secret and experiment tools with real services 2026-03-05 22:36:30 -08:00
saravanakumardb1
53f34851df fix(mcp-server): resolve lint blockers in new MCP tools 2026-03-05 22:30:39 -08:00
saravanakumardb1
3a7139790c fix(mcp-server): Improve error handling in A2A pipelines 
- regression-watch-pipeline.ts: Add try/catch around session creation, continue on failures
- post-incident-cleanup-pipeline.ts: Add try/catch around policy deletion and audit export
- Fix extractionResetProductRateLimit optional parameter pattern
- Update return values to use actual counts instead of targets
- All pipelines now continue processing individual items instead of failing entirely
- Add proper type casting for audit response events array
 2026-03-05 22:09:56 -08:00
saravanakumardb1
ccf71b898c docs: Update EXECUTION_CHECKLIST.md with Phase 15 completion 
- Document 7 extraction async jobs tools added
- Document 2 A2A pipelines implemented (regression-watch, post-incident-cleanup)
- Update MCP server total to 135 tools across 18 namespaces
- Add implementation notes and fixes applied
 2026-03-05 22:07:53 -08:00
saravanakumardb1
40db19a389 feat(mcp-server): Add 2 high-priority A2A pipelines 
- regression-watch-pipeline.ts: Monitor error clusters and auto-create diagnostics sessions
- post-incident-cleanup-pipeline.ts: Resolve clusters, delete policies, export audit logs
- a2a-tools.ts: Register both pipelines as MCP tools (a2a.regressionWatch, a2a.postIncidentCleanup)
- Fix platform-client function names and TelemetryCluster interface usage
- Both pipelines support dryRun mode and proper error handling
- Fix ESLint warnings: remove unused imports, add proper types

All tools require admin role and use existing platform-service endpoints.
 2026-03-05 22:07:42 -08:00
saravanakumardb1
c8fafbb564 feat(mcp-server): Add 7 missing extraction async jobs tools 
- extraction.extractBatch: batch extraction with shared config
- extraction.submitJob: async job submission with webhook support
- extraction.getJob: get job status/results by ID
- extraction.listJobs: list recent async jobs
- extraction.getProductRateLimitStatus: per-product or summary rate limits
- extraction.resetProductRateLimit: admin rate limit reset
- extraction.sidecarMonitoringState: detailed sidecar circuit breaker state

All tools require admin role and map to existing extraction-service endpoints.
Fixes TypeScript optional parameter error in extractionGetProductRateLimitStatus.
 2026-03-05 22:05:00 -08:00
saravanakumardb1
4537ed271e docs(ux-lab): consolidate each kit to single PROMPT.md + .gitignore only 2026-03-05 21:42:19 -08:00
saravanakumardb1
1db2263599 docs(ux-lab): fix GitHub username saravanakumardb1 → saravanakumardb in all kit docs 2026-03-05 21:20:05 -08:00
saravanakumardb1
401bf13a88 docs(ux-lab): add GitHub repo names to all 8 kit folders + add missing READMEs 2026-03-05 21:17:36 -08:00
Saravana Achu Mac
6d6ca217a5 chore(devops): improve railway deploy script, add env sync and deployment runbook 
- Refactor railway-deploy.sh: add --sync-env, --dry-run, --detach flags and service selector
- Add railway-sync-env.sh for pre-deploy environment variable synchronization
- Add RAILWAY_DEPLOYMENT_RUNBOOK.md with step-by-step deployment guide

Co-Authored-By: Oz <oz-agent@warp.dev>
 2026-03-05 20:03:59 -08:00
saravanakumardb1
c66d014044 chore(ux-lab): add notify/states, settings, and command palette kits 2026-03-05 19:56:42 -08:00
saravanakumardb1
504ab0f0f5 chore(ux-lab): remove lovable ops ui kit repo 2026-03-05 19:45:24 -08:00
saravanakumardb1
772dc3994b docs(mcp-server): Phase 14 audit — document bug fix + 12 gap tools in EXECUTION_CHECKLIST 
- social-fast-coordinator bug (currentStage → stages[])
- 9 new client functions across 4 client files
- 12 new MCP tools filling all DOMAIN_PRODUCTS.md spec gaps
- MCP server now at 126 tools (all spec entries implemented)
 2026-03-05 18:19:51 -08:00
saravanakumardb1
3f296a8e72 feat(mcp-server): fill 12 DOMAIN_PRODUCTS.md MCP tool gaps + client fn additions 
Bug fix (committed separately):
  social-fast-coordinator: stage_transition used non-existent currentStage

New client functions:
  nomgap-client: nomgapFastingCreateSession, nomgapProtocolGet,
                 nomgapSocialListGroupFasts (+ GroupFastDoc)
  peakpulse-client: peakpulseRoutesList, peakpulseSyncStatus
  lysnrai-client: lysnraiApiTokenCreate, lysnraiSessionsStats,
                  lysnraiTranscriptsExportBatch
  chronomind-client: chronomindRoutineGet, chronomindSharedTimerShare

New MCP tools (12):
  mindlyst.briefs.generate        — trigger daily brief via mindlystBriefCreate
  mindlyst.memory.getTriageResult — extract TriageResult sub-doc only
  nomgap.fasting.createSession    — start new fast with protocolId
  nomgap.protocols.get            — single protocol lookup
  nomgap.social.listGroupFasts    — list group fast sessions
  peakpulse.routes.list           — list GPS r
Bug fix (committed separately):
  social-fast-coordinator: stage_transition used non-existent currentStage
ats  social-fast-coordinator: staon
New client functions:
  nomgap-client: nomgapFastingCreateSession, nomgarai  nomgaens.rotate                      nomgapSocialListGroupFasts (+ GroupFastDoc)
 d.  peakpulse-client: peakpulseRoutesList, peakpulseSyncStaturg  lysnrai-client: lysnraiApiTokenCreate, lysnraiSessionsStati                  lysnraiTranscriptsExpor                    us  chronomind-client: chronomindRoutineGet, chrerver total: 126 tools across 17 namespaces
 2026-03-05 18:19:04 -08:00
saravanakumardb1
1da3394caf fix(mcp-server): social-fast-coordinator-pipeline — stage_transition used non-existent currentStage field 
FastingSessionDoc has stages: unknown[] not currentStage: string.
- Replace currentStage cast with hasStages check (session.stages.length > 0)
- Fix protocolId extraction to use direct field (session?.protocolId)
- Report currentStage derived from stages.length as 'stage_N' indicator
 2026-03-05 18:13:28 -08:00
saravanakumardb1
64e1263fc0 docs(mcp-server): update EXECUTION_CHECKLIST.md — document A2A batches 1-5 complete 
Phases 9-13 documented with pipeline tables, agent rosters, MCP tool names.
All 14 A2A pipelines across 6 products now implemented and tracked.
MCP server total: 114 tools across 17 namespaces.
 2026-03-05 18:08:51 -08:00