All services were providing TenantContextService directly without
making it global, causing DI resolution failures in child modules.
Now using TenantContextModule.forRoot() which exports TenantContextService
globally so all repositories can access it.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
npm install was clearing the @iconsulting/shared folder that was
copied before it. Moving the COPY command after npm install ensures
the shared package remains in node_modules.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- deploy.sh deploy now uses --no-cache by default to ensure
@iconsulting/shared package is correctly bundled into images
- Add --cache option if user wants to use Docker cache for faster builds
- This fixes the "Cannot find module '@iconsulting/shared'" error
that occurred when Docker used cached images without the latest shared code
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add UserProfile entity with immigration-specific fields:
- Basic info (name, birth date, nationality, current location)
- Immigration intent (target countries, types, timeline)
- Education records with WES evaluation flag
- Work records with NOC codes
- Language scores (IELTS, TOEFL, etc.)
- Family members info
- Financial info for investment immigration
- Profile completion percentage calculation
- Add UserContact entity for identity binding:
- Support multiple contact types (EMAIL, WECHAT, WHATSAPP, TELEGRAM, LINE)
- Verification code flow with expiration
- Notification settings (paid feature)
- Notification types: POLICY_UPDATE, DEADLINE_REMINDER, etc.
- Add API endpoints:
- GET/PUT /users/me/profile/* for profile sections
- GET/POST/PUT/DELETE /users/me/contacts for contact management
- POST /users/me/contacts/:type/verification for verification flow
- POST/PUT/DELETE /users/me/contacts/:type/notifications
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- knowledge-postgres.repository: add tenant_id to all queries and raw SQL
- memory-postgres.repository: add tenant_id filtering for UserMemory and SystemExperience
- admin-postgres.repository: add tenant_id filtering (direct injection for nullable tenantId)
- All 11 repositories now have proper tenant isolation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Apply TenantContextMiddleware to all 6 services
- Add SimpleTenantFinder for services without direct tenant DB access
- Add TenantFinderService for evolution-service with database access
- Refactor 8 repositories to extend BaseTenantRepository:
- user-postgres.repository.ts
- verification-code-postgres.repository.ts
- conversation-postgres.repository.ts
- message-postgres.repository.ts
- token-usage-postgres.repository.ts
- file-postgres.repository.ts
- order-postgres.repository.ts
- payment-postgres.repository.ts
- Add @iconsulting/shared dependency to evolution-service and knowledge-service
- Configure middleware to exclude health and super-admin paths
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add token aggregation to statistics/overview endpoint
- Include total tokens, cost, and API calls for all time
- Include today's token usage and cost breakdown
- Display token stats in ConversationsPage with 2 rows of cards
- Add formatNumber helper for K/M number formatting
- Export GlobalTokenStats and TodayTokenStats types
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add 'error' chunk type to StreamChunk for partial token capture
- Record partial tokens to token_usage table even on API errors
- Capture error chunk tokens in conversation.service.ts
- Save partial response and tokens before re-throwing errors
- Add token aggregation from token_usage table for accurate stats
- Display detailed token info in admin (cache tokens, cost, API calls)
- Export TokenDetails type for frontend consumption
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Problem:
- Token usage was recorded to token_usage table but not to conversation entity
- Message count was not being incremented
- Dashboard showed 0 tokens for all conversations
Solution:
- Add inputTokens/outputTokens fields to StreamChunk interface
- Return token usage in 'end' chunk from ClaudeAgentServiceV2
- Capture token usage in conversation.service.ts sendMessage
- Call conversation.addTokens() and incrementMessageCount() after each exchange
- Consolidate conversation updates into single repo.update() call
Files changed:
- claude-agent-v2.service.ts: Add token fields to StreamChunk, return in 'end'
- conversation.service.ts: Track tokens and message counts properly
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
## Device Tracking (conversation-service)
- Add DeviceInfoDto class for validating device information
- Extract client IP from X-Forwarded-For and X-Real-IP headers
- Capture User-Agent header automatically on conversation creation
- Support optional fingerprint and region from client
- Pass deviceInfo through service layer to entity for persistence
Files changed:
- conversation.controller.ts: Add extractClientIp() method and header capture
- conversation.dto.ts: Add DeviceInfoDto with validation decorators
- conversation.service.ts: Update CreateConversationParams interface
## Build Optimization (admin-client)
- Implement code splitting via Rollup manualChunks
- Separate vendor libraries into cacheable chunks:
- vendor-react: react, react-dom, react-router-dom (160KB)
- vendor-antd: antd, @ant-design/icons (1013KB)
- vendor-charts: recharts (409KB)
- vendor-data: @tanstack/react-query, axios, zustand (82KB)
- Main bundle reduced from 1732KB to 61KB (96% reduction)
- Set chunkSizeWarningLimit to 1100KB for antd
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Both user-service and evolution-service need the same JWT_SECRET
to verify admin tokens correctly.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Backend (user-service):
- Add admin user management APIs (list, search, statistics, detail)
- Add pagination and filtering support for user queries
- Add JWT token authentication for admin endpoints
Frontend (admin-client):
- Add UsersPage with user list, search, filters and statistics
- Add SettingsPage with admin profile, password change, system info
- Update App.tsx routes to use new pages
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move specific routes (logs/actions, logs/entity-types) before
parameterized route (logs/:id) to prevent NestJS from matching
