mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Compare commits

base: mosaic:feat/usage-widget
Branches Tags
mosaic:main mosaic:fix/orchestrator-widget-endpoints mosaic:fix/dashboard-widget-mock-data mosaic:fix/ci-glibc-image mosaic:fix/dockerfile-npmrc mosaic:fix/matrix-native-binary mosaic:fix/kaniko-cache mosaic:fix/base-image-kaniko-v2 mosaic:fix/base-image-kaniko mosaic:feat/custom-base-image mosaic:ci/pnpm-cache mosaic:fix/interceptor-tests mosaic:fix/kanban-tests mosaic:feat/wire-chat mosaic:feat/usage-widget mosaic:fix/security-hardening mosaic:fix/project-domain-v2 mosaic:feat/kanban-add-task mosaic:fix/project-domain-attach mosaic:fix/logs-page-clean mosaic:fix/workspace-members mosaic:fix/ci-lint-632 mosaic:fix/file-manager-tags mosaic:fix/csrf-debug-log mosaic:fix/controller-type-imports mosaic:fix/system-admin-env mosaic:fix/gateway-cors-trusted-origins mosaic:feat/project-detail-page mosaic:fix/fleet-provider-form-dto-v2 mosaic:fix/ms22-audit mosaic:fix/orchestrator-widgets mosaic:fix/fleet-provider-form-dto mosaic:fix/csrf-bearer-bypass mosaic:fix/ms22-missing-authmodule-imports mosaic:fix/container-lifecycle-config-module mosaic:fix/swarm-compose-ms22-vars mosaic:chore/ms22-p1-complete mosaic:feat/ms22-p1h-settings-ui mosaic:feat/ms22-p1f-onboarding-ui mosaic:feat/ms22-p1i-chat-proxy mosaic:feat/ms22-p1k-idle-reaper mosaic:feat/ms22-p1j-docker mosaic:feat/ms22-p1e-onboarding-api mosaic:feat/ms22-p1g-settings-api mosaic:feat/ms22-p1d-container-mgr mosaic:feat/ms22-p1c-config-api mosaic:chore/ms22-prd-tracking mosaic:feat/ms22-p1a-schema mosaic:feat/ms22-p1b-crypto mosaic:chore/ms22-p1-tasks mosaic:docs/ms22-architecture mosaic:feat/ms22-openclaw-docker mosaic:feat/ms22-openclaw-gateway-module mosaic:chore/ms21-complete mosaic:chore/ms21-final-tasks-done mosaic:fix/ms21-ui-001-qa mosaic:test/ms21-ui-tests mosaic:chore/ms21-tasks-sync mosaic:chore/ms22-phase0-complete mosaic:feat/ms22-ingest-clean mosaic:feat/ms21-ui-users-members mosaic:feat/ms22-task-agent mosaic:chore/tasks-final mosaic:chore/tasks-update mosaic:feat/ms21-session-invalidation mosaic:feat/ms21-rbac-settings mosaic:feat/ms21-teams-page mosaic:feat/ms21-users-page mosaic:feat/ms19-terminal-persistence
mosaic:v0.0.21 mosaic:v0.20.0 mosaic:v0.0.15 mosaic:v0.0.2
..
compare: mosaic:fix/project-domain-v2
Branches Tags
mosaic:main mosaic:fix/orchestrator-widget-endpoints mosaic:fix/dashboard-widget-mock-data mosaic:fix/ci-glibc-image mosaic:fix/dockerfile-npmrc mosaic:fix/matrix-native-binary mosaic:fix/kaniko-cache mosaic:fix/base-image-kaniko-v2 mosaic:fix/base-image-kaniko mosaic:feat/custom-base-image mosaic:ci/pnpm-cache mosaic:fix/interceptor-tests mosaic:fix/kanban-tests mosaic:feat/wire-chat mosaic:feat/usage-widget mosaic:fix/security-hardening mosaic:fix/project-domain-v2 mosaic:feat/kanban-add-task mosaic:fix/project-domain-attach mosaic:fix/logs-page-clean mosaic:fix/workspace-members mosaic:fix/ci-lint-632 mosaic:fix/file-manager-tags mosaic:fix/csrf-debug-log mosaic:fix/controller-type-imports mosaic:fix/system-admin-env mosaic:fix/gateway-cors-trusted-origins mosaic:feat/project-detail-page mosaic:fix/fleet-provider-form-dto-v2 mosaic:fix/ms22-audit mosaic:fix/orchestrator-widgets mosaic:fix/fleet-provider-form-dto mosaic:fix/csrf-bearer-bypass mosaic:fix/ms22-missing-authmodule-imports mosaic:fix/container-lifecycle-config-module mosaic:fix/swarm-compose-ms22-vars mosaic:chore/ms22-p1-complete mosaic:feat/ms22-p1h-settings-ui mosaic:feat/ms22-p1f-onboarding-ui mosaic:feat/ms22-p1i-chat-proxy mosaic:feat/ms22-p1k-idle-reaper mosaic:feat/ms22-p1j-docker mosaic:feat/ms22-p1e-onboarding-api mosaic:feat/ms22-p1g-settings-api mosaic:feat/ms22-p1d-container-mgr mosaic:feat/ms22-p1c-config-api mosaic:chore/ms22-prd-tracking mosaic:feat/ms22-p1a-schema mosaic:feat/ms22-p1b-crypto mosaic:chore/ms22-p1-tasks mosaic:docs/ms22-architecture mosaic:feat/ms22-openclaw-docker mosaic:feat/ms22-openclaw-gateway-module mosaic:chore/ms21-complete mosaic:chore/ms21-final-tasks-done mosaic:fix/ms21-ui-001-qa mosaic:test/ms21-ui-tests mosaic:chore/ms21-tasks-sync mosaic:chore/ms22-phase0-complete mosaic:feat/ms22-ingest-clean mosaic:feat/ms21-ui-users-members mosaic:feat/ms22-task-agent mosaic:chore/tasks-final mosaic:chore/tasks-update mosaic:feat/ms21-session-invalidation mosaic:feat/ms21-rbac-settings mosaic:feat/ms21-teams-page mosaic:feat/ms21-users-page mosaic:feat/ms19-terminal-persistence
mosaic:v0.0.21 mosaic:v0.20.0 mosaic:v0.0.15 mosaic:v0.0.2

