New users were being sent to /marks-account/projects. Now derives
workspace from the signed-in user's email so everyone lands on
their own workspace after Google OAuth.
Made-with: Cursor
Firebase was not configured so every chat request crashed with
'Firebase Admin credentials not configured'.
- chat-mode-resolver.ts: read project phase from fs_projects (Postgres)
- chat-context.ts: load project data from fs_projects instead of Firestore
- /api/ai/conversation: store/retrieve conversations in chat_conversations
Postgres table (created automatically on first use)
- /api/ai/chat: replace all Firestore reads/writes with Postgres queries
- v_ai_chat/page.tsx: replace Firebase client auth with useSession from
next-auth/react; remove Firestore listeners, use REST API for project data
Co-authored-by: Cursor <cursoragent@cursor.com>
Two issues:
1. ForwardAuth redirect used x-forwarded-host which Traefik sets to
vibnai.com (the auth service host), not theia.vibnai.com. Now
hardcodes THEIA_URL as the callbackUrl destination.
2. /auth page ignored callbackUrl and always sent users to
/marks-account/projects. Now follows callbackUrl when it points
to theia.vibnai.com, so users land in the IDE after login.
Co-authored-by: Cursor <cursoragent@cursor.com>
BREAKING CHANGE: Replace SuperTokens with NextAuth.js
Why:
- SuperTokens had persistent Traefik routing issues
- SSL certificate not issuing correctly
- Complex infrastructure (separate container)
- NextAuth runs in Next.js app (simpler, no separate service)
Changes:
- Install next-auth, @auth/prisma-adapter, prisma
- Create NextAuth API route: app/api/auth/[...nextauth]/route.ts
- Add Prisma schema for NextAuth tables (users, sessions, accounts)
- Update auth page to use NextAuth signIn()
- Remove all SuperTokens code and dependencies
- Keep same Google OAuth (just simpler integration)
Benefits:
- No separate auth service needed
- No Traefik routing issues
- Sessions stored in Montreal PostgreSQL
- Simpler configuration
- Battle-tested, widely used
All authentication data stays in Montreal!
Co-authored-by: Cursor <cursoragent@cursor.com>
- Remove session check from home page (landing page doesn't need it)
- Add delayed session check in auth page to redirect logged-in users
- Handle SuperTokens not being initialized yet with proper error handling
Co-authored-by: Cursor <cursoragent@cursor.com>
