5 Commits

Author	SHA1	Message	Date
Sharang Parnerkar	fc71439011	feat(pitch-deck): admin UI for investor + financial-model management ... Adds /pitch-admin dashboard with real admin accounts (bcrypt) and full audit attribution for every state-changing action. Backend: - pitch_admins + pitch_admin_sessions tables (migration 002) - pitch_audit_logs.admin_id + target_investor_id columns - lib/admin-auth.ts: bcryptjs hashing, single-session enforcement, jose JWT with 'pitch-admin' audience claim, requireAdmin guard - logAudit extended to accept admin_id and target_investor_id - middleware.ts: gates /pitch-admin/* and /api/admin/* on the admin cookie (with bearer-secret fallback for CLI compatibility) - 14 API routes under /api/admin-auth and /api/admin (login, logout, me, dashboard, investors[id] CRUD + resend, admins CRUD, fm scenarios + assumptions PATCH) - Existing /api/admin/{invite,investors,revoke,audit-logs} migrated to requireAdmin and now log with admin_id + target_investor_id - scripts/create-admin.ts CLI bootstrap (npm run admin:create) Frontend: - /pitch-admin/login + /pitch-admin/(authed) route group - AdminShell with sidebar nav + StatCard + AuditLogTable components - Dashboard with KPIs, recent logins, recent activity - Investors list with search/filter + resend/revoke inline actions - Investor detail with inline edit + per-investor audit timeline - Audit log viewer with actor/action/date filters + pagination - Financial model scenario list + per-scenario assumption editor (categorized, inline edit, before/after diff in audit) - Admins management (add, deactivate, reset password) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 11:27:18 +02:00
Sharang Parnerkar	645973141c	feat(pitch-deck): passwordless investor auth, audit logs, snapshots & PWA (#2) ... Adds investor-facing access controls, persistence, and PWA support to the pitch deck: - Passwordless magic-link auth (jose JWT + nodemailer SMTP) - Per-investor audit logging (logins, slide views, assumption changes, chat) - Financial model snapshot persistence (auto-save/restore per investor) - PWA support (manifest, service worker, offline caching, branded icons) - Safeguards: email watermark overlay, security headers, content protection, rate limiting, IP/new-IP detection, single active session per investor - Admin API: invite, list investors, revoke, query audit logs - pitch-deck service added to docker-compose.coolify.yml Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 08:48:38 +00:00
Benjamin Admin	23694b6555	fix: increase paddleocr memory limit 4G → 6G ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 18:08:33 +01:00
Benjamin Admin	f4ed1eb10c	feat: add paddleocr-service to Coolify compose ... Add PaddleOCR PP-OCRv5 service with 4G memory limit, model volume, and health check (5min start period for model loading). Domain routing (ocr.breakpilot.com) to be configured in Coolify UI. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 13:43:11 +01:00
Sharang Parnerkar	fcf8aa8652	fix: migrate deployment from Hetzner to Coolify (#1) ... ## Summary - Add Coolify deployment configuration (docker-compose, healthchecks, network setup) - Replace deploy-hetzner CI job with Coolify webhook deploy - Externalize postgres, qdrant, S3 for Coolify environment - Remove services not needed for SDK deployment (voice, jitsi, synapse) ## All changes since branch creation - Coolify docker-compose with healthchecks for all services - CI pipeline: deploy-hetzner → deploy-coolify (simple webhook curl) - QDRANT_API_KEY support in rag-service - Alpine-compatible Dockerfile fixes Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com> Reviewed-on: #1	2026-03-13 10:45:18 +00:00