No description
a8e201dc52
✅ Production-Ready Containerization: - Multi-stage frontend build (Vue.js + Nginx) - Optimized backend container (Node.js + Alpine) - PostgreSQL 15 with persistent storage and health checks - Custom Docker network for secure service communication ✅ Interactive Setup Wizard (setup.sh): - Beautiful CLI interface with colors and progress indicators - Automatic secure password and JWT secret generation - Complete environment configuration with validation - Domain, SSL, Azure AD, and OpenAI API setup - One-command deployment with immediate startup option ✅ Production Security & Performance: - Nginx reverse proxy with rate limiting and security headers - HTTPS/SSL support with custom certificate mounting - CORS protection and request validation - Non-root container execution for all services - Health checks and monitoring for reliability ✅ Management & Operations: - Comprehensive deploy.sh script with all common operations - Database backup and restore capabilities - Service logs management and troubleshooting tools - Docker Compose orchestration with dependency management - Development vs production environment support ✅ Enterprise Features: - Azure AD SSO integration with hybrid authentication - OpenAI API configuration and secure key management - Multi-environment support (localhost vs production) - Comprehensive documentation and troubleshooting guides - Resource optimization and performance tuning 🏗️ Architecture: - Frontend: Vue.js + Vite → Nginx (port 80/443) - Backend: Node.js + Express (internal port 3000) - Database: PostgreSQL 15 (internal port 5432) - Networking: Isolated Docker bridge network - Storage: Named volumes for data persistence 🚀 Deployment Commands: - ./setup.sh - Interactive deployment wizard - ./scripts/deploy.sh [start|stop|build|logs|status] - docker-compose up -d --build - Automatic migrations and admin user creation 🔒 Security Hardening: - Rate limiting on API endpoints (10 req/s) and auth (5 req/min) - Security headers (X-Frame-Options, CSP, HSTS) - CORS validation and origin checking - SSL/TLS encryption support - Container isolation and minimal attack surface 📚 Complete Documentation: - Comprehensive README with architecture overview - Troubleshooting guide with common issues - Development vs production configuration - Performance tuning and scaling recommendations 🎯 One-Command Production Deployment: Everything needed to deploy Ideas Generator 2025 in production with enterprise security, monitoring, and Azure AD SSO integration. 🚀 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> |
||
|---|---|---|
| admin | ||
| docker | ||
| fonts | ||
| GCF | ||
| js | ||
| privacy | ||
| server | ||
| .gitignore | ||
| AUTHENTICATION_GUIDE.md | ||
| BACKEND_ARCHITECTURE.md | ||
| COMPLETE_ASSISTANT_CONFIGURATIONS.md | ||
| FEATURE_PARITY_MAPPING.md | ||
| FINAL_MIGRATION_SUMMARY.md | ||
| I-gen-assistant-instructions.csv | ||
| I-gen.blueprint.json | ||
| IMPLEMENTATION_GUIDE.md | ||
| index.html | ||
| INSTALLATION.md | ||
| QUICK_START_CHECKLIST.md | ||
| README.md | ||
| RESPONSES_API_MIGRATION_PLAN.md | ||
| SECURITY_COMPONENTS.md | ||
| sparkplug-logo.png | ||
| style.css | ||
| UPDATED_TRANSITION_PLAN.md | ||
| WEEK_BY_WEEK_PLAN.md | ||
Ideas Generator - Current Architecture & 2025 Transition Plan
Current Application Overview
The ** Ideas Generator** is an enterprise-grade conversational AI platform that provides employees with access to multiple AI assistants for ideation and business support. The system uses a sophisticated cloud-based architecture with proper authentication and security measures.
