Add complete GraphQL mutation support for activity tracking and child management:
**Activity Mutations:**
- createActivity: Create new activities (feeding, sleep, diaper, medication)
- updateActivity: Update existing activities
- deleteActivity: Delete activities
**Child Mutations:**
- createChild: Add new children to families
- updateChild: Update child information
- deleteChild: Soft delete children
**Implementation Details:**
- Created GraphQL input types (CreateActivityInput, UpdateActivityInput, CreateChildInput, UpdateChildInput)
- Implemented ActivityResolver with full CRUD mutations
- Implemented ChildResolver with full CRUD mutations
- Registered resolvers in GraphQL module with TrackingService and ChildrenService
- Auto-generated GraphQL schema with all mutations
- All mutations protected with GqlAuthGuard for authentication
- Support for JSON metadata fields and Gender enum
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed two critical GraphQL schema issues preventing dashboard data loading:
**Backend Changes:**
- Changed child.birthDate from DATE to TIMESTAMP type in entity and database
- Updated TypeORM entity (child.entity.ts:23)
- Migrated database column: ALTER TABLE children ALTER COLUMN birth_date TYPE TIMESTAMP
- Added JSON scalar support for activity metadata field
- Installed graphql-type-json package
- Created JSONScalar (src/graphql/scalars/json.scalar.ts)
- Updated Activity.metadata from String to GraphQLJSON type
- Auto-generated schema.gql with JSON scalar definition
**Frontend Changes:**
- Fixed Apollo Client token storage key mismatch
- Changed from 'access_token' to 'accessToken' to match tokenStorage utility
- Enhanced dashboard logging for debugging GraphQL queries
**Database Migration:**
- Converted children.birth_date: DATE → TIMESTAMP
- Preserves existing data (2023-06-01 → 2023-06-01 00:00:00)
Resolves errors:
- "Expected DateTime.serialize() to return non-nullable value, returned: null"
- "String cannot represent value: { ... }" for activity metadata
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implemented mobile-first collapsible conversation groups with full group management:
Backend Changes:
- Added PATCH /api/v1/ai/conversations/:id/group endpoint to move conversations
- Added GET /api/v1/ai/groups endpoint to list user groups
- Added updateConversationGroup() service method (ai.service.ts:687-710)
- Added getConversationGroups() service method (ai.service.ts:712-730)
- Uses existing metadata field in AIConversation entity (no migration needed)
- Updated getUserConversations() to include metadata field
Frontend Changes:
- Implemented collapsible group headers with Folder/FolderOpen icons
- Added organizeConversations() to group by metadata.groupName (lines 243-271)
- Added toggleGroupCollapse() for expand/collapse functionality (lines 273-283)
- Implemented context menu with "Move to Group" and "Delete" options (lines 309-320)
- Created Move to Group dialog with existing groups list (lines 858-910)
- Created Create New Group dialog with text input (lines 912-952)
- Mobile-first design with touch-optimized targets and smooth animations
- Right-click (desktop) or long-press (mobile) for context menu
- Shows conversation count per group in header
- Indented conversations (pl: 5) show visual hierarchy
- Groups sorted alphabetically with "Ungrouped" always last
Component Growth:
- Backend: ai.controller.ts (+35 lines), ai.service.ts (+43 lines)
- Frontend: AIChatInterface.tsx (663 → 955 lines, +292 lines)
Mobile UX Enhancements:
- MoreVert icon on mobile vs Delete icon on desktop
- Touch-optimized group headers (larger padding)
- Smooth Collapse animations (timeout: 'auto')
- Context menu replaces inline actions on small screens
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implemented full conversation management interface with the following features:
- Conversation history sidebar (desktop) / drawer (mobile)
- Load and display all user conversations
- Click to load specific conversation
- "New Chat" button to start fresh conversation
- Delete conversation with confirmation dialog
- Persist conversationId across messages in same conversation
- Responsive design with Material-UI breakpoints
Technical Details:
- Added Conversation interface and state management (lines 107-111)
- Load conversations from GET /api/v1/ai/conversations on mount
- Load specific conversation from GET /api/v1/ai/conversations/:id
- Delete conversation via DELETE /api/v1/ai/conversations/:id
- Updated handleSend() to pass currentConversationId instead of null
- Auto-update conversationId from API response for new conversations
- Mobile: Hamburger menu to open drawer
- Desktop: Fixed 320px sidebar with conversation list
Component grew from 420 → 663 lines
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Frontend Compliance Features:
- Created compliance API client (data export, account deletion, deletion status)
- Added DataExport component with download functionality
- Added AccountDeletion component with 30-day grace period UI
- Updated Settings page with Privacy & Compliance sections
COPPA Age Verification:
- Added date of birth field to registration
- Age calculation with COPPA compliance (under 13 blocked)
- Parental email and consent for users 13-17
- Dynamic form validation based on age
Privacy & Terms:
- Separate checkboxes for Terms of Service and Privacy Policy
- Required acceptance for registration
- Links to policy pages
Completes GDPR Right to Data Portability and Right to Erasure.