1 Commits
feat/usage ... fix/projec

Author SHA1 Message Date
Jason Woltje
0b72345c6b fix: add domainId to project DTOs and project create UI
Some checks failed
ci/woodpecker/push/ci Pipeline failed
Details
2026-03-01 16:33:18 -06:00
6 changed files with 1 additions and 361 deletions
Expand all files Collapse all files

1
apps/api/package.json
View File

@@ -62,7 +62,6 @@
"discord.js": "^14.25.1", "discord.js": "^14.25.1",
"dockerode": "^4.0.9", "dockerode": "^4.0.9",
"gray-matter": "^4.0.3", "gray-matter": "^4.0.3",
"helmet": "^8.1.0",
"highlight.js": "^11.11.1", "highlight.js": "^11.11.1",
"ioredis": "^5.9.2", "ioredis": "^5.9.2",
"jose": "^6.1.3", "jose": "^6.1.3",

2
apps/api/src/auth/auth.controller.ts
View File

@@ -106,7 +106,7 @@ export class AuthController {
// @SkipCsrf avoids double-protection conflicts. // @SkipCsrf avoids double-protection conflicts.
// See: https://www.better-auth.com/docs/reference/security // See: https://www.better-auth.com/docs/reference/security
@SkipCsrf() @SkipCsrf()
@Throttle({ default: { ttl: 60_000, limit: 5 } }) @Throttle({ strict: { limit: 10, ttl: 60000 } })
async handleAuth(@Req() req: ExpressRequest, @Res() res: ExpressResponse): Promise<void> { async handleAuth(@Req() req: ExpressRequest, @Res() res: ExpressResponse): Promise<void> {
// Extract client IP for logging // Extract client IP for logging
const clientIp = this.getClientIp(req); const clientIp = this.getClientIp(req);

