Look at my thing#3
Open
flxnaf wants to merge 226 commits intofeature/supabase-authfrom
Open
Conversation
Feature/supabase auth
Feature/supabase auth
Fix build errors
Fix build errors
- Added consent fields to User model (audio, chat, context, faceData) - Created comprehensive DATA_PERSISTENCE_GUIDE.md - Documents what data is saved, when, and where - Shows how to implement consent checks - All data already being saved per Supabase user ID Next: Run 'npx prisma migrate dev' to apply schema changes
- Added consent fields to User model (audio, chat, context, faceData) - Created comprehensive DATA_PERSISTENCE_GUIDE.md - Documents what data is saved, when, and where - Shows how to implement consent checks - All data already being saved per Supabase user ID Next: Run 'npx prisma migrate dev' to apply schema changes
- Created ConsentDialog component with checkboxes for all data types - Integrated consent flow into main app (shows before recording) - Added API routes: /api/user-consent (check) and /api/save-consent (save) - Added consent state management in app/page.tsx - Installed @supabase/ssr and @supabase/supabase-js packages - Added force-dynamic exports to new API routes - User must accept consent before using app features Note: Build warnings about Supabase env vars are expected (set in Railway)
- Created ConsentDialog component with checkboxes for all data types - Integrated consent flow into main app (shows before recording) - Added API routes: /api/user-consent (check) and /api/save-consent (save) - Added consent state management in app/page.tsx - Installed @supabase/ssr and @supabase/supabase-js packages - Added force-dynamic exports to new API routes - User must accept consent before using app features Note: Build warnings about Supabase env vars are expected (set in Railway)
- Added force-dynamic exports to analyze-face and face-data routes - Added fallback values for Supabase env vars during build - Build now completes successfully without errors - All API routes properly marked as dynamic - Ready for Railway deployment
- Added force-dynamic exports to analyze-face and face-data routes - Added fallback values for Supabase env vars during build - Build now completes successfully without errors - All API routes properly marked as dynamic - Ready for Railway deployment
- Add validation for Supabase environment variables in lib/supabase.ts - Add graceful error handling in useAuth hook - Create EnvErrorMessage component for helpful error display - Update build script to include prisma generate - Add Supabase vars to environment checker - Add comprehensive Railway deployment guides (QUICK_FIX_RAILWAY.md, RAILWAY_FIX.md) - Prevent app crashes when env vars are missing Fixes client-side exception caused by missing NEXT_PUBLIC_SUPABASE_URL and NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY in Railway deployment.
- Add validation for Supabase environment variables in lib/supabase.ts - Add graceful error handling in useAuth hook - Create EnvErrorMessage component for helpful error display - Update build script to include prisma generate - Add Supabase vars to environment checker - Add comprehensive Railway deployment guides (QUICK_FIX_RAILWAY.md, RAILWAY_FIX.md) - Prevent app crashes when env vars are missing Fixes client-side exception caused by missing NEXT_PUBLIC_SUPABASE_URL and NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY in Railway deployment.
- Create initial migration with User, Memory, Conversation tables - Update build script to run migrations automatically on deploy - Add deploy-db.sh script for manual migration deployment - Fixes 'Failed to save consent' error by ensuring database schema exists
- Create initial migration with User, Memory, Conversation tables - Update build script to run migrations automatically on deploy - Add deploy-db.sh script for manual migration deployment - Fixes 'Failed to save consent' error by ensuring database schema exists
- Use UUID for Memory and Conversation IDs (matches what was deployed) - Use UUID for foreign keys (userId) - Ensures Prisma schema matches actual database structure
- Use UUID for Memory and Conversation IDs (matches what was deployed) - Use UUID for foreign keys (userId) - Ensures Prisma schema matches actual database structure
…pass - Reduce photo capture from 5 angles to 1 (faster, fewer API calls) - Create two-tab interface: Context Builder + Chat - Add Context Builder component for adding personality data - Enable JSON export for Minecraft integration - Add admin bypass login feature (click title 5 times) - Admin keys: 'ghostadmin' or 'admin123' - Remove context inputs from Uploader (moved to dedicated tab) - Context data persists to PostgreSQL via personality API