Key Features
- Multiple AI Assistants: Users can select from different pre-configured AI assistants with unique personalities and capabilities
- Conversation Management: Persistent chat threads with history, titles, and deletion capabilities
- Tone of Voice Control: Selectable tone-of-voice options to customize AI responses
- Security-First Design: Bank detail masking, cybersecurity term filtering, and enterprise authentication
- Responsive Interface: Clean, modern chat interface with sidebar navigation
Current Architecture
Frontend (Web App) → GCF Proxy → Make.com Webhook → AI Service → Response Chain
↓
Microsoft Azure AD (Authentication)
Frontend Components
Core Files:
index.html- Main application shell with Microsoft MSAL authenticationjs/script.js- Core application logic and AI interactionjs/variables.js- Configuration variables (Make.com webhook URL)js/html.js- HTML templates for dynamic contentstyle.css- Application styling
Key JavaScript Functions:
sendMessage()- Handles user input and AI communicationgetAssistants()- Retrieves available AI assistantsgetConversations()- Loads conversation historymaskUKBankDetails()- Security function for data sanitization
Backend Services
Google Cloud Function Proxy (GCF/index.js):
- CORS handling for cross-origin requests
- Authentication token management
- Request forwarding to Make.com webhook
Make.com Integration (js/variables.js):
- Primary AI processing endpoint:
https://hook.us1.make.celonis.com/htn0fepeoai19d1unx6fqm5qd5ptk5px - Handles conversation management, assistant selection, and AI responses
API Endpoints:
?GetConversations=True- Retrieve user conversations?GetAssistants=True- Get available AI assistants?GetMessages=True&ConversationID={id}- Load conversation history?DeleteConversation=True&ConversationID={id}- Remove conversations- Main chat endpoint with parameters:
ConversationID,AssistantKey,TOV_Key,Message
Authentication & Security
Microsoft Azure AD Integration:
- Client ID:
9079054c-9620-4757-a256-23413042f1ef - Tenant ID:
e519c2e6-bc6d-4fdf-8d9c-923c2f002385 - Redirect URI:
https://ai-sandbox.oliver.solutions/ideas-sparkplug/index.html
Security Features:
- Data Sanitization: Automatic masking of UK banking details (sort codes, account numbers, card numbers)
- Content Filtering: Cybersecurity term detection and masking
- Session Management: Secure cookie handling with HttpOnly, Secure, and SameSite flags
- CORS Protection: Configured allowed origins
- Authentication Required: All features require Microsoft AD login
Current Limitations
- Indirect AI Integration: Uses Make.com webhook instead of direct OpenAI API calls
- Complex Architecture: Multiple proxy layers add latency and complexity
- Limited Control: Cannot easily customize AI behavior or access advanced features
- Dependency on External Services: Reliant on Make.com and Google Cloud Functions
- Authentication Overhead: Enterprise authentication may be excessive for development
2025 Transition Plan: From OpenAI Assistants to Direct API Integration
Transition Overview
Goal: Migrate from the current Make.com webhook architecture to direct OpenAI API completions for better control, performance, and feature access.
Phase 1: Local Development Setup (Week 1)
1.1 Authentication Bypass for Development
Files to modify:
index.html(lines 11-32, 68-127) - Comment out MSAL authentication- Create development flag to bypass login requirements
- Replace
thisUserwith a default development user
1.2 Local Backend Creation
New files to create:
server/directory with Node.js/Express backendserver/index.js- Main server file with OpenAI integrationserver/config.js- Configuration managementserver/routes/- API route handlersserver/package.json- Dependencies
Key dependencies:
{
"express": "^4.18.2",
"cors": "^2.8.5",
"openai": "^4.0.0",
"dotenv": "^16.3.1",
"express-rate-limit": "^7.1.5"
}
1.3 Environment Configuration
New files:
.env- OpenAI API key and configuration.env.example- Template for environment variables
Phase 2: API Endpoint Migration (Week 2)
2.1 Replace Make.com Webhook
Modify js/variables.js:
// OLD:
const make_url = "https://hook.us1.make.celonis.com/htn0fepeoai19d1unx6fqm5qd5ptk5px";
// NEW:
const make_url = "http://localhost:3000/api";
2.2 Create Local API Endpoints
Endpoint mapping:
| Current Make.com Parameter | New Local Endpoint | Method |
|---|---|---|
?GetConversations=True |
/api/conversations |
GET |
?GetAssistants=True |
/api/assistants |
GET |
?GetMessages=True&ConversationID={id} |
/api/conversations/{id}/messages |
GET |
?DeleteConversation=True&ConversationID={id} |
/api/conversations/{id} |
DELETE |
| Main chat endpoint | /api/chat |
POST |
2.3 OpenAI Integration Strategy
From OpenAI Assistants to Chat Completions:
Current (via Make.com):
