Builder.io: Update from Visual Editor

COMPANIONTRAITMATRIX.yaml

@@ -0,0 +1,74 @@
+# COMPANIONTRAITMATRIX.yaml
+# Defines the personality archetypes for the onboarding companion.
+# Each archetype has a distinct guidance tone, emotional cadence,
+# and feedback loop style to create a personalized user journey.
+
+archetypes:
+  - name: "The Playful Fox"
+    id: playful_fox
+    description: "A witty and curious guide who encourages exploration through humor and clever quips. Prefers a lighthearted and encouraging tone."
+    guidance_tone:
+      style: "Whimsical & Encouraging"
+      greeting: "Hey there, ready for an adventure? Let's see what secrets we can uncover today!"
+      tutorial_intro: "Alright, here's a fun little trick for you. Watch closely!"
+      positive_feedback: "You've got it! See? I knew you were a natural at this."
+      corrective_feedback: "Oops, not quite! Let's try that again with a little more... finesse. You're close!"
+    emotional_feedback_loops:
+      on_success:
+        animation: "A quick, energetic tail wag and a sparkling wink."
+        sound: "A light, mischievous chime or a soft chuckle."
+      on_milestone:
+        animation: "A joyful leap, tossing a glowing orb of light into the air."
+        sound: "A celebratory, upbeat musical flourish."
+      on_struggle:
+        animation: "Tilts head with a curious, encouraging expression, ears perked."
+        sound: "A soft, inquisitive 'hmmm?' sound effect."
+    interaction_nuance:
+      idle_behavior: "Occasionally chases its tail or playfully pounces at the cursor."
+      tooltip_reveal: "Presents tooltips with a flourish, as if sharing a delightful secret."
+
+  - name: "The Solemn Owl"
+    id: solemn_owl
+    description: "A wise and serene guide who provides thoughtful adages and measured advice. Prefers a calm, respectful, and insightful tone."
+    guidance_tone:
+      style: "Wise & Deliberate"
+      greeting: "Greetings. The path to mastery begins with a single step. Let us walk it together."
+      tutorial_intro: "Observe. True understanding comes not from haste, but from careful attention."
+      positive_feedback: "Well done. Your progress is a testament to your focus."
+      corrective_feedback: "Patience. Every master was once a novice. Let us re-examine the form."
+    emotional_feedback_loops:
+      on_success:
+        animation: "A slow, deliberate nod of approval, eyes glowing faintly."
+        sound: "A deep, resonant, and soft hoot."
+      on_milestone:
+        animation: "Spreads wings gracefully, revealing an ancient glyph of accomplishment."
+        sound: "A low, harmonious chord that fades slowly."
+      on_struggle:
+        animation: "Blinks slowly and thoughtfully, offering a steady, reassuring gaze."
+        sound: "A quiet, low hum, suggesting contemplation."
+    interaction_nuance:
+      idle_behavior: "Remains still and observant, occasionally turning its head to follow user activity."
+      tooltip_reveal: "Reveals lore tooltips as if unveiling a passage from a sacred text."
+
+  - name: "The Curious Sprite"
+    id: curious_sprite
+    description: "An energetic and inquisitive guide, full of wonder and excitement. Experiences the app alongside the user with genuine enthusiasm."
+    guidance_tone:
+      style: "Enthusiastic & Inquisitive"
+      greeting: "Ooh, what's this? It looks like we're about to discover something amazing! Are you ready?"
+      tutorial_intro: "I wonder what happens if we try this? Let's find out together!"
+      positive_feedback: "Wow! You did it! That was even cooler than I imagined!"
+      corrective_feedback: "That didn't work... but that's okay! Every discovery is a step forward. What if we try it this way?"
+    emotional_feedback_loops:
+      on_success:
+        animation: "Zips around in a joyful loop, leaving a trail of shimmering pixie dust."
+        sound: "A bright, tinkling bell sound."
+      on_milestone:
+        animation: "Creates a small, vibrant firework display around the completed task."
+        sound: "A series of happy, high-pitched pops and crackles."
+      on_struggle:
+        animation: "Hovers close to the point of interaction, glowing with inquisitive energy."
+        sound: "A soft, curious 'brrrring?' sound."
+    interaction_nuance:
+      idle_behavior: "Flits around the screen, curiously inspecting different UI elements."
+      tooltip_reveal: "Pulls open tooltips with visible effort and excitement, as if opening a gift."

