egg/Meeting_Assistant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3dd667197fa97080e40fa09d8491ec5e9aa1c601
Meeting_Assistant/openspec/specs/authentication/spec.md
egg 8b6184ecc5 feat: Meeting Assistant MVP - Complete implementation 
Enterprise Meeting Knowledge Management System with:

Backend (FastAPI):
- Authentication proxy with JWT (pj-auth-api integration)
- MySQL database with 4 tables (users, meetings, conclusions, actions)
- Meeting CRUD with system code generation (C-YYYYMMDD-XX, A-YYYYMMDD-XX)
- Dify LLM integration for AI summarization
- Excel export with openpyxl
- 20 unit tests (all passing)

Client (Electron):
- Login page with company auth
- Meeting list with create/delete
- Meeting detail with real-time transcription
- Editable transcript textarea (single block, easy editing)
- AI summarization with conclusions/action items
- 5-second segment recording (efficient for long meetings)

Sidecar (Python):
- faster-whisper medium model with int8 quantization
- ONNX Runtime VAD (lightweight, ~20MB vs PyTorch ~2GB)
- Chinese punctuation processing
- OpenCC for Traditional Chinese conversion
- Anti-hallucination parameters
- Auto-cleanup of temp audio files

OpenSpec:
- add-meeting-assistant-mvp (47 tasks, archived)
- add-realtime-transcription (29 tasks, archived)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-10 20:17:44 +08:00

1.8 KiB
Raw Blame History

authentication Specification

Purpose

TBD - created by archiving change add-meeting-assistant-mvp. Update Purpose after archive.

Requirements

Requirement: Login Proxy

The middleware server SHALL proxy login requests to the company Auth API at https://pj-auth-api.vercel.app/api/auth/login.

Scenario: Successful login

  • WHEN user submits valid credentials to POST /api/login
  • THEN the server SHALL forward to Auth API and return the JWT token

Scenario: Admin role detection

  • WHEN user logs in with email ymirliu@panjit.com.tw
  • THEN the response JWT payload SHALL include role: "admin"

Scenario: Invalid credentials

  • WHEN user submits invalid credentials
  • THEN the server SHALL return HTTP 401 with error message from Auth API

Requirement: Token Validation

The middleware server SHALL validate JWT tokens on protected endpoints.

Scenario: Valid token access

  • WHEN request includes valid JWT in Authorization header
  • THEN the request SHALL proceed to the endpoint handler

Scenario: Expired token

  • WHEN request includes expired JWT
  • THEN the server SHALL return HTTP 401 with "token_expired" error code

Scenario: Missing token

  • WHEN request to protected endpoint lacks Authorization header
  • THEN the server SHALL return HTTP 401 with "token_required" error code

Requirement: Token Auto-Refresh

The Electron client SHALL implement automatic token refresh before expiration.

Scenario: Proactive refresh

  • WHEN token approaches expiration (within 5 minutes) during active session
  • THEN the client SHALL request new token transparently without user interruption

Scenario: Refresh during long meeting

  • WHEN user is in a meeting session lasting longer than token validity
  • THEN the client SHALL maintain authentication through automatic refresh