9
apps/api/src/main.ts
View File

@@ -1,7 +1,6 @@
import { NestFactory } from "@nestjs/core"; import { NestFactory } from "@nestjs/core";
import { RequestMethod, ValidationPipe } from "@nestjs/common"; import { RequestMethod, ValidationPipe } from "@nestjs/common";
import cookieParser from "cookie-parser"; import cookieParser from "cookie-parser";
import helmet from "helmet";
import { AppModule } from "./app.module"; import { AppModule } from "./app.module";
import { getTrustedOrigins } from "./auth/auth.config"; import { getTrustedOrigins } from "./auth/auth.config";
import { GlobalExceptionFilter } from "./filters/global-exception.filter"; import { GlobalExceptionFilter } from "./filters/global-exception.filter";
@@ -34,14 +33,6 @@ async function bootstrap() {
// Enable cookie parser for session handling // Enable cookie parser for session handling
app.use(cookieParser()); app.use(cookieParser());
// Enable helmet security headers
app.use(
helmet({
contentSecurityPolicy: false, // Let Next.js handle CSP
crossOriginEmbedderPolicy: false,
})
);
// Enable global validation pipe with transformation // Enable global validation pipe with transformation
app.useGlobalPipes( app.useGlobalPipes(
new ValidationPipe({ new ValidationPipe({

4
apps/web/src/components/layout/AppHeader.tsx
View File

@@ -5,7 +5,6 @@ import Link from "next/link";
import { usePathname } from "next/navigation"; import { usePathname } from "next/navigation";
import { useAuth } from "@/lib/auth/auth-context"; import { useAuth } from "@/lib/auth/auth-context";
import { ThemeToggle } from "./ThemeToggle"; import { ThemeToggle } from "./ThemeToggle";
import { UsageWidget } from "@/components/ui/UsageWidget";
import { useSidebar } from "./SidebarContext"; import { useSidebar } from "./SidebarContext";
/** /**
@@ -351,9 +350,6 @@ export function AppHeader(): React.JSX.Element {
{/* Theme Toggle */} {/* Theme Toggle */}
<ThemeToggle /> <ThemeToggle />
{/* Usage Widget */}
<UsageWidget />
{/* User Avatar + Dropdown */} {/* User Avatar + Dropdown */}
<div ref={dropdownRef} style={{ position: "relative", flexShrink: 0 }}> <div ref={dropdownRef} style={{ position: "relative", flexShrink: 0 }}>
<button <button