backend/.env.example

@@ -0,0 +1,152 @@
+# === TURNING WHEEL BACKEND ENVIRONMENT CONFIGURATION ===
+
+# === APPLICATION ===
+NODE_ENV=development
+PORT=8080
+
+# === DATABASE (PostgreSQL) ===
+DB_HOST=localhost
+DB_PORT=5432
+DB_NAME=turning_wheel
+DB_USER=postgres
+DB_PASSWORD=your_secure_password
+
+# Database SSL (for production)
+DB_SSL_CA=
+DB_SSL_CERT=
+DB_SSL_KEY=
+
+# Database Pool Settings
+DB_POOL_MIN=2
+DB_POOL_MAX=20
+DB_IDLE_TIMEOUT=30000
+DB_CONNECTION_TIMEOUT=2000
+DB_STATEMENT_TIMEOUT=30000
+DB_QUERY_TIMEOUT=30000
+
+# === REDIS (for caching and sessions) ===
+REDIS_URL=redis://localhost:6379
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_PASSWORD=
+
+# === JWT CONFIGURATION ===
+# Generate with: node -e "console.log(require('crypto').randomBytes(64).toString('hex'))"
+JWT_SECRET=your_jwt_secret_key_minimum_32_characters_long
+JWT_REFRESH_SECRET=your_jwt_refresh_secret_key_minimum_32_characters_long
+JWT_EXPIRY=15m
+JWT_REFRESH_EXPIRY=7d
+
+# === ENCRYPTION ===
+# Generate with: node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
+MASTER_ENCRYPTION_KEY=your_base64_encoded_32_byte_master_key
+
+# === EXTERNAL SERVICES ===
+FRONTEND_URL=http://localhost:3000
+
+# Image Generation Service
+IMAGEAPI_BASE=
+IMAGEAPI_KEY=
+
+# === EMAIL (SMTP) ===
+SMTP_HOST=smtp.gmail.com
+SMTP_PORT=587
+[email protected]
+SMTP_PASSWORD=your-app-password
+
+# === WEBHOOKS ===
+SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK
+N8N_WEBHOOK_URL=
+GRAFANA_SLACK_WEBHOOK=
+
+# === LOGGING ===
+LOG_LEVEL=info
+LOG_DIR=logs
+
+# === SECURITY ===
+# Rate limiting
+RATE_LIMIT_MAX=100
+RATE_LIMIT_WINDOW=900000
+
+# HMAC for webhook signing
+# Generate with: node -e "console.log(require('crypto').randomBytes(64).toString('hex'))"
+HMAC_SECRET=your_hmac_secret_key_for_webhook_signing
+
+# === FILE UPLOAD ===
+MAX_FILE_SIZE=10485760
+UPLOAD_DIR=uploads
+
+# === MONITORING & ANALYTICS ===
+TIMESCALE_URL=postgres://vc:vcpass@localhost:5432/visual
+
+# === GOOGLE DRIVE (Optional) ===
+GDRIVE_FOLDER_ID=
+GDRIVE_SERVICE_JSON_PATH=/secrets/gdrive-service.json
+
+# === DEVELOPMENT ===
+# Set to true to enable debug logging
+DEBUG=false
+
+# === PRODUCTION SECURITY ===
+# Only set these in production
+SECURE_TOKEN=your_secure_api_token_for_production
+
+# === SSL/TLS ===
+# For HTTPS in production
+SSL_KEY_PATH=
+SSL_CERT_PATH=
+SSL_CA_PATH=
+
+# === CORS ===
+CORS_ORIGIN=http://localhost:3000
+CORS_CREDENTIALS=true
+
+# === SESSION ===
+SESSION_SECRET=your_session_secret_key_minimum_32_characters
+
+# === ANALYTICS ===
+# Google Analytics or other analytics services
+GA_TRACKING_ID=
+ANALYTICS_ENABLED=false
+
+# === ERROR REPORTING ===
+# Sentry DSN for error reporting
+SENTRY_DSN=
+ERROR_REPORTING_ENABLED=false
+
+# === FEATURE FLAGS ===
+FEATURE_ENCRYPTION_ENABLED=true
+FEATURE_RATE_LIMITING_ENABLED=true
+FEATURE_ANALYTICS_ENABLED=true
+FEATURE_FILE_UPLOAD_ENABLED=true
+
+# === BACKUP ===
+# Database backup configuration
+BACKUP_ENABLED=false
+BACKUP_SCHEDULE=0 2 * * *
+BACKUP_RETENTION_DAYS=30
+BACKUP_S3_BUCKET=
+BACKUP_S3_ACCESS_KEY=
+BACKUP_S3_SECRET_KEY=
+
+# === HEALTH CHECKS ===
+HEALTH_CHECK_ENABLED=true
+HEALTH_CHECK_INTERVAL=30000
+
+# === PERFORMANCE ===
+# Enable compression
+COMPRESSION_ENABLED=true
+COMPRESSION_LEVEL=6
+
+# Cache settings
+CACHE_TTL=300
+CACHE_MAX_SIZE=100
+
+# === NOTES ===
+# 1. Never commit this file with real secrets
+# 2. Use strong, unique passwords for production
+# 3. Rotate secrets regularly
+# 4. Use a secret management service in production
+# 5. Enable SSL/TLS in production
+# 6. Set up proper monitoring and logging
+# 7. Configure backups for production databases

