Oliver/nano-pro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19 commits 1 branch 0 tags 196 KiB
Commit graph

5 commits

Author SHA1 Message Date
DJP
0621cf10ad Add webhook logging for all user actions 
Implemented complete webhook integration following the pattern
from AI-ASSISTANT app. All user actions now logged to Make.com.

NEW FILE:
- webhook_logger.php - Central webhook utility

WEBHOOK FUNCTIONS:
- sendToWebhook($data) - Core webhook sender
- logImageGeneration() - Log image creation/edits
- logPromptEnhancement() - Log prompt enhancements
- logUserAction() - Log general actions

WEBHOOK URL:
https://hook.us1.make.celonis.com/sbhcpk0athbdbxxmgijxc5sbwtjsg33h

DATA SENT:

Image Generation:
- client: 'Internal'
- deliverableNumber: 'NANO-{timestamp}'
- userEmail: from auth or anonymous
- generationType: 'Nano Banana Pro - Imagen 3'
- actionType: 'generate' or 'edit'
- prompt: user's prompt
- settings: {aspectRatio, imageSize, model}
- imageFile: 'data:image/png;base64,{image}'

Prompt Enhancement:
- generationType: 'Nano Banana Pro - Prompt Enhancement'
- actionType: 'prompt_enhancement'
- originalPrompt: scene description
- enhancedPrompt: AI-enhanced result
- settings: {camera, lens, application, creativeFreedom}

INTEGRATION POINTS:
- api.php - Logs every image generation/edit
- enhance_prompt.php - Logs every prompt enhancement
- Auth status included (user email)

ERROR HANDLING:
- Webhook failures don't break the app
- Errors logged to error_log
- 10 second timeout on webhook calls
- Graceful degradation

All user actions now tracked in Make.com! 📊

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>
 2025-12-16 11:55:23 -05:00
DJP
747005733c Make API auth checks resilient - always return JSON 
CRITICAL FIX: APIs now always return JSON even if auth fails

Problem:
- Auth errors in api.php/enhance_prompt.php returned HTML
- JavaScript expected JSON, got "<br /><b>..." HTML error
- Result: "Unexpected token '<'" parse error

Solution:
- Wrapped auth checks in try-catch blocks
- Always return proper JSON responses
- Auth errors logged but don't break API
- Graceful fallback if auth system unavailable

Changes:
1. api.php - Try-catch around auth check
2. enhance_prompt.php - Try-catch around auth check
3. Both files: Continue without auth if error occurs
4. Errors logged to error_log for debugging

Benefits:
 APIs always return valid JSON
 No more "Unexpected token" errors
 App works during deployment/setup
 Can test without auth system fully configured
 Production-ready with auth when enabled

Image generation and prompt enhancement now work even if
auth system has configuration issues!

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>
 2025-12-16 11:29:03 -05:00
DJP
61aa1931bb Add MSAL/Azure AD authentication with toggle support 
Implemented complete Microsoft Authentication Library (MSAL) / Azure AD
Single Sign-On (SSO) system following Ferrero app pattern.

KEY FEATURE: Toggle authentication on/off via environment variable
- SSO_ENABLED=false → Mock user, no login required (local dev)
- SSO_ENABLED=true → Full Azure AD authentication (production)

NEW FILES:
- composer.json - Firebase JWT dependency
- .env.example - Environment variable template
- env_loader.php - Parse .env file
- JWTValidator.php - Validate JWT tokens from Azure AD
- AuthMiddleware.php - Core auth orchestrator with login UI
- auth.php - Authentication API (login/logout/status)
- auth-test.php - Debug authentication status
- AUTH_README.md - Complete setup documentation

UPDATED FILES:
- config.php - Load env vars, add SSO constants
- index.php - Require auth, add logout button, MSAL script
- api.php - Add authentication check
- enhance_prompt.php - Add authentication check
- .gitignore - Exclude .env and vendor/

AUTHENTICATION FLOW:
1. User visits app → Auth check
2. If SSO disabled → Mock "Local Developer" user
3. If SSO enabled → Validate JWT from cookie
4. If no token → Show MSAL login page
5. User signs in → Token validated → Cookie set → App loads

SECURITY FEATURES:
 httpOnly cookies (XSS prevention)
 SameSite=Lax (CSRF prevention)
 JWT signature validation
 Claims validation (exp, nbf, aud, iss)
 JWKS from Azure AD
 24-hour token expiration
 Secure flag for HTTPS

DEPENDENCIES INSTALLED:
- firebase/php-jwt v6.11.1

TESTING:
- Local: SSO disabled by default in .env
- Server: Set SSO_ENABLED=true with Azure AD credentials
- Cannot test MSAL locally (redirect URI bound to server)

DEPLOYMENT:
1. Install composer dependencies
2. Configure .env with Azure AD credentials
3. Set SSO_ENABLED=true when ready
4. Visit auth-test.php to verify setup

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>
 2025-12-16 10:08:07 -05:00
DJP
7d1cd03a32 Add multi-user support with 24-hour image expiration 
Implemented complete session management system for multiple users:

**New Features:**
- Isolated user sessions with unique session IDs
- File-based image storage (not in PHP session)
- Automatic 24-hour image expiration
- Session directories: uploads/sessions/{session_id}/
- Images stored with metadata (creation time, expiry, MIME type)

**New Files:**
- session_manager.php - Complete session management class
- cleanup.php - Cron script to delete expired images
- uploads/.htaccess - Security: prevent direct file access

**Updated Files:**
- api.php - Uses SessionManager for file-based storage
- index.php - Loads images from disk via SessionManager
- .gitignore - Exclude user uploads from repository

**Usage:**
- Each user gets isolated session automatically
- Images auto-delete after 24 hours
- Run cleanup.php via cron: `0 * * * * php cleanup.php`

**Security:**
- Session IDs regenerated on first access
- Upload directory protected by .htaccess
- User images isolated by session

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>
 2025-12-16 08:56:26 -05:00
DJP
4deed84ba0 Initial commit: Nano AI Image Generator 
- Complete working image generation app using Imagen 3
- PHP backend with Gemini API integration
- Dark themed UI with prompt enhancement
- Session management and logging system

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>
 2025-12-16 08:35:02 -05:00