Commit Graph

17 Commits

Author SHA1 Message Date
Rob Colbert
896aff1b02 Fix User Settings persona display issue
- Switch frontend sign-in to /api/v1/auth/sign-in endpoint (includes persona)
- Add updateUser() to App context for proper state management
- Fix Settings.tsx save flow to use updateUser() instead of broken localStorage merge
- Remove unused web AuthController (gadget-code/src/controllers/auth.ts)
- Fix UserApiControllerV1 to return flat user object instead of double-wrapped
- Remove SessionType enum and references (dead code)
- Add proper server sign-out call before clearing local state

Resolves issue where User Settings view didn't display persona text even though it existed in the database.
2026-05-12 01:15:00 -04:00
Rob Colbert
a961a98dcf fix(auth): include persona field in sign-in response
The persona field was missing from both the session object and the API
response during sign-in, causing User Settings to display an empty field
even when the user had a persona defined in the database.
2026-05-11 17:59:06 -04:00
Rob Colbert
009863cf2b fix: resolve drone heartbeat timeouts and JWT expiration bugs
This commit addresses two interrelated issues causing drones to
de-register and users to be forcibly signed out:

## Heartbeat Timeout Fixes

1. Move heartbeat interval to a Web Worker (not subject to browser
   tab throttling). Chrome throttles setInterval in background tabs
   to ~1/min, which causes the 19s heartbeat to miss the drone's
   timeout timer. The Web Worker fires reliably regardless of tab
   visibility.

2. Add visibilitychange handler: when the tab becomes visible again,
   send an immediate heartbeat to reset the drone's timer after any
   throttling that may have occurred.

3. Fix onReleaseSessionLock to clear the heartbeat timer. Previously,
   releasing the lock left the 60s timer running, causing a spurious
   timeout and status emit after the lock was already released.

4. Increase drone heartbeat timeout from 60s to 120s. With the Web
   Worker fix, heartbeats should be reliable, but doubling the timeout
   provides a generous safety margin.

5. Add socket disconnect/reconnect handlers on the drone side. On
   disconnect, clear the heartbeat timer. On reconnect, re-emit drone
   status so the platform knows the drone is alive.

6. Configure Socket.IO pingInterval/pingTimeout explicitly (25s/60s)
   instead of relying on defaults.

## JWT Expiration Fixes

1. Increase WebToken DB record expiration from 1 hour to 7 days. The
   1-hour expiration was the real session lifetime gate (the JWT crypto
   exp was already 24h), and it was far too aggressive for a dev tool.

2. Fix web /auth/renew-token endpoint to use req.user from the session
   cookie instead of verifyJsonWebToken(req.body.token). This eliminates
   the catch-22 where an expired token cannot be used to request its
   own renewal.

3. Fix token refresh response parsing. The API v1 renew-token endpoint
   returns { success: true, token } at the top level, but the frontend
   was looking for json.data?.token, causing every refresh to fail.

4. Add proactive token refresh: check the JWT exp claim before each
   request and refresh if expiring within 5 minutes. This avoids
   unnecessary 401 errors and the resulting socket disconnections.

5. Update socket JWT on token renewal via a callback registered in
   App.tsx. This ensures that future socket reconnections use the new
   token instead of the expired one.

## Files Modified

- gadget-code/frontend/src/workers/heartbeat.worker.ts (NEW)
- gadget-code/frontend/src/lib/socket.ts
- gadget-code/frontend/src/lib/api.ts
- gadget-code/frontend/src/App.tsx
- gadget-code/src/services/session.ts
- gadget-code/src/controllers/auth.ts
- gadget-code/src/services/socket.ts
- gadget-drone/src/gadget-drone.ts
2026-05-11 17:46:09 -04:00
Rob Colbert
d7f694fa8c a pile of small fixes 2026-05-11 07:08:18 -04:00
Rob Colbert
8eff66dcec user settings 2026-05-08 14:08:49 -04:00
Rob Colbert
11bdd5e3b0 make reasoning effort configurable; remove sign up concept
- Implemented reasoning effort setting in SESSION panel of Chat Sessio
View
- Removed all ability to "sign up" for an account
2026-05-08 11:40:30 -04:00
Rob Colbert
2dd3d55ecd fix chat session mode select in IDE 2026-05-08 02:24:45 -04:00
Rob Colbert
f35a0ce921 a lot of review and by-hand cleanup (wip) 2026-05-05 05:28:09 -04:00
Rob Colbert
bab0b1810f many fixes
- JWT refresh logic to prevent dead sessions
- drone status messages now arrive in IDE for display
- WorkspaceService.deployProject method added to clone into a repo or
create the directory (new project not yet in git)
2026-05-03 04:15:48 -04:00
Rob Colbert
64c4304f42 finishing touches on move to GadgetId from ObjectId 2026-05-01 15:07:37 -04:00
Rob Colbert
404532012e move from Types.ObjectId to GadgetId (a string) 2026-05-01 14:31:00 -04:00
Rob Colbert
50b9618d4e project manager and chat session progress 2026-05-01 08:13:22 -04:00
Rob Colbert
c6d0c66563 drone manager created (wip) 2026-04-30 09:40:27 -04:00
Rob Colbert
089a5b5fab checkpoint 2026-04-29 18:59:42 -04:00
Rob Colbert
db0d1586d6 front-end progress; Socket.IO messaging API; inquirer for credentials 2026-04-29 00:24:38 -04:00
Rob Colbert
2e9571a74e Implement dark industrial theme, Project Manager, and JWT authentication
- Add dark industrial theme with brand color #c20600 and CSS variables
- Create Header component with version display and user dropdown menu
- Create StatusBar with connection indicator and project/session display
- Create ProjectManager page with CRUD, list view, and inspector
- Add JWT Bearer token to API requests for authenticated endpoints
- Add project API endpoints (GET/POST/PUT/DELETE /api/v1/projects)
- Add ProjectService methods: findById, findBySlug, delete
- Add unit tests for project API endpoints
- Add Playwright E2E tests for projects flow
- Update UI design guide with implementation details
- Fix: empty JSON body parsing in web-app.ts middleware
2026-04-28 17:13:49 -04:00
Rob Colbert
1edc3a85b8 created by merging gadget-code and gadget-drone 2026-04-28 09:20:37 -04:00