…pass - Reduce photo capture from 5 angles to 1 (faster, fewer API calls) - Create two-tab interface: Context Builder + Chat - Add Context Builder component for adding personality data - Enable JSON export for Minecraft integration - Add admin bypass login feature (click title 5 times) - Admin keys: 'ghostadmin' or 'admin123' - Remove context inputs from Uploader (moved to dedicated tab) - Context data persists to PostgreSQL via personality API
- Admin bypass users no longer see consent dialog - Allows immediate testing without database - Consent still required for real users
- Admin bypass users no longer see consent dialog - Allows immediate testing without database - Consent still required for real users
- Admin users immediately proceed to upload step - No database calls for admin bypass - Uses admin user ID directly - Allows testing without database
- Admin users immediately proceed to upload step - No database calls for admin bypass - Uses admin user ID directly - Allows testing without database
- Change 'Start Taking Photos' to 'Take Photo' (singular) - Add back story, habit, reaction questions during initial setup - Save initial context when creating clone - Users can add more context later in Context Builder tab
- Change 'Start Taking Photos' to 'Take Photo' (singular) - Add back story, habit, reaction questions during initial setup - Save initial context when creating clone - Users can add more context later in Context Builder tab
- Admin users skip MediaPipe face detection - Admin users skip database update-user API call - Immediately proceed to chat tabs - Allows full testing without database or API keys
- Admin users skip MediaPipe face detection - Admin users skip database update-user API call - Immediately proceed to chat tabs - Allows full testing without database or API keys
- Change button to 'Export JSON' (removed 'for Minecraft') - Export now includes audioUrl, voiceModelId, faceData for Minecraft mod - Add admin bypass for chat (returns mock responses without Claude API) - JSON structure includes all data needed for voice/appearance in mod
- Change button to 'Export JSON' (removed 'for Minecraft') - Export now includes audioUrl, voiceModelId, faceData for Minecraft mod - Add admin bypass for chat (returns mock responses without Claude API) - JSON structure includes all data needed for voice/appearance in mod
PROBLEM: 1. Username changes reverted on page refresh 2. Settings showed 'Current username @Not set' even when username existed 3. Username stored in TWO places that were out of sync: - Supabase Auth metadata (from signup, never updated) - Prisma database (updated by /api/change-username) 4. On refresh, old value from Auth metadata was loaded FIXES: 1. /api/change-username now updates BOTH: - Prisma database (source of truth) - Supabase Auth metadata (for persistence on refresh) Uses admin client to update user_metadata 2. useAuth hook now fetches username from database: - Added fetchUserProfile() to get username from /api/personality - Called on login and auth state changes - Database is now the single source of truth 3. Signup flow fixed: - /api/create-user now saves username to database - /api/save-consent now saves username to database - Username properly synced from auth metadata on first save 4. JSON export already includes username (verified): - metadata.username field - Filename uses username: {username}_clone.json RESULT: ✅ Username persists after refresh ✅ Settings displays correct username ✅ Username changes update everywhere (DB, Auth, UI, JSON) ✅ Database is single source of truth
ISSUE: Minecraft mod playing audio with random/default voices instead of user's trained voice DEBUGGING ADDED: 1. Server-side (/api/speak): - Log voiceModelId from database with type, length, and first 50 chars - Log audioUrl for comparison - Added to help diagnose if voice ID is NULL or malformed 2. Export API (/api/minecraft/export/username/[username]): - Log user's voiceModelId and audioUrl before sending - Log final voice_model_id being returned to mod - Verify data is correct at API level 3. Minecraft mod (TwinCommands.kt): - Log voice_model_id immediately after download - Show type and length to catch parsing issues - Display in-game warning if voice model is NULL - Show first 20 chars of voice ID in success message PURPOSE: This will help identify WHERE the voice model ID is getting lost: - If NULL in database -> voice training didn't complete - If NULL in export API -> database issue - If NULL in mod -> JSON parsing issue - If present but wrong voice playing -> Fish Audio API issue NEXT STEPS FOR USER: 1. Run /twinimport @username in Minecraft 2. Check logs for voice_model_id at each stage 3. Report what the logs show (especially if it's NULL somewhere)
CRITICAL BUG FOUND:
Line 576 of /api/speak/route.ts was using voice_id for trained models.