Completes COPPA parental consent requirements.
Issue: MUI v7 deprecated the old Grid API with 'item', 'xs', 'sm', 'md' props.
Warnings: 'The item prop has been removed', 'The xs/sm/md props have been removed'
Solution: Migrate to Grid2 component with new 'size' prop:
- Changed Grid import to Grid2 (aliased as Grid)
- Removed 'item' prop from all Grid components
- Changed xs={6} sm={4} md={2} to size={{ xs: 6, sm: 4, md: 2 }}
Reference: https://mui.com/material-ui/migration/upgrade-to-grid-v2/
All Grid warnings now resolved.
Issue: After MUI v7 upgrade, Quick Actions and Today's Summary
cards were not evenly sized - they were content-sized instead.
Solution:
- Quick Actions: Added height: '100%' and flexbox layout to ensure
all cards are the same height within each row
- Today's Summary stats: Added minHeight: '120px' with flexbox to
ensure consistent card heights
Result: Both sections now have evenly spaced, consistent layouts
regardless of content length.
Issue: MUI v7 CircularProgress was causing hydration mismatch warnings
due to different CSS class names between server and client renders.
Solution: Only render the MUI loading component on the client side
using isClient state flag. This prevents SSR hydration issues while
maintaining the same functionality.
Changes:
- Added useState to track client-side rendering
- Conditionally render CircularProgress only on client
- Server now renders null for loading state (no hydration mismatch)
- @mui/material: 5.18.0 → 7.3.3
- @mui/icons-material: 5.18.0 → 7.3.3
- @mui/material-nextjs: 7.3.2 → 7.3.3
Server working correctly with MUI v7:
- All pages compile successfully
- HTTP 200 on all routes
- No MUI-related errors
- Next.js upgraded from 14.2.0 to 15.5.4
- React upgraded from 18 to 19.2.0
- react-dom upgraded from 18 to 19.2.0
Frontend server working correctly:
- Dev server starts successfully
- Pages compile without errors
- HTTP 200 responses on all routes
Next steps:
- Fix next.config.js warning (swcMinify is deprecated)
- Upgrade MUI packages
- Upgrade testing libraries
Implements full regulatory compliance for data privacy and child protection:
**GDPR Compliance (Right to Data Portability & Right to Erasure):**
- Data export API endpoint (GET /compliance/data-export)
- Exports all user data across 7 entities in JSON format
- Account deletion with 30-day grace period
- POST /compliance/request-deletion
- POST /compliance/cancel-deletion
- GET /compliance/deletion-status
- Scheduled job runs daily at 2 AM to process expired deletion requests
- Audit logging for all compliance actions
**COPPA Compliance (Children's Online Privacy Protection):**
- Age verification during signup (blocks users under 13)
- Parental consent requirement for users 13-17
- Database fields: date_of_birth, coppa_consent_given, parental_email
- Audit logging for consent events
**Technical Implementation:**
- Created ComplianceModule with service, controller, scheduler
- V015 migration: deletion_requests table
- V016 migration: COPPA fields in users table
- Updated User entity and RegisterDto
- Age calculation helper in AuthService
- Installed @nestjs/schedule for cron jobs
All endpoints secured with JwtAuthGuard. Backend compiles with 0 errors.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Install redux-persist package
- Configure persistReducer with whitelist (offline, activities, children)
- Exclude network slice from persistence (should be fresh on reload)
- Add PersistGate to ReduxProvider with loading indicator
- Configure serializableCheck to ignore persist actions
- Store state now persists to localStorage automatically
This fixes the issue where app state was lost on page reload, improving UX.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
## Backend Changes
- Update tracking.service.ts getDailySummary to calculate actual counts
- Import ActivityType enum for proper type comparisons
- Calculate feedingCount, sleepTotalMinutes, diaperCount, medicationCount
- Sleep duration now correctly calculated from startedAt/endedAt timestamps
## Frontend API Changes
- Add medicationCount to DailySummary interface
- Extract endTime from metadata and send as endedAt to backend
- Enables proper sleep duration tracking with start/end times
## Homepage Updates
- Add Medicine and Activities quick action buttons
- Update summary grid from 3 to 4 columns (responsive layout)
- Add medication count display with MedicalServices icon
- Improve grid responsiveness (xs=6, sm=3)
- Replace Analytics button with Activities button
## New Activities Page
- Create /activities page to show recent activity history
- Display last 7 days of activities with color-coded icons
- Show smart timestamps (Today/Yesterday/date format)
- Activity-specific descriptions (feeding amount, sleep duration, etc.)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Voice command improvements:
- Auto-start listening when voice dialog opens (removes extra tap/click)
- Added Activity option to unknown intent dialog
- Users can now speak immediately after clicking the mic button
Desktop navigation:
- Added Home icon button in top bar/header for quick navigation to main page
- Positioned between app title and user avatar
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added new tracking pages:
- Medicine tracker: track medication name, dosage, unit, route, and reason
- Activity tracker: track play, exercise, walks, music, reading, tummy time, etc.
- Both pages follow existing tracker patterns with recent activities list
Voice command improvements:
- Updated voice classification to support medicine and activity types
- Added detailed extraction fields for medicine (medicineName, dosage, unit, route, reason)
- Added detailed extraction fields for activity (activityType, duration, description)
- Enhanced unknown intent dialog with manual tracker selection
- Updated tracker options to match implemented pages (removed milestone)
Backend changes:
- Added MEDICINE and ACTIVITY to ActivityType enum
- Created migration V013 to add medicine/activity to database CHECK constraint
- Updated voice service prompts to include medicine and activity extraction
Frontend changes:
- Created /track/medicine page with full CRUD operations
- Created /track/activity page with full CRUD operations
- Added Medicine card to /track page with MedicalServices icon
- Updated VoiceFloatingButton unknown dialog with 4 tracker options
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed multiple issues with voice command workflow:
**Status Transition Fixes:**
- Fixed infinite loop in status update useEffect by checking if status actually needs to change
- Status now properly transitions: listening → understanding → review/close
- Added debug logging to track status changes
**UI Bug Fixes:**
- Fixed crash in diaper tracker when conditions field is undefined (voice-created activities)
- Auto-close dialog when classification returns "unknown" type
- Added optional chaining for conditions.join() in getDiaperDetails
**Changes:**
- VoiceFloatingButton: Prevent setting same status repeatedly
- VoiceFloatingButton: Close dialog on unknown classification
- Diaper page: Handle missing conditions field gracefully
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implemented complete review/edit workflow for voice commands with ML feedback collection:
**Backend:**
- Created V012 migration for voice_feedback table with user action tracking
- Added VoiceFeedback entity with approval/edit/reject actions
- Implemented voice feedback API endpoint (POST /api/v1/voice/feedback)
- Fixed user ID extraction bug (req.user.userId vs req.user.sub)
**Frontend:**
- Built VoiceActivityReview component with field-specific editors
- Integrated review dialog into voice command workflow
- Added approve/edit/reject handlers with feedback submission
- Fixed infinite loop by tracking processed classification IDs
**Features:**
- Users can review AI-extracted data before saving
- Quick-edit capabilities for all activity fields
- Feedback data stored for ML model improvement
- Activity creation only happens after user approval/edit
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Backend changes:
- Update LLM prompt to use correct field names matching frontend interfaces
- Use 'diaperType' instead of 'type' for diaper activities
- Use 'feedingType' instead of 'method' for feeding activities
- Simplify sleep structure (duration, quality, location only)
Frontend changes:
- Add processedClassificationId tracking to prevent infinite loop
- Create unique ID for each classification to avoid duplicate processing
- Reset processed ID when dialog opens/closes or new recording starts
This fixes the issue where voice commands created multiple duplicate
activities and had mismatched data structures causing tracker warnings.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix login endpoint to return families as array of objects instead of strings
- Update auth interface to match /auth/me endpoint structure
- Add silence detection to voice input (auto-stop after 1.5s)
- Add comprehensive status messages to voice modal (Listening, Understanding, Saving)
- Unify voice input flow to use MediaRecorder + backend for all platforms
- Add null checks to prevent tracking page crashes from invalid data
- Wait for auth completion before loading family data in HomePage
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Replace navigation to pre-filled forms with direct API activity creation
- Fetch children from family and use first child (can be enhanced for name matching)
- Show success/error messages with proper feedback
- Auto-close dialog after successful save
- Add test endpoint /api/v1/voice/test-classify for easy testing
