summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2026-06-23nginx: 404 the .well-known/ OAuth probes for the MCP connectorTom Flux
claude.ai's custom-connector flow probes /.well-known/oauth-* during setup. The catch-all 301 -> /app/ made those return the Kitchen login page (200), so claude.ai mistook it for an OAuth sign-in service, tried Dynamic Client Registration, and failed. Returning 404 makes it treat the server as authless and connect. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23fix service groupTom Flux
2026-06-23mcp group to uvTom Flux
2026-06-23Fix bulk-pantry-add crash on null unit (found in live MCP testing)Tom Flux
End-to-end testing (MCP client -> FastMCP -> Django) surfaced a 500: adding an item with an explicit `unit: null` (as add_to_pantry sends for items without a unit) hit a NOT NULL violation, because `item_data.get("unit", "items")` returns None when the key is present. - views.bulk_pantry_add: `item_data.get("unit") or "items"` — tolerate null/empty unit. - mcp_server add_to_pantry: omit quantity/unit from the payload when unset, so the API applies its own defaults. - test: bulk-add with unit/quantity = null returns 201 (25 pass). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23Phase 3b: FastMCP "ai service" for claude.ai cooking modeTom Flux
A standalone MCP server (no Django import) exposing 7 tools over Streamable HTTP, backed by the Django REST API via the caine token. - mcp_server/: client.py (httpx wrapper over /api/), server.py (the tools + FastMCP app + main), __main__.py, tests.py. - Tools: get_pantry, set_item_state, add_to_pantry, what_can_i_cook, get_recipes, log_cook (suggests, never mutates), create_meta_recipe (brainstorm -> commit). Each description says when to call it. - deploy/food-mcp.service: systemd unit (own process, runs .venv python -m mcp_server, loads /var/lib/food/.env). - deploy/food.tomflux.xyz.nginx: current config + an authless /mcp/<secret>/ location proxying to 127.0.0.1:8765 (the URL secret is the credential; SSE-friendly buffering/timeout). - pyproject: [dependency-groups] mcp = [fastmcp, httpx]; deploy with `uv sync --group mcp`. Verified: 7 tools register on fastmcp 3.x, run() accepts transport/ host/port/path, 6 FoodClient unit tests pass (httpx MockTransport). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23Phase 3a: close the Django API gaps for the MCP serverTom Flux
Backend prerequisites for the FastMCP service (mcp.md §6) — no model changes, no migration. - log_cook: accepts `rating`, validates via full_clean (enforces the exactly-one-recipe rule), and returns `used_ingredients` as a suggestion set instead of mutating the pantry. Auto-deduct path and _deduct_ingredient removed — pantry state changes only via set-state after the user confirms. - New POST /api/pantry/set-state/ — set in/low/out by ingredient name (alias-aware), optional location; registered before the router so the pantry detail route doesn't capture "set-state" as a pk. - what_can_i_cook: presence-based (exclude 'out', tolerate null quantity) so the API matcher agrees with the web one. - bulk-pantry-add: restocks an existing ingredient+location row to 'in' instead of duplicating; quantity is an optional int. Tests cover all four + that pantry `state` is serialized (24 pass). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23Add MCP server spec; mark phases 1-2 done in planTom Flux
mcp.md specs the Phase 3 FastMCP "ai service": tools, the Django API gaps to close, authless-connector + URL-secret auth, and the brainstorm->commit path for meta-recipes and cook logs. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23auth: trust nginx HTTPS proxy for CSRF (SECURE_PROXY_SSL_HEADER + ↵HEADmasterauthTom Flux
CSRF_TRUSTED_ORIGINS) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23Phase 2: session auth for the web UITom Flux
Require login for /app/, with a long sliding session so you log in once per device and effectively stay in. - AppLoginRequiredMiddleware gates only /app/; /api/ keeps DRF token auth and /admin/ keeps its own login (a blanket LoginRequired would break token requests, whose user isn't resolved until the view runs). - Login page (styled to the dark palette) via django.contrib.auth.urls; logout control in the nav. - Session: ~1 year cookie, sliding (saved every request), survives browser close. - Dropped every @csrf_exempt now that a real session + CSRF token are in place (HTMX already sends X-CSRFToken). - SECRET_KEY and DEBUG now read from the environment (prod-safe defaults); systemd loads an optional /var/lib/food/.env. - Tests authenticate, plus new coverage: /app/ redirects when logged out, login grants access, /api/ is not caught by the app gate. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23move to uvpantry-redesignTom Flux