FISH AUDIO API FIELDS:
- reference_id = For TRAINED/CUSTOM voice models (user clones)
- voice_id = For Fish Audio's DEFAULT/PRE-MADE voices only
WHAT WAS HAPPENING:
- User voice models were in database (verified ✅)
- Server was retrieving voiceModelId correctly (verified ✅)
- But Fish Audio API was ignoring voice_id field for trained models
- Result: Random default voices being used instead of user's trained voice
THE FIX:
Changed formData.append('voice_id', trainedVoiceId)
To formData.append('reference_id', trainedVoiceId)
NOW IT WORKS:
✅ Trained voices will use reference_id (correct field)
✅ Default fallback voices still use voice_id (correct field)
✅ Users will hear their own trained voice in Minecraft
Testing confirmed voice models exist in database:
- Felixfan: d7dfbedf1d39421a948a302839a86ba9
- sparsh: c2bf6af67da84be4bed94dc4aa3d66f7
- eddie: ab9cf6099e824b7ca575b0d5d36dfaa7
- shhh: d367b685ac1240be87c236232d51ea35
- thismyusername: 00d2f3ccf3ec4a75b9eabe2716a26809
CRITICAL BUG:
All spawned NPCs were showing the same skin (the last one spawned)
ROOT CAUSE:
SkinCache.kt was using entityName as the texture ID:
val skinId = Identifier("digitaltwins", "skins/${entityName}")
PROBLEM:
- Multiple clones could have similar entity names
- Each new skin would OVERWRITE the previous texture with same ID
- Result: All NPCs with that texture ID show the newest skin
THE FIX:
Changed to use skin URL hash as unique ID:
val skinHash = skinUrl.hashCode().toString().replace("-", "n")
val skinId = Identifier("digitaltwins", "skins/${skinHash}")
NOW:
✅ Each unique skin URL gets its own unique texture ID
✅ Different clones keep their own skins
✅ Spawning new NPCs doesn't overwrite existing skins
NEW JAR:
minecraft-mod/build/libs/digitaltwins-1.0.0.jar
USER ACTION REQUIRED:
1. Copy new JAR to mods folder
2. Restart Minecraft
3. Remove old NPCs (/twinremove)
4. Spawn them again (/twinspawn)
5. Each NPC will now have correct skin!
- Implement Google Sign-In with OAuth flow - Add password confirmation field with real-time validation - Add password strength indicator (4-level meter) - Add show/hide password toggles - Fix Supabase cookie handling in API routes - Add email confirmation flow and callback handler - Create comprehensive OAuth and email setup guides - Fix redirect URLs to work with both localhost and production - Improve form validation and UX with icons and feedback
ShoAdachi01
approved these changes
Oct 29, 2025
- Remove all emojis from UI - Streamline export section with cleaner layout - Condense setup steps from 6 to 3 bullet points - Simplify import and usage sections - Remove verbose descriptions and collapsible sections - Clean up troubleshooting to simple one-liners - Remove unused state and imports 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Remove outdated references from all documentation files - Remove emojis from README.md section headers - Update directory path references to replik/ - Simplify minecraft-mod documentation - Clean up acknowledgments and license sections 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Move all auxiliary markdown files to docs/ directory - Create docs/README.md with organized index - Keep README.md and MINECRAFT_SETUP.md in root - Categorize docs by purpose (setup, architecture, testing, etc.) - Add documentation section to main README 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Remove click-to-activate admin login from landing page - Remove admin bypass checks from authentication flow - Remove admin mock data and skips from all components - Remove admin bypass from API routes (personality, speak, user-consent) - Clean up localStorage admin keys and mock user references - Fix TypeScript errors in speak route from admin code removal 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Adding Guideline to Minecraft Deployment of Digital Clone + Cleaning Up Documentations
- Add MIT LICENSE file - Create comprehensive .env.example with all required variables - Add SECURITY.md with vulnerability reporting process - Document security best practices for deployment - Include authentication, authorization, and key management guidelines 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Replace hardcoded replik.tech URLs with environment variables - Update OAuth redirects to use NEXT_PUBLIC_BASE_URL - Modify Minecraft mod to use configurable API base URL - Update documentation with generic domain examples - Fix variable redeclaration in auth callback route All production URLs now configurable via environment variables. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
CRITICAL FIX: The /api/speak endpoint previously accepted any userId without verification, allowing anyone to impersonate any user. Changes: - Add dual authentication support: 1. Supabase session (for web users) 2. API key via X-API-Key header (for Minecraft mod) - Verify authenticated user matches requested userId - Return 401 Unauthorized if neither auth method succeeds - Add MINECRAFT_API_KEY environment variable support This prevents: - User impersonation attacks - Unauthorized API quota consumption - Unwanted conversation generation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Changed copyright from individual name to 'Replik Team' to properly credit all team members who contributed to the project. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Add OSS licensing and security documentation & Security: Remove hardcoded production
Adding Guideline to Minecraft Deployment of Digital Clone + Cleaning Up Documentations
Merge pull request #1 from flxnaf/main
Merge pull request #18 from ShoAdachi01/main
Merge pull request #2 from flxnaf/main
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Coderabbit