CLIENT__IDAA_and_customized_mods.md:
- Verification Flow: describe Aether proxy call, not direct browser-to-Novi fetch
- Replace old fetch() code snippet with new Aether endpoint call
- Update novi_idaa_api_key / novi_api_root_url field descriptions (server-side only now)
- Security notes: key never sent to browser; shape changes go in backend method
- Rate limit note: 12h TTL (was 5-min), add 503 auto-retry behavior
- Fix Redis cache key: idaa:novi_member:{uuid} (account_id was dropped from key)
GUIDE__AE_API_V3_for_Frontend.md §12:
- 503 frontend action: auto-retry once after 3s before api_error
- Mark migration section complete (2026-05-19); update table to show retry behavior
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Classify persistent network/timeout failures as 'network_error' (separate from
generic 'api_error') so the UI can show a targeted message
- Add actionable hint for members on hotel WiFi, VPN, or corporate networks:
turn off VPN, switch to cellular, try a different network
- Extend VERIFIED_TTL_MS_DEFAULT from 45 min to 12 hours — covers a full workday
so members at conferences do not need to re-verify mid-day
- Document planned server-side Novi verification FastAPI endpoint in
CLIENT__IDAA_and_customized_mods.md (once implemented, eliminates client-side
Cloudflare/IP-reputation exposure entirely)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Access Gate: document new verify_error_type states (rate_limited/api_error),
retry/reset UI buttons added in the previous session
- Search Architecture: correct 'contacts not searchable' — default_qry_str already
includes contact data; two bugs fixed 2026-05-19 (stale STORED GENERATED columns,
frontend secondary filter dropping API-matched results). IDB fast-path gap remains.
- TODO__Agents.md: update contact search task to reflect API path now working;
narrow remaining work to IDB fast-path only
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Update default qry__limit to 100 in idaa_loc
- Add 75 to limit_steps in recovery meetings query component
- Bump AE_IDAA_LOC_VERSION to 2 to apply changes to existing users
- Update IDAA documentation and TODO__Agents.md with SQL optimization task
- Mark implemented UI/UX ideas as done in documentation
- ae_idaa_comp__event_obj_qry.svelte: replace Location checkboxes and Type radio
inputs with styled pill-chip buttons. Location chips (Virtual / In-Person) are
independent toggles; Type chips (All / IDAA / Caduceus / Family Recovery) are
mutually exclusive — clicking the active chip deselects back to All. Chips fire
the reactive search $effect directly via store updates; no explicit trigger needed.
Remote First dev toggle preserved in edit mode, now inline with filter chips.
- CLIENT__IDAA_and_customized_mods.md: update Recovery Meetings filter/sort docs,
add My Meetings / favorites section, correct idaa_loc and idaa_sess store schemas,
bump Last Verified date.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Use Jitsi url_params.uuid for exclusion where available, preserve url_params in cached activity logs, and add the temporary staff-name fallback behind the same edit-mode toggle.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add Novi UUID exclusion and known-meeting filtering, default the report date range to the last 60 days, and hide Room Name unless global edit mode is enabled.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Keep the bootstrap quickstart focused on general platform knowledge, while preserving the Jitsi Reports reminder in the project docs and todo list.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- TODO__Agents.md: added task for contact search — backend to whitelist
contact_li_json_ext in event search, frontend to add OR condition in
search__event() and update local IDB fast-path filter. Blocked on backend.
- CLIENT__IDAA_and_customized_mods.md: documented the search architecture
gap under Recovery Meetings — what default_qry_str contains, why
contact_li_json is unsearchable as raw JSON, what contact_li_json_ext is
and what needs to happen to enable contact name/email search.
Backend agent notified via ae_send_message 2026-04-08.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Added Section 4 'Staff Editing Rules': documents per-object behavior when
trusted/admin staff edit member content. BB Post external_person_id is readonly
for non-admin staff; Post Comment preserves existing record identity; Recovery
Meeting external_person_id is intentionally editable for ownership reassignment.