2026-06-23Migrate dependency management to uvTom Flux
Replace requirements.txt with pyproject.toml (direct deps only; uv resolves the rest into uv.lock). Point the systemd unit at the uv-managed .venv, and gitignore it. Run `uv lock` to generate the lockfile and commit it. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23Phase 1: mobile-first pantry redesign with In/Low/Out stateTom Flux
Track presence (In/Low/Out) as the primary signal instead of exact quantities; quantity becomes an optional integer, unit optional too (migration 0003 backfills state from quantity: 0 -> out, else in). - Pantry rebuilt as a phone-first card list: colored state rail, segmented In/Low/Out switch (server-driven HTMX), greyed out-items, live summary counts. - Fast add: bottom add bar with type-ahead autocomplete, location picker, and quick-add chips for things you've run out of. - Per-item menu (move / set expiry / delete); expiry is now an optional quiet pill, never required. - New endpoints: pantry search + set-state; dropped the old edit-expiry/cancel flow and its partial. - Recipes matcher made presence-based (have-it beats have-enough); state added to admin. Tests cover state, add/restock, search, presence matching, and page rendering. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23Add planning docs: research, requirements, redesign planTom Flux
Research of current state, requirements for the web-first pivot (pantry polish -> auth -> MCP), and the phased implementation plan. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-22Simplify from claudeTom Flux
2026-04-02Add food.tomflux.xyz to ALLOWED_HOSTSCaine
2026-04-02Pantry move/expiry edit + smart shopping list with summaryCaine
- Move items between fridge↔freezer (freezer→fridge sets +7d or shelf life expiry, fridge→freezer clears expiry) - Inline expiry date editor on fridge items (📅 button) - Smart shopping list now shows recipe gaps (missing required slot ingredients) - Summary card shows breakdown: X staple restocks, Y expiring, Z recipe gaps
2026-04-02CSRF exempt HTMX views (localhost-only app)Caine
2026-04-02Fix CSRF for HTMX POST requestsCaine
2026-04-02Phase 4: HTMX frontend with dark paletteCaine
- 4 pages: Pantry, Recipes, Shopping List, Cook Log - HTMX-powered: add/delete pantry items, toggle shopping, generate smart list - Custom 13-colour palette from Lospec (dark bg, yellow accent) - Mobile-responsive - Whitenoise for static files in production - All routes under /app/ - API (/api/) stays internal, frontend (/app/) for browser use
2026-04-02Add rating + preferences fields, log first cook feedbackCaine
- Ingredient.preferences: qualitative notes on how Tom likes things cooked - CookLog.rating: 1-5 score - CookLog.notes: help text updated for feedback - Migration 0002 - First cook logged: Baked Pasta with lardons, rated 2/5 - Bacon lardons preference: don't oven bake, fry separately, not solo protein
2026-04-02Add create-meta-recipe endpoint with nested slots/options/basesCaine
- POST /api/create-meta-recipe/ creates full meta-recipe in one call - PUT /api/create-meta-recipe/ updates existing (requires id) - Auto-resolves ingredients by name/alias, creates new if not found - Returns full nested response with _created_ingredients list - New writable serializers: MetaRecipeWriteSerializer, SlotWriteSerializer, etc.
2026-04-02Phase 2+3: bulk pantry add, smart shopping list, recipe URL importCaine
2026-04-02Add recipe-scrapers dependencyCaine
2026-04-02Update README: Phase 2 complete, API docs, file structureCaine
2026-04-02Add API: URLs, token auth, what-can-i-cook endpoint, log-cook with pantry ↵Caine
deduction, browsable API
2026-04-02Add DRF serializers, viewsets, what-can-i-cook endpoint, log-cook with ↵Caine
pantry deduction
2026-04-01Fix seed: use ingredient+location for get_or_create, add missing freezer itemsCaine
2026-04-01Add requirements.txtCaine
2026-04-01Add README with architecture, setup, models, business rules, and phase planCaine
2026-04-01Add seed command: 29 ingredients, pantry from Pantry.md, 2 meta-recipes ↵Caine
(stir fry + traybake)
2026-04-01Add initial migration, create superuserCaine
2026-04-01Configure settings: add kitchen app, DRF, timezone, allowed hostsCaine
2026-04-01Add all Django models: pantry, ingredients, meta-recipes, recipes, cook log, ↵Caine
shopping list
2026-04-01Initial commit: gitignoreCaine