manohar/tia
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update CLAUDE.md with auth and admin info

Browse source
This commit is contained in:
Manohar Gupta 2026-05-10 23:42:16 +05:30
parent 57e852bfbc
commit 1f8cf74188
1 changed files with 60 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

87
CLAUDE.md
View file

@ -27,7 +27,7 @@ docker-compose -f docker-compose.dev.yml up -d # Start local Postgres
- **Framework:** Next.js 16 with App Router (src/app/)
- **Database:** PostgreSQL 16 with pgvector + Drizzle ORM
- **Auth:** NextAuth v5 (beta) with magic links
- **Auth:** Database sessions with httpOnly cookies
- **AI:** LiteLLM gateway → MiniMax model (minimax-2.7)
- **Storage:** Cloudflare R2 for media uploads
- **Styling:** Tailwind CSS v4
@ -46,9 +46,11 @@ src/
│ ├── menu/ # Navigation menu
│ ├── onboarding/ # First-time setup
│ ├── settings/ # Settings with theme picker
│ └── login/ # Magic link login
│ ├── login/ # User login (magic)
│ ├── admin/ # Admin panel
│ └── admin-login/ # Admin login (separate)
├── ThemeProvider.tsx # Theme context (light/dark/system/time)
├── ThemeProvider
├── FamilyProvider.tsx # Family/child context (resolves from session)
drizzle/ # Database migrations
docs/ # Design docs
```
@ -62,8 +64,9 @@ docs/ # Design docs
### Data Models
- **Family:** Parent account container
- **Members:** Adults in family (mom, dad, etc.)
- **Members:** Adults in family (mom, dad, etc.) via `family_members`
- **Children:** Baby profiles with birth date
- **Sessions:** Login sessions with httpOnly cookies
- **Logs:** Feed, sleep, diaper entries with timestamps
- **Vaccinations:** IAP schedule tracking
- **Growth:** Weight/height over time
@ -80,6 +83,16 @@ const { theme, toggle, setMode } = useTheme();
// mode: "light" | "dark" | "system" | "time"
```
**FamilyProvider:** Resolves family from database session on login.
```typescript
import { useFamily } from "./FamilyProvider";
const { familyId, child, children, tier } = useFamily();
// familyId: string | null (from session)
// child: Child | null
// tier: "free" | "pro"
```
**Offline Queue:** Uses localStorage (`tia_offline_queue`) for failed API calls, retries when online.
**Chat Sessions:** Stored in localStorage (`tia_chat_sessions`) - shared between home page AI card and /ai page.
@ -92,6 +105,48 @@ const { theme, toggle, setMode } = useTheme();
- Model: `minimax-2.7`
- See `/docs/debugging.md` for troubleshooting
## Authentication (Database Sessions)
### Session Flow
1. User logs in at `/login` with email
2. API `/api/auth/signin` creates session in `sessions` table
3. Session token stored in **httpOnly cookie** (NOT localStorage!)
4. On each request, session resolved from database via cookie
### Tables Used
- **users:** User accounts (email, name)
- **families:** Family accounts (name, tier, limits)
- **family_members:** Links users to families (user_id, family_id, role)
- **children:** Child profiles (name, birth_date, family_id)
- **sessions:** Login sessions (session_token, user_id, expires)
### NEVER use localStorage for:
- authentication tokens
- family_id after login
- Any data that should persist across devices
### localStorage Acceptable For:
- Theme preference (user-specific display only)
- Temporary cache (offline queue for retry)
- Chat sessions (upcoming feature: move to database)
## Admin Panel
Access at: `/admin-login` (username: `admin`, password: `admin123`)
### Pages
- `/admin` - Dashboard with stats
- `/admin/families` - Manage families
- `/admin/users` - Manage users
- `/admin/children` - Manage children
- `/admin/revenue` - Revenue analytics
- `/admin/analytics` - Feature usage
- `/admin/support` - Support tickets
- `/admin/settings` - Platform settings
## Data Storage Consistency
### RULE: All user data must persist to database, NOT localStorage
@ -104,33 +159,11 @@ const { theme, toggle, setMode } = useTheme();
| Growth Records | Database | `/api/growth` | ✅ Yes | ✅ Yes |
| User Profile | Database | `/api/auth/profile` | ✅ Yes | ✅ Yes |
| Memories/Photos | Database + R2 | `/api/upload` | ✅ Yes | ✅ Yes |
| **Medicines** | Database | `/api/medicines` | ⚠️ TODO | ⚠️ TODO |
| **Allergies** | Database | `/api/allergies` | ⚠️ TODO | ⚠️ TODO |
| **Doctor Visits** | Database | `/api/visits` | ⚠️ TODO | ⚠️ TODO |
| **Illness Log** | Database | `/api/illnesses` | ⚠️ TODO | ⚠️ TODO |
| Auth Session | Database + Cookie | `/api/auth/signin` | ✅ Yes | ✅ No |
| Theme | localStorage | `tia_theme` | ✅ Yes | ✅ Yes |
| Chat Sessions | localStorage | `tia_chat_sessions` | ✅ Yes | ❌ No |
| Offline Queue | localStorage | `tia_offline_queue` | ✅ Yes | ❌ No |
### localStorage acceptable for:
- Theme preference (user-specific display only)
- Temporary cache (offline queue for retry)
- Chat sessions (upcoming feature: move to database)
### NEVER use localStorage for:
- Medical/health data (medicines, allergies, visits, illnesses)
- Any data that should persist across devices
- Data important for pediatrician visits
### Audit (2026-05-10)
All data now consistently uses database:
- ✅ Medicines → `/api/medicines`
- ✅ Allergies → `/api/allergies`
- ✅ Doctor Visits → `/api/visits`
- ✅ Illness Log → `/api/illnesses`
- ✅ Chat Sessions → `/api/chat`
## R2 Storage (Cloudflare)
### Setup