Clarifies that staff identity only fills when the record has no existing linkage.
- Added Section 5 'Recovery Meetings — Contact 1 Convention': states the business
rule that Contact 1 is nearly always the same person as external_person_id (the
meeting owner). Documents the distinction between ownership link vs. display contact.
- Added race condition defense note to Section 3 Implementation Patterns: creation
buttons and edit submit handlers must scavenge from localStorage when the Svelte
store is briefly null on mount.
- Updated test coverage table: Recovery Meetings now has substantial Playwright
coverage (idaa_recovery_meeting_edit.test.ts). Noted pending BB Post/Comment tests.
- Updated Last Verified date to 2026-04-07.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
CRITICAL IDENTITY FIX:
Ensures all member-generated content (Meetings, Posts, Comments) is explicitly linked to the creator's Novi UUID via 'external_person_id' at the moment of creation.
Changes:
- Added 'external_person_id' to creation payloads in Recovery Meetings and BB Posts.
- Implemented 'identity scavenging' from localStorage in submit handlers to prevent race conditions where Svelte stores are briefly null.
- Refactored Post Comment edit component to robustly initialize and save creator identity.
- Added 'The Novi UUID Rule' to IDAA documentation to mandate this pattern for future development.
- Added Playwright test to verify creation linkage and fixed a version-mismatch bug in the test auth helper.
Note: Archives and Archive Content are excluded as they do not require member ownership.
20 calls/sec, 600/min, 100k/day. Notes the 10s flat backoff + single retry
and the 5-min TTL cache that prevents normal-use rate limiting.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Critical bugs fixed:
- $derived(() => {}) stored the function itself; uuid/api_key were always
undefined so verification never fired. Fixed to $derived.by(() => {}).
- novi_verifying pre-initialized to true (flash prevention) was also used as
the concurrency guard — guard saw it as in-flight and exited immediately,
leaving the spinner stuck forever. Split into separate verify_in_flight flag.
- $idaa_loc reads in dedupe snapshot (outside untrack) subscribed the effect
to idaa_loc writes, causing needless re-runs post-verification.
- Rate limit was not UUID-aware: 429 on one UUID blocked impersonation
(new UUID). TTL and rate-limit guards now both bypass when UUID changes.
Also includes: store defaults for novi_verified_ts + novi_rate_limited_until,
docs update, iframe template g_uuid param (prior agent changes).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Previously, IDAA iframe access relied on trusting URL params (uuid, email,
full_name) passed from Novi — any 36-char string granted authenticated access
with no actual verification.
The (idaa)/+layout.svelte now performs an async Novi API call on every UUID
load to verify the UUID exists, fetches name/email directly from Novi (cannot
be spoofed via URL), and sets $idaa_loc.novi_verified on success.
All-or-nothing: if novi_idaa_api_key is absent or the call fails, access denied.
- ae_idaa_stores.ts: add novi_verified boolean field to idaa_loc
- (idaa)/+layout.svelte: async UUID verification with spinner to prevent
Access Denied flash; permission upgrade-only strategy preserved
- video_conferences/+page.svelte: skip duplicate Novi member details call if
layout already verified ($idaa_loc.novi_verified check)
- iframe HTML files: remove browser-side Novi API fetch and email/full_name
params; pass only uuid; add README/START/STOP/WARNING comments for client
staff; fix iframe-before-script DOM ordering bug
- documentation: CLIENT__IDAA_and_customized_mods.md updated with full
verification flow, site_cfg_json fields, permission table, access gate
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- CLIENT__IDAA_and_customized_mods.md: New comprehensive doc covering IDAA
architecture, all 4 submodules (Archives, BB, Recovery Meetings, Jitsi),
Novi UUID auth system, permission levels, state stores, iframe integration,
and testing requirements. Reverse-engineered from source 2026-02-26.
- MODULE__AE_Events_Badges.md: trailing whitespace only
- tests/README.md: blank line only
