replit/timmy-tower
2
0
Fork 0
Code Issues 26 Pull Requests 5 Actions Packages Projects Releases Wiki Activity
156 Commits 15 Branches 0 Tags
3d15512e5094fba4df6148b44fcff3cc48335051
Commit Graph

10 Commits

Author SHA1 Message Date
alexpaynex
ac3493fc69 task/33: Relay admin panel at /admin/relay (post-review fixes) 
## What was built
Relay operator dashboard at GET /admin/relay (clean URL, not under /api).
Served as inline vanilla-JS HTML from Express, no build step.

## Routing
admin-relay-panel.ts imported in app.ts and mounted directly via app.use()
BEFORE the /tower static middleware — so /admin/relay is the canonical URL.
Removed from routes/index.ts to avoid /api/admin/relay duplication.

## Auth (env var aligned: ADMIN_TOKEN)
- Backend (admin-relay.ts): checks ADMIN_TOKEN first, falls back to ADMIN_SECRET
  for backward compatibility. requireAdmin exported for reuse in queue router.
- admin-relay-queue.ts: removed duplicated requireAdmin, imports from admin-relay.ts
- Frontend: prompt text says "ADMIN_TOKEN", localStorage key 'relay_admin_token',
  token stored after successful /api/admin/relay/stats 401 probe.

## Stats endpoint (GET /api/admin/relay/stats) — 3 fixes:
1. approvedToday: now filters AND(status IN ('approved','auto_approved'),
   decidedAt >= UTC midnight today). Previously counted all statuses.
2. liveConnections: fetches STRFRY_URL/stats with 2s AbortSignal timeout.
   Returns null gracefully when strfry is unavailable (dev/non-Docker).
3. Drizzle imports updated: and(), inArray() added.

## Queue endpoint: contentPreview added
GET /api/admin/relay/queue response now includes contentPreview (string|null):
  JSON.parse(rawEvent).content sliced to 120 chars; gracefully null on failure.

## Admin panel features
Stats bar (4 metric cards): Pending review (yellow), Approved today (green),
Accounts (purple), Relay connections (blue — null → "n/a" in UI).

Queue tab: fetches /admin/relay/queue?status=pending (pending-only, per spec).
Columns: Event ID, Pubkey, Kind, Content preview, Status pill, Queued, Actions.
Approve/Reject buttons; 15s auto-refresh; toast feedback.

Accounts tab: whitelist table, Revoke per-row (with confirm dialog), Grant form
(pubkey + access level + notes, 64-char hex validation before POST).

Navigation: ← Timmy UI, Workshop links; Log out clears token + stops timer.

## Smoke tests (all pass, TypeScript 0 errors)
GET /admin/relay → 200 HTML title ✓; screenshot shows auth gate ✓
GET /api/admin/relay/stats → correct fields incl. liveConnections:null ✓
Queue ?status=pending filter ✓; contentPreview in queue response ✓
 2026-03-19 20:50:38 +00:00
Replit Agent
9b778351e4 feat(#26): Nostr identity + trust engine 
- New nostr_identities DB table (pubkey, trust_score, tier, interaction_count, sats_absorbed_today, last_seen)
- nullable nostr_pubkey FK on sessions + jobs tables; schema pushed
- TrustService: getTier, getOrCreate, recordSuccess/Failure, HMAC token (issue/verify)
- Soft score decay (lazy, on read) when identity absent > N days
- POST /api/identity/challenge + POST /api/identity/verify (NIP-01 sig verification)
- GET /api/identity/me — look up trust profile by X-Nostr-Token
- POST /api/sessions + POST /api/jobs accept optional nostr_token; bind pubkey to row
- GET /sessions/:id + GET /jobs/:id include trust_tier in response
- recordSuccess/Failure called after session request + job work completes
- X-Nostr-Token added to CORS allowedHeaders + exposedHeaders
- TIMMY_TOKEN_SECRET set as persistent shared env var
 2026-03-19 15:59:14 +00:00
Replit Agent
d62cd4c1eb fix: serve tower assets at /assets root + add .ai CORS origin 
- Mirror /tower/assets at /assets so Vite absolute paths load correctly
- Add alexanderwhitestone.ai and www.alexanderwhitestone.ai to CORS allowlist
 2026-03-19 14:39:29 +00:00
Replit Agent
add08e363a fix: use process.cwd() for tower path — import.meta.url is undefined in CJS bundle 2026-03-19 13:59:57 +00:00
Replit Agent
9de2396457 feat: Alexander Whitestone landing page + the-matrix dist at /tower 
- Root / serves branded landing page (falling amber digit rain, enter button)
- /tower serves pre-built the-matrix frontend (Three.js Workshop world)
- config.js patched: WS URL auto-detects from window.location.host
- No manual ?ws= param needed — works on any domain
 2026-03-19 07:12:26 +00:00
replit
e088ca4cd8 feat(integration): WS bridge + Tower + payment panel + E2E test [10/10 PASS] (#26) 2026-03-18 21:20:51 -04:00
replit
83a2ec19e2 fix(testkit): macOS compat + fix test 8c ordering (#24) 2026-03-18 21:01:13 -04:00
alexpaynex
adde196a40 Task #7: Redirect root to Timmy UI 
Added two redirect routes in artifacts/api-server/src/app.ts:
- GET / → 302 redirect to /api/ui
- GET /api → 302 redirect to /api/ui

This means opening the preview URL or the root of the app immediately
lands on the Timmy UI without any manual navigation.

No changes to the UI itself, no new routes, no new files.
Verified: both / and /api return HTTP 302 with Location: /api/ui.
 2026-03-18 20:16:48 +00:00
alexpaynex
f3de9e9ab0 Add trust proxy configuration and job ID validation 
Adds `app.set('trust proxy', 1)` to `app.ts` for correct IP rate limiting and implements Zod validation for the `:id` parameter in the `GET /jobs/:id` route within `jobs.ts`.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 418bf6f8-212b-4bb0-a7a5-8231a061da4e
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 7049b42e-1d56-48f8-bf54-25cef7c7880b
Replit-Helium-Checkpoint-Created: true
 2026-03-18 15:34:05 +00:00
agent
c8ed262197 Initial commit 2026-03-13 23:21:55 +00:00