'actions' and 'entity-types' as UUID parameters.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The useEvolutionStatistics and useSystemHealth hooks call endpoints that
depend on a non-existent knowledge-service internal API. Removed these
calls and the related UI sections to prevent 500 errors.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Backend (evolution-service):
- Add analytics module with scheduled statistics aggregation
- Implement daily_statistics aggregation (OVERALL, CHANNEL, CATEGORY)
- Add monthly financial report generation and management
- Create audit log service for operation tracking
- Schedule cron jobs for automatic data aggregation
Frontend (admin-client):
- Replace dashboard mock data with real API calls
- Add analytics page with trend charts and dimension breakdown
- Add financial reports page with confirm/lock workflow
- Add audit logs page with filtering and detail view
- Update navigation with analytics submenu
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add TransactionService for atomic database operations with optimistic lock retry
- Implement pessimistic locking in payment callback handling to prevent race conditions
- Add idempotency check via transactionId unique index to prevent duplicate processing
- Add version columns to PaymentORM and OrderORM for optimistic locking
- Add composite indexes for performance (order_status, transaction_id)
- Optimize connection pool settings for both payment and conversation services
- Update init-db.sql with version columns and new indexes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add configure_system_nginx_ssl() function to generate nginx HTTPS config
- HTTP 80 redirects to HTTPS, HTTPS 443 proxies to Docker nginx 8080
- Include TLS 1.2/1.3, secure ciphers, HSTS headers
- Update renew_ssl_cert() to reload both system and Docker nginx
- Update auto-renew cron to reload system nginx
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add file-service to SERVICE_PORTS (port 3006)
- Add file-service to SERVICE_DIRS and DOCKER_SERVICES mappings
- Include file-service in build, start, stop, restart commands
- Update rebuild service name mapping
- Include file-service in db migrate command
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Changed nuke command to only delete iConsulting project resources:
- Only project containers (via docker-compose down)
- Only project images (iconsulting-*, *-service)
- Only project volumes (postgres_data, redis_data, etc.)
- Only project networks (iconsulting-network)
Does NOT affect other projects on the same Docker host.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add nuclear option to completely remove:
- All Docker containers
- All Docker images
- All Docker volumes (database data)
- All Docker networks
- All build cache
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Follow proper microservices architecture:
- knowledge-service owns system_experiences table
- evolution-service uses KnowledgeClient API to save experiences
- Deleted SystemExperienceORM from evolution-service
- Added internal API endpoints in knowledge-service
- Disabled synchronize in all services for safety
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Breaking change: evolution-service no longer directly accesses
conversations and messages tables.
Changes:
- Add internal API endpoints to conversation-service for service-to-service calls
- Create ConversationClient in evolution-service to call conversation-service API
- Remove ConversationORM and MessageORM from evolution-service
- Update evolution.service to use ConversationClient
This follows microservices best practices:
- Each service owns its data
- Services communicate via API, not shared tables
TODO: Apply same pattern to system_experiences (knowledge-service)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add missing V2 fields to init-db.sql to match conversation.entity.ts:
- consulting_stage
- consulting_state
- collected_info
- recommended_programs
- conversion_path
- device_info
Also add indexes for the new fields.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use init-db.sql for schema management instead of TypeORM auto-sync.
synchronize:true is dangerous in production and causes conflicts
when multiple services share tables.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add @Index decorators for conversation_id, created_at, role
- Set created_at to timestamptz type to match database
- Set columns nullable to match database schema
This prevents synchronize:true from trying to modify columns
that have dependent indexes.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add input_tokens and output_tokens columns that evolution-service
defines to prevent synchronize:true from trying to drop them.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add columns that evolution-service defines to prevent synchronize:true
from trying to drop them:
- userMessageCount, assistantMessageCount
- totalInputTokens, totalOutputTokens
- rating, feedback, hasConverted
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- rebuild now uses cache by default
- only ignores cache when --no-cache is explicitly passed
Usage:
./deploy.sh rebuild conversation # uses cache
./deploy.sh rebuild conversation --no-cache # ignores cache
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add do_rebuild function to rebuild Docker images without cache.
Supports rebuilding individual services or all services at once.
Usage:
./deploy.sh rebuild conversation # rebuild single service
./deploy.sh rebuild all # rebuild all services
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove image deletion and rebuild steps
- Only delete database volumes and restart services
- TypeORM synchronize:true handles schema creation
- Much faster: no recompilation needed
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove migration-based approach which kept failing
- Enable synchronize:true to auto-sync Entity with database
- Schema will always match Entity definition on startup
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add migrations path to TypeORM config
- Set migrationsRun: true to run pending migrations on startup
- This ensures V2 columns are created automatically when app starts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
hailin