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add URL parameter reading to diaper tracking page for voice-extracted data
- Add comprehensive server-side logging in voice controller and service
- Log request type (Web Speech API vs MediaRecorder), input text/audio, GPT calls, and classification results
- Enable automatic form pre-filling when voice commands navigate to tracking pages
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Set continuous=true to keep listening through pauses
- Only process final results, ignore interim transcripts
- Add usesFallback check to route Web Speech API transcripts through classification
- Desktop now captures complete phrases before classification
- Add detailed logging for debugging recognition flow
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove temperature parameter from GPT-5-mini activity extraction (not supported)
- Add classification state to useVoiceInput hook to avoid duplicate API calls
- Prevent infinite loop in VoiceFloatingButton by tracking lastClassifiedTranscript
- Use classification from backend directly instead of making second request
- iOS Safari now successfully transcribes with Azure Whisper and classifies with GPT-5-mini
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Force MediaRecorder fallback for all iOS Safari devices
- Add iOS device detection to avoid Web Speech API on iOS
- Support multiple audio formats (webm, mp4, default) for compatibility
- Add comprehensive error logging throughout the flow
- Improve error messages with specific guidance for each error type
- Add console logging to track microphone permissions and recording state
- Better handling of getUserMedia permissions
This should help diagnose and fix the "Failed to recognize speech" error
by ensuring iOS Safari uses the MediaRecorder path with proper permissions.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Frontend changes:
- Add MediaRecorder fallback for iOS Safari (no Web Speech API support)
- Automatically detect browser capabilities and use appropriate method
- Add usesFallback flag to track which method is being used
- Update UI to show "Recording..." vs "Listening..." based on method
- Add iOS-specific indicator text
- Handle microphone permissions and errors properly
Backend changes:
- Update /api/v1/voice/transcribe to accept both audio files and text
- Support text-based classification (from Web Speech API)
- Support audio file transcription + classification (from MediaRecorder)
- Return unified response format with transcript and classification
How it works:
- Chrome/Edge: Uses Web Speech API for realtime transcription
- iOS Safari: Records audio with MediaRecorder, sends to server for transcription
- Fallback is transparent to the user with appropriate UI feedback
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add LOGIN_BIOMETRIC to AuditAction enum
- Import AuditAction and EntityType in AuthService
- Fix loginWithExternalAuth return type to match AuthResponse interface
- Update biometric API client to use correct response structure
- Update login page to access tokens from nested data structure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add biometric authentication button with Face ID/Touch ID/Windows Hello support
- Check WebAuthn support and platform authenticator availability on mount
- Handle biometric login flow with proper error handling
- Show biometric button only when device supports it
- Add loading states and user-friendly error messages
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Create biometric API client with WebAuthn methods
- Add BiometricSettings component for credential management
- Support Face ID, Touch ID, Windows Hello enrollment
- Display list of enrolled credentials with metadata
- Add/remove/rename biometric credentials
- Check browser and platform authenticator support
- Integrate into settings page with animations
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implements user interface for viewing and managing active sessions:
Session Management Features:
- SessionsManagement component with full session management UI
- List all active sessions with device information
- Platform-specific icons (Computer, Phone, Tablet)
- Current session indicator with green chip
- Session details: device fingerprint, platform, last used, created date
- Revoke individual sessions with confirmation dialog
- Revoke all sessions except current with bulk action
- Real-time session count display
User Experience:
- Visual device type indicators
- Human-readable time formatting (e.g., "2 hours ago")
- Current session clearly marked and protected from removal
- Warning dialogs before revoking sessions
- Success/error feedback with alerts
- Loading states for all operations
- Empty state handling
API Integration:
- Sessions API client in lib/api/sessions.ts
- Get all sessions