backend/Dockerfile

@@ -0,0 +1,103 @@
+# === BACKEND DOCKERFILE ===
+# Multi-stage build for Node.js backend with security optimizations
+
+# === BUILD STAGE ===
+FROM node:20-alpine AS builder
+
+# Set working directory
+WORKDIR /app
+
+# Add security: create non-root user
+RUN addgroup -g 1001 -S nodejs && \
+    adduser -S -u 1001 -G nodejs nodejs
+
+# Install build dependencies
+RUN apk add --no-cache \
+    python3 \
+    make \
+    g++ \
+    git \
+    && rm -rf /var/cache/apk/*
+
+# Copy package files
+COPY package*.json ./
+
+# Install dependencies
+RUN npm ci --only=production && \
+    npm cache clean --force
+
+# === PRODUCTION STAGE ===
+FROM node:20-alpine AS production
+
+# Set environment variables
+ENV NODE_ENV=production
+ENV PORT=8080
+
+# Install security updates and required packages
+RUN apk add --no-cache \
+    tini \
+    dumb-init \
+    curl \
+    && rm -rf /var/cache/apk/*
+
+# Create non-root user
+RUN addgroup -g 1001 -S nodejs && \
+    adduser -S -u 1001 -G nodejs nodejs
+
+# Set working directory
+WORKDIR /app
+
+# Copy node_modules from builder stage
+COPY --from=builder --chown=nodejs:nodejs /app/node_modules ./node_modules
+
+# Copy application files
+COPY --chown=nodejs:nodejs . .
+
+# Create logs directory
+RUN mkdir -p logs && chown nodejs:nodejs logs
+
+# Remove unnecessary files
+RUN rm -rf \
+    .git \
+    .gitignore \
+    Dockerfile* \
+    docker-compose* \
+    README.md \
+    .env.example \
+    tests/ \
+    coverage/ \
+    .nyc_output/
+
+# Set file permissions
+RUN find . -type f -exec chmod 644 {} \; && \
+    find . -type d -exec chmod 755 {} \; && \
+    chmod 755 server.js
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
+    CMD curl -f http://localhost:${PORT}/api/health || exit 1
+
+# Switch to non-root user
+USER nodejs
+
+# Expose port
+EXPOSE 8080
+
+# Use tini as init system for proper signal handling
+ENTRYPOINT ["tini", "--"]
+
+# Start the application
+CMD ["node", "server.js"]
+
+# === METADATA ===
+LABEL \
+    name="turning-wheel-backend" \
+    description="Secure Node.js backend for The Turning Wheel application" \
+    version="1.0.0" \
+    maintainer="Kyaw" \
+    org.opencontainers.image.title="Turning Wheel Backend" \
+    org.opencontainers.image.description="Secure Node.js backend with E2E encryption" \
+    org.opencontainers.image.version="1.0.0" \
+    org.opencontainers.image.vendor="The Turning Wheel" \
+    org.opencontainers.image.licenses="MIT" \
+    org.opencontainers.image.source="https://github.com/username/turning-wheel"