Assistant ID → Make.com → OpenAI Assistants API
New (direct):
// Direct OpenAI Chat Completions
const completion = await openai.chat.completions.create({
model: "gpt-4o",
messages: [
{ role: "system", content: assistantSystemPrompt },
...conversationHistory,
{ role: "user", content: userMessage }
],
temperature: 0.7,
max_tokens: 1000
});
Phase 3: Data Storage Implementation (Week 3)
3.1 Local Database Setup
Options:
- SQLite (recommended for development) - File-based, zero-config
- JSON files - Simple file storage for prototyping
- PostgreSQL - Full database for production-ready features
3.2 Data Models
Conversations:
{
id: string,
title: string,
assistant_key: string,
tov_key: string,
user_id: string,
created_at: timestamp,
updated_at: timestamp
}
Messages:
{
id: string,
conversation_id: string,
role: 'user' | 'assistant',
content: string,
created_at: timestamp
}
Assistants:
{
key: string,
name: string,
system_prompt: string,
initial_message: string,
model: string,
temperature: number
}
Phase 4: Feature Enhancement (Week 4)
4.1 Assistant Configuration
Replace hardcoded assistant selection with configurable system prompts:
Current approach:
- Assistant selection via
assistant_key - Limited customization through Make.com
New approach:
const assistants = [
{
key: "creative_ideation",
name: "Creative Ideation Assistant",
system_prompt: "You are a creative business ideation assistant...",
model: "gpt-4o",
temperature: 0.8
},
{
key: "analytical_advisor",
name: "Analytical Business Advisor",
system_prompt: "You are a data-driven business analyst...",
model: "gpt-4o",
temperature: 0.3
}
];
4.2 Enhanced Features
- Streaming Responses: Real-time message streaming
- Custom System Prompts: Easily editable assistant personalities
- Conversation Export: Export chat history as PDF/JSON
- Advanced Filtering: Better content filtering and compliance
- Usage Analytics: Track API usage and costs
Phase 5: Security & Compliance (Week 5)
5.1 Data Protection
- Maintain existing
maskUKBankDetails()function - Add configurable content filtering
- Implement request/response logging for compliance
5.2 Rate Limiting & Safety
// Rate limiting
const rateLimit = require('express-rate-limit');
const apiLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100 // limit each user to 100 requests per windowMs
});
// Content safety
const moderationResult = await openai.moderations.create({
input: userMessage
});
Implementation Checklist
Week 1: Foundation
- Create new branch
ideas-gen-2025 - Set up local Node.js backend structure
- Install required dependencies
- Create basic Express server
- Comment out authentication for development
- Test basic frontend-backend communication
Week 2: API Migration
- Create conversation management endpoints
- Implement assistant selection API
- Set up OpenAI API integration
- Replace Make.com webhook calls
- Test message sending/receiving
- Implement basic error handling
Week 3: Data Persistence
- Choose and set up database solution
- Create data models and schemas
- Implement conversation storage
- Add message history functionality
- Test data persistence across sessions
Week 4: Feature Enhancement
- Implement configurable assistants
- Add tone-of-voice customization
- Create conversation export features
- Add streaming message responses
- Implement usage tracking
Week 5: Security & Polish
- Add comprehensive content filtering
- Implement rate limiting
- Add request logging
- Create admin panel for assistant management
- Performance optimization
- Documentation updates
Questions for Clarification
- OpenAI Model Preferences: Which OpenAI models would you prefer? (GPT-4o, GPT-4o-mini, etc.)
- Database Choice: SQLite for simplicity or PostgreSQL for features?
- Assistant Configuration: How many pre-configured assistants do you want?
- Streaming: Should we implement real-time streaming responses?
- Authentication Timeline: When do you want to re-enable authentication?
- Deployment: Local development only or eventual cloud deployment?
- Legacy Support: Should we maintain backward compatibility with existing conversations?
Benefits of the New Architecture
- Direct Control: Full control over AI behavior and responses
- Better Performance: Eliminate proxy layers and reduce latency
- Cost Optimization: Direct API usage for better cost management
- Enhanced Features: Access to latest OpenAI features and models
- Easier Debugging: Local development and debugging capabilities
- Customization: Easy assistant personality and behavior modification
- Data Ownership: Complete control over conversation data
This transition plan provides a clear path from the current Make.com-based architecture to a modern, direct OpenAI integration while maintaining the existing user experience and security standards.