7 Commits

Author	SHA1	Message	Date
Andrei	a6b3ad67fb	feat: Complete Docker infrastructure and CI/CD pipeline ... - Created production-ready Dockerfiles with multi-stage builds - Implemented complete CI/CD pipeline with GitHub Actions: - Automated testing for backend and frontend - Security scanning with Trivy - Docker image building and pushing to GHCR - Automated deployments to dev and production - Zero-downtime deployment strategy with rollback - Set up docker-compose for both development and production - Configured Nginx reverse proxy with SSL support - Domain configuration: - Development: maternal.noru1.ro:3005, maternal-api.noru1.ro:3015 - Production: parentflowapp.com, api.parentflowapp.com - Created comprehensive health check endpoints for monitoring - Updated port configuration for development environment - Added environment-specific configuration files 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-06 13:49:28 +00:00
Andrei	c60467b6f9	Fix login data structure and improve voice input UX ... - Fix login endpoint to return families as array of objects instead of strings - Update auth interface to match /auth/me endpoint structure - Add silence detection to voice input (auto-stop after 1.5s) - Add comprehensive status messages to voice modal (Listening, Understanding, Saving) - Unify voice input flow to use MediaRecorder + backend for all platforms - Add null checks to prevent tracking page crashes from invalid data - Wait for auth completion before loading family data in HomePage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-02 10:25:13 +00:00
Andrei	a44faf6ef4	Fix voice input for iOS Safari and prevent infinite loop ... - Remove temperature parameter from GPT-5-mini activity extraction (not supported) - Add classification state to useVoiceInput hook to avoid duplicate API calls - Prevent infinite loop in VoiceFloatingButton by tracking lastClassifiedTranscript - Use classification from backend directly instead of making second request - iOS Safari now successfully transcribes with Azure Whisper and classifies with GPT-5-mini 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-02 07:15:44 +00:00
Andrei	79966a6a6d	Add voice intent classification for hands-free tracking ... Implemented comprehensive voice command understanding system: **Intent Classification:** - Feeding intent (bottle, breastfeeding, solid food) - Sleep intent (naps, nighttime sleep) - Diaper intent (wet, dirty, both, dry) - Unknown intent handling **Entity Extraction:** - Amounts with units (ml, oz, tbsp): "120 ml", "4 ounces" - Durations in minutes: "15 minutes", "for 20 mins" - Time expressions: "at 3:30 pm", "30 minutes ago", "just now" - Breast feeding side: "left", "right", "both" - Diaper types: "wet", "dirty", "both" - Sleep types: "nap", "night" **Structured Data Output:** - FeedingData: type, amount, unit, duration, side, timestamps - SleepData: type, duration, start/end times - DiaperData: type, timestamp - Ready for direct activity creation **Pattern Matching:** - 15+ feeding patterns (bottle, breast, solid) - 8+ sleep patterns (nap, sleep, woke up) - 8+ diaper patterns (wet, dirty, bowel movement) - Robust keyword detection with variations **Confidence Scoring:** - High: >= 0.8 (strong match) - Medium: 0.5-0.79 (probable match) - Low: < 0.5 (uncertain) - Minimum threshold: 0.3 for validation **API Endpoint:** - POST /api/voice/transcribe - Classify text or audio - GET /api/voice/transcribe - Get supported commands - JSON response with intent, confidence, entities, structured data - Audio transcription placeholder (Whisper integration ready) **Implementation Files:** - lib/voice/intentClassifier.ts - Core classification (600+ lines) - app/api/voice/transcribe/route.ts - API endpoint - scripts/test-voice-intent.mjs - Test suite (25 tests) - lib/voice/README.md - Complete documentation **Test Coverage:** 25 tests, 100% pass rate ✅ Bottle feeding (3 tests) ✅ Breastfeeding (3 tests) ✅ Solid food (2 tests) ✅ Sleep tracking (6 tests) ✅ Diaper changes (7 tests) ✅ Edge cases (4 tests) **Example Commands:** - "Fed baby 120 ml" → bottle, 120ml - "Nursed on left breast for 15 minutes" → breast_left, 15min - "Changed wet and dirty diaper" → both - "Napped for 45 minutes" → nap, 45min System converts natural language to structured tracking data with high accuracy for common parenting voice commands. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-01 20:20:07 +00:00
Andrei	f640e091ce	Add prompt injection protection for AI endpoints ... Implemented comprehensive security against prompt injection attacks: **Detection Patterns:** - System prompt manipulation (ignore/disregard/forget instructions) - Role manipulation (pretend to be, act as) - Data exfiltration (show system prompt, list users) - Command injection (execute code, run command) - Jailbreak attempts (DAN mode, developer mode, admin mode) **Input Validation:** - Maximum length: 2,000 characters - Maximum line length: 500 characters - Maximum repeated characters: 20 consecutive - Special character ratio limit: 30% - HTML/JavaScript injection blocking **Sanitization:** - HTML tag removal - Zero-width character stripping - Control character removal - Whitespace normalization **Rate Limiting:** - 5 suspicious attempts per minute per user - Automatic clearing on successful validation - Per-user tracking with session storage **Context Awareness:** - Parenting keyword validation - Domain-appropriate scope checking - Lenient validation for short prompts **Implementation:** - lib/security/promptSecurity.ts - Core validation logic - app/api/ai/chat/route.ts - Integrated validation - scripts/test-prompt-injection.mjs - 19 test cases (all passing) - lib/security/README.md - Documentation **Test Coverage:** ✅ Valid parenting questions (2 tests) ✅ System manipulation attempts (4 tests) ✅ Role manipulation (1 test) ✅ Data exfiltration (3 tests) ✅ Command injection (2 tests) ✅ Jailbreak techniques (2 tests) ✅ Length attacks (2 tests) ✅ Character encoding attacks (2 tests) ✅ Edge cases (1 test) All suspicious attempts are logged with user ID, reason, risk level, and timestamp for security monitoring. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-01 20:15:11 +00:00
Andrei	8e3567e3d6	Add rate limiting to API endpoints ... Implemented comprehensive rate limiting for API security: - Created custom Next.js-native rate limiter using in-memory store - Added 5 rate limit configurations: - authLimiter: 5 requests/15min for login/register/password-reset - aiLimiter: 10 requests/hour for AI assistant queries - trackingLimiter: 30 requests/min for activity tracking - readLimiter: 100 requests/min for read-only endpoints - sensitiveLimiter: 3 requests/hour for sensitive operations - Applied rate limiting to endpoints: - /api/auth/login, /api/auth/register, /api/auth/password-reset - /api/ai/chat - /api/tracking/feeding (GET and POST) - Rate limit responses include standard headers: - RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset - Retry-After header with seconds until reset - Tested with 7 sequential requests - first 5 passed, last 2 blocked with 429 Note: Current implementation uses in-memory store. For production with multiple instances, migrate to Redis-backed storage for distributed rate limiting. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-01 20:08:28 +00:00
Andrei	78aef1d918	feat: Add health check endpoint for network status detection ... Created /api/health endpoint that returns 200 OK to allow Redux network detection middleware to properly check connectivity status. Without this endpoint, the app was showing as offline even when connected to the internet. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-01 19:44:42 +00:00