337
apps/web/src/components/ui/UsageWidget.tsx
View File

@@ -1,337 +0,0 @@
"use client";
import { useState, useEffect, useRef, useCallback } from "react";
import { fetchUsageSummary, type UsageSummary } from "@/lib/api/telemetry";
// ─── Types ───────────────────────────────────────────────────────────
interface UsageTier {
name: string;
tokens: number;
limit: number;
percentage: number;
}
// ─── Helpers ─────────────────────────────────────────────────────────
function getUsageColor(percentage: number): string {
if (percentage < 60) return "var(--success)";
if (percentage < 80) return "var(--warn)";
return "var(--danger)";
}
function formatTokens(value: number): string {
if (value >= 1_000_000) return `${(value / 1_000_000).toFixed(1)}M`;
if (value >= 1_000) return `${(value / 1_000).toFixed(1)}K`;
return value.toFixed(0);
}
// ─── Component ───────────────────────────────────────────────────────
export function UsageWidget(): React.JSX.Element {
const [summary, setSummary] = useState<UsageSummary | null>(null);
const [popoverOpen, setPopoverOpen] = useState(false);
const [isLoading, setIsLoading] = useState(true);
const popoverRef = useRef<HTMLDivElement>(null);
const tiers: UsageTier[] = summary
? [
{
name: "Session",
tokens: summary.totalTokens,
limit: 100_000,
percentage: (summary.totalTokens / 100_000) * 100,
},
{
name: "Daily",
tokens: summary.totalTokens,
limit: 500_000,
percentage: (summary.totalTokens / 500_000) * 100,
},
{
name: "Monthly",
tokens: summary.totalTokens,
limit: 2_000_000,
percentage: (summary.totalTokens / 2_000_000) * 100,
},
]
: [];
const currentTier = tiers[0];
const usageColor = currentTier ? getUsageColor(currentTier.percentage) : "var(--muted)";
const loadSummary = useCallback(async () => {
try {
const data = await fetchUsageSummary("30d");
setSummary(data);
} catch (err) {
console.error("Failed to load usage summary:", err);
} finally {
setIsLoading(false);
}
}, []);
useEffect(() => {
void loadSummary();
}, [loadSummary]);
useEffect(() => {
function handleClickOutside(event: MouseEvent): void {
if (popoverRef.current && !popoverRef.current.contains(event.target as Node)) {
setPopoverOpen(false);
}
}
if (!popoverOpen) {
return;
}
document.addEventListener("mousedown", handleClickOutside);
return (): void => {
document.removeEventListener("mousedown", handleClickOutside);
};
}, [popoverOpen]);
const pct = currentTier ? Math.min(currentTier.percentage, 100) : 0;
return (
<div ref={popoverRef} style={{ position: "relative" }}>
<button
onClick={(): void => {
setPopoverOpen((prev) => !prev);
}}
aria-label="Usage widget"
aria-expanded={popoverOpen}
aria-haspopup="true"
className="hidden lg:flex items-center"
style={{
gap: 6,
padding: "5px 10px",
borderRadius: 6,
background: "var(--surface)",
border: `1px solid ${popoverOpen ? usageColor : "var(--border)"}`,
fontSize: "0.75rem",
fontFamily: "var(--mono)",
color: "var(--text-2)",
cursor: "pointer",
transition: "border-color 0.15s, color 0.15s",
flexShrink: 0,
}}
onMouseEnter={(e): void => {
(e.currentTarget as HTMLButtonElement).style.borderColor = usageColor;
(e.currentTarget as HTMLButtonElement).style.color = "var(--text)";
}}
onMouseLeave={(e): void => {
if (!popoverOpen) {
(e.currentTarget as HTMLButtonElement).style.borderColor = "var(--border)";
(e.currentTarget as HTMLButtonElement).style.color = "var(--text-2)";
}
}}
>
<svg
width="12"
height="12"
viewBox="0 0 16 16"
fill="none"
stroke="currentColor"
strokeWidth="2"
strokeLinecap="round"
strokeLinejoin="round"
style={{ color: usageColor, flexShrink: 0 }}
aria-hidden="true"
>
<path d="M9 1L3 9h5l-1 6 6-8H8l1-6z" />
</svg>
<span style={{ fontWeight: 500, color: "var(--text-2)" }}>
{isLoading ? "..." : summary ? formatTokens(summary.totalTokens) : "0"}
</span>
{!isLoading && currentTier && (
<div
style={{
width: 24,
height: 4,
borderRadius: 2,
background: "var(--bg-mid)",
overflow: "hidden",
flexShrink: 0,
}}
aria-hidden="true"
>
<div
style={{
width: `${String(pct)}%`,
height: "100%",
background: usageColor,
borderRadius: 2,
transition: "width 0.3s ease-out",
}}
/>
</div>
)}
{!isLoading && currentTier && (
<span style={{ fontWeight: 600, color: usageColor, minWidth: 32, textAlign: "right" }}>
{Math.round(currentTier.percentage)}%
</span>
)}
</button>
{popoverOpen && (
<div
role="dialog"
aria-label="Usage details"
style={{
position: "absolute",
top: "calc(100% + 8px)",
right: 0,
width: 280,
background: "var(--surface)",
border: "1px solid var(--border)",
borderRadius: 8,
padding: 12,
boxShadow: "0 8px 32px rgba(0,0,0,0.3)",
zIndex: 200,
}}
>
<div
style={{
fontSize: "0.83rem",
fontWeight: 600,
color: "var(--text)",
marginBottom: 12,
paddingBottom: 8,
borderBottom: "1px solid var(--border)",
}}
>
Token Usage
</div>
{isLoading ? (
<div
style={{
textAlign: "center",
padding: "20px 0",
color: "var(--muted)",
fontSize: "0.75rem",
}}
>
Loading usage data
</div>
) : summary ? (
<>
<div style={{ marginBottom: 12, display: "flex", flexDirection: "column", gap: 8 }}>
<div
style={{ display: "flex", justifyContent: "space-between", fontSize: "0.75rem" }}
>
<span style={{ color: "var(--muted)" }}>Total Tokens</span>
<span style={{ color: "var(--text)", fontFamily: "var(--mono)" }}>
{formatTokens(summary.totalTokens)}
</span>
</div>
<div
style={{ display: "flex", justifyContent: "space-between", fontSize: "0.75rem" }}
>
<span style={{ color: "var(--muted)" }}>Estimated Cost</span>
<span style={{ color: "var(--text)", fontFamily: "var(--mono)" }}>
${summary.totalCost.toFixed(2)}
</span>
</div>
<div
style={{ display: "flex", justifyContent: "space-between", fontSize: "0.75rem" }}
>
<span style={{ color: "var(--muted)" }}>Tasks</span>
<span style={{ color: "var(--text)", fontFamily: "var(--mono)" }}>
{summary.taskCount}
</span>
</div>
</div>
<div style={{ display: "flex", flexDirection: "column", gap: 10 }}>
{tiers.map((tier) => {
const tierPct = Math.min(tier.percentage, 100);
return (
<div key={tier.name}>
<div
style={{
display: "flex",
justifyContent: "space-between",
fontSize: "0.75rem",
marginBottom: 4,
}}
>
<span style={{ color: "var(--text-2)" }}>{tier.name}</span>
<span
style={{
color: getUsageColor(tier.percentage),
fontFamily: "var(--mono)",
fontWeight: 500,
}}
>
{formatTokens(tier.tokens)} / {formatTokens(tier.limit)}
</span>
</div>
<div
style={{
width: "100%",
height: 6,
borderRadius: 3,
background: "var(--bg-mid)",
overflow: "hidden",
}}
>
<div
style={{
width: `${String(tierPct)}%`,
height: "100%",
background: getUsageColor(tier.percentage),
borderRadius: 3,
transition: "width 0.3s ease-out",
}}
/>
</div>
</div>
);
})}
</div>
<a
href="/usage"
onClick={(): void => {
setPopoverOpen(false);
}}
style={{
display: "block",
marginTop: 12,
paddingTop: 8,
borderTop: "1px solid var(--border)",
fontSize: "0.75rem",
color: "var(--primary)",
textDecoration: "none",
textAlign: "center",
}}
onMouseEnter={(e): void => {
(e.currentTarget as HTMLAnchorElement).style.textDecoration = "underline";
}}
onMouseLeave={(e): void => {
(e.currentTarget as HTMLAnchorElement).style.textDecoration = "none";
}}
>
View detailed usage
</a>
</>
) : (
<div
style={{
textAlign: "center",
padding: "20px 0",
color: "var(--muted)",
fontSize: "0.75rem",
}}
>
No usage data available
</div>
)}
</div>
)}
</div>
);
}