- Get session count
- Revoke specific session
- Revoke all sessions except current
- Proper error handling and user feedback
Settings Page Integration:
- Added Sessions Management section
- Placed after Security/MFA settings
- Animated transitions with staggered delays
- Maintains consistent settings page layout
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implements MFA verification dialog for login flow:
MFA Verification Features:
- MFAVerificationDialog component for code entry
- TOTP code input (6-digit authenticator app code)
- Email code input with auto-send on dialog open
- Backup code support mentioned in help text
- Resend email code functionality
- Auto-focus on code input field
- Large, centered code input for easy entry
- Real-time validation (6-digit code required)
Login Flow Integration:
- Detect MFA requirement from login API error
- Show MFA dialog when MFA is enabled for user
- Handle MFA verification success with token storage
- Allow cancellation to retry login
- Seamless transition after successful verification
User Experience:
- Email codes sent automatically
- Visual feedback for code sending/verification
- Error alerts for invalid codes
- Loading states for all async operations
- Clean, focused dialog design
- Tip about backup codes
Implementation Details:
- Integrated with existing login page
- Error handling for MFA-required responses
- Token storage after MFA verification
- Navigation after successful MFA
- Support for both TOTP and Email MFA methods
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implemented comprehensive rate limiting for API security:
- Created custom Next.js-native rate limiter using in-memory store
- Added 5 rate limit configurations:
- authLimiter: 5 requests/15min for login/register/password-reset
- aiLimiter: 10 requests/hour for AI assistant queries
- trackingLimiter: 30 requests/min for activity tracking
- readLimiter: 100 requests/min for read-only endpoints
- sensitiveLimiter: 3 requests/hour for sensitive operations
- Applied rate limiting to endpoints:
- /api/auth/login, /api/auth/register, /api/auth/password-reset
- /api/ai/chat
- /api/tracking/feeding (GET and POST)
- Rate limit responses include standard headers:
- RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset
- Retry-After header with seconds until reset
- Tested with 7 sequential requests - first 5 passed, last 2 blocked with 429
Note: Current implementation uses in-memory store. For production with
multiple instances, migrate to Redis-backed storage for distributed
rate limiting.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Changed network detection to only mark as offline on actual network errors,
not on HTTP errors like 404. This fixes the issue where the app shows
'You are offline' even when connected, which happens when accessing through
a reverse proxy where the /api/health endpoint might not be properly routed.
Now the app will show as online as long as it can reach the server
(any HTTP response), and only show offline on true connection failures.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Created /api/health endpoint that returns 200 OK to allow Redux
network detection middleware to properly check connectivity status.
Without this endpoint, the app was showing as offline even when
connected to the internet.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added Redux Provider to app layout and simplified Redux store to work
properly with Next.js SSR.
**Changes:**
- Added ReduxProvider wrapper to root layout (app/layout.tsx)
- Fixed ReduxProvider TypeScript type (React.ReactNode)
- Simplified store configuration by removing @redux-offline package
- Removed packages incompatible with SSR:
- @redux-offline/redux-offline
- redux-persist
- localforage
- Re-added NetworkStatusIndicator to main page (now works with Redux)
- Kept custom offline middleware and sync middleware for offline-first functionality
**Why:**
The @redux-offline package and localforage try to access browser APIs (IndexedDB,
localStorage) during SSR, causing "No available storage method found" errors.
Our custom offline middleware provides the same functionality without SSR issues.
**Result:**
Redux store now works correctly with:
- Network status detection
- Offline action queuing
- Custom sync middleware
- Activities and children slices with optimistic updates
Next step: Can add redux-persist back with proper SSR guards if needed.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The NetworkStatusIndicator component requires Redux Provider to be set up,
which is not yet integrated in the app. Removed it from the main page to
prevent "could not find react-redux context value" errors.
NetworkStatusIndicator will be added back once Redux Provider is properly
configured in the app root.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