9
pnpm-lock.yaml generated
View File

@@ -180,9 +180,6 @@ importers:
gray-matter: gray-matter:
specifier: ^4.0.3 specifier: ^4.0.3
version: 4.0.3 version: 4.0.3
helmet:
specifier: ^8.1.0
version: 8.1.0
highlight.js: highlight.js:
specifier: ^11.11.1 specifier: ^11.11.1
version: 11.11.1 version: 11.11.1
@@ -5213,10 +5210,6 @@ packages:
resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==}
engines: {node: '>= 0.4'} engines: {node: '>= 0.4'}
helmet@8.1.0:
resolution: {integrity: sha512-jOiHyAZsmnr8LqoPGmCjYAaiuWwjAPLgY8ZX2XrmHawt99/u1y6RgrZMTeoPfpUbV96HOalYgz1qzkRbw54Pmg==}
engines: {node: '>=18.0.0'}
highlight.js@11.11.1: highlight.js@11.11.1:
resolution: {integrity: sha512-Xwwo44whKBVCYoliBQwaPvtd/2tYFkRQtXDWj1nackaV2JPXx3L0+Jvd8/qCJ2p+ML0/XVkJ2q+Mr+UVdpJK5w==} resolution: {integrity: sha512-Xwwo44whKBVCYoliBQwaPvtd/2tYFkRQtXDWj1nackaV2JPXx3L0+Jvd8/qCJ2p+ML0/XVkJ2q+Mr+UVdpJK5w==}
engines: {node: '>=12.0.0'} engines: {node: '>=12.0.0'}
@@ -12822,8 +12815,6 @@ snapshots:
dependencies: dependencies:
function-bind: 1.1.2 function-bind: 1.1.2
helmet@8.1.0: {}
highlight.js@11.11.1: {} highlight.js@11.11.1: {}
html-encoding-sniffer@4.0.0: html-encoding-sniffer@4.0.0: