Michael Chihlas
c7cd711859
Eighth commit in the session-expiration-policy series. Surfaces all
the owner controls and user-facing expiry UX that the prior commits
plumbed through, designed end-to-end via /plan-design-review (initial
4/10 -> final 9/10; 7 decisions locked in the plan).
Backend additions:
- accounts/me/security GET response gains active_users: list of
{user_id, name, email, last_login_at} for users in this account
with at least one un-revoked refresh token. Joined query on
refresh_tokens + users, distinct, ordered by last_login desc.
Drives the Active Sessions section.
Frontend additions:
- api/accountSecurity.ts: typed client for GET/PATCH/revoke-sessions.
- hooks/useAuthSessionExpiry.ts: reads idle/absolute expiry from the
auth store, returns warning ('none'|'soon'|'now') + reason
('idle'|'absolute') so consumers can pick the right UX for the
closer window. Re-evaluates every 30s.
- components/common/SessionExpiryToast.tsx: top-of-app notice that
fires at T-5min. Idle case: warning-amber tone, [Stay signed in]
button hits authApi.refresh() and updates the store on success.
Absolute case: info-cyan tone, [Sign in now] link to /login (no
recoverable action). Dismissable, doesn't re-fire after dismissal.
- components/account/RevokeSessionsModal.tsx: confirmation modal for
the two bulk-revoke scopes. Title, body, and confirm-label vary by
scope; danger-styled confirm button.
- pages/account/AccountSecuritySettingsPage.tsx: the main page.
Header (Shield icon), intro, Policy card with Strict/Standard/Custom
radios + always-visible-disabled Custom inputs (idle/absolute
minutes) with inline validation, Save button + emerald success ping,
info note about 'applies at next login'. Active sessions card with
count-aware copy, list of {name, email, last-login-ago} rows
(caller tagged '(you)'), two buttons — 'except me' hidden when
count=1, 'sign me out and everyone else' uses danger-tinted styling.
- pages/AccountSettingsPage.tsx: 'Session security' row added to the
owner-only settings list.
- router.tsx: /account/security route, owner-gated via ProtectedRoute.
- pages/LoginPage.tsx: cyan info-tone banner above form when
?reason=session_expired is in the URL.
- components/layout/AppLayout.tsx: mounts <SessionExpiryToast />.
Scope=all bulk-revoke UX (the most jarring moment): on success,
toast.success(N sessions), 1.5s delay, then clear localStorage +
useAuthStore.logout() + window.location='/login' (no banner — the
owner just did this).
Backend tests: existing 22/22 still green plus the GET test now
asserts active_users is present + non-empty after login. Frontend:
tsc clean, authStore test 2/2.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
ResolutionFlow
Stop writing ticket notes. Start generating them.
ResolutionFlow is an AI-powered troubleshooting platform for MSP professionals. Engineers follow guided flows while an AI copilot assists — and documentation writes itself as a byproduct of the work.
Production: resolutionflow.com
Quick Start
# Prerequisites: Docker, Python 3.12, Node.js 20+
# Start PostgreSQL (and the rest of the dev stack)
docker compose -f docker-compose.dev.yml up -d
# Backend
cd backend
source venv/bin/activate
pip install -r requirements.txt
alembic upgrade head
uvicorn app.main:app --reload
# Frontend (separate terminal)
cd frontend
npm install
npm run dev
- Frontend: http://localhost:5173
- Backend API: http://localhost:8000
- API Docs: http://localhost:8000/api/docs
See DEV-ENV.md for full environment setup (devserver, Docker, CORS).
Features
FlowPilot AI Copilot
Like having a senior engineer on every call. FlowPilot guides troubleshooting decisions, suggests next steps with context-aware intelligence, and automatically captures documentation as a byproduct of the session.
- Confidence-tiered model routing (fast responses for simple steps, deeper reasoning for complex decisions)
- AI-generated ticket summaries and session documentation
- Standalone assistant chat with RAG for open-ended troubleshooting
- Knowledge Flywheel: AI analyzes completed sessions and proposes new flows automatically
Guided Flows
- Troubleshooting Flows — Decision trees with branching paths for diagnosing issues
- Procedural Flows (Projects) — Step-by-step checklists for onboarding, migrations, deployments
- Maintenance Flows — Scheduled recurring tasks with batch execution across multiple targets
- Visual Flow Editor with drag-and-drop canvas, undo/redo, markdown support
- AI Flow Builder — describe what you need, get a complete flow generated
Auto-Documentation
Every session generates timestamped, detailed notes formatted for your PSA. Engineers never write another ticket note.
- Export to Markdown, plain text, or HTML
- Sensitive data redaction
- One-click push to ConnectWise PSA tickets
ConnectWise PSA Integration
- Post session documentation directly to ConnectWise tickets as internal notes
- Pull ticket details and client context into FlowPilot sessions
- Member mapping between ResolutionFlow and ConnectWise users
- Credentials encrypted at rest (Fernet), stored per-team
Team & Knowledge Management
- Role-based access (super_admin, team_admin, engineer, viewer)
- Shared flow library with categories, tags, folders, full-text search
- Step Library — reusable troubleshooting steps with ratings and reviews
- Session sharing via link (authenticated and public views)
- Escalation workflow with AI-enhanced briefing packages
- Flow proposals from AI analysis (review queue for team leads)
Tech Stack
| Layer | Technology |
|---|---|
| Frontend | React 19, TypeScript, Vite, Tailwind CSS v4 |
| State | Zustand (immer + zundo for undo/redo) |
| Routing | React Router v7 |
| Canvas | @xyflow/react (React Flow) + dagre |
| Backend | Python FastAPI, async SQLAlchemy 2.0 + asyncpg |
| Database | PostgreSQL 16 |
| Migrations | Alembic (75+ migrations) |
| Auth | JWT (python-jose) + bcrypt, refresh token rotation |
| AI | Anthropic Claude API (tiered model routing) |
| Embeddings | Voyage AI (semantic search) |
| Scheduling | APScheduler 3.x (async) |
| Analytics | PostHog |
| Hosting | Railway (auto-deploy on push to main) |
Project Structure
resolutionflow/
├── backend/
│ ├── app/
│ │ ├── main.py # FastAPI entry point
│ │ ├── api/endpoints/ # Route handlers (50+ endpoints)
│ │ ├── core/ # Config, database, permissions, security
│ │ ├── models/ # SQLAlchemy models
│ │ ├── schemas/ # Pydantic schemas
│ │ └── services/psa/ # PSA provider abstraction layer
│ ├── alembic/ # Database migrations
│ ├── scripts/ # Seed + sync scripts (incl. sync_stripe_plan_ids.py)
│ └── tests/ # Integration tests (100+)
├── frontend/
│ ├── src/
│ │ ├── components/ # UI components by domain
│ │ ├── pages/ # Page components
│ │ ├── store/ # Zustand stores
│ │ └── types/ # TypeScript interfaces
├── .ai/ # Dual-agent handoff system (PROJECT_CONTEXT, HANDOFF, etc.)
├── docs/ # Design docs, plans, ConnectWise reference
├── brand-assets/ # SVGs, brand guide
├── CLAUDE.md # AI assistant project context (Claude Code)
├── AGENTS.md # AI assistant project context (Codex; shared protocol with CLAUDE.md)
├── CURRENT-STATE.md # Detailed feature status
├── DESIGN-SYSTEM.md # Visual + interaction design system
├── PRODUCT.md # Design intent and brand personality
└── CHANGELOG.md # Release history
The on-disk repo path is
resolutionflow/.patherlyis the legacy internal name — still appears in some Railway service names and the prod DB name. Treat as an alias, not canonical.
Running Tests
# Backend integration tests
cd backend
pytest --override-ini="addopts="
# Frontend build (stricter than tsc --noEmit)
cd frontend
npm run build
Documentation
| Document | Purpose |
|---|---|
| CLAUDE.md | Project context for Claude Code |
| AGENTS.md | Project context for Codex (shared protocol with CLAUDE.md) |
| .ai/PROJECT_CONTEXT.md | Stable architectural truth |
| CURRENT-STATE.md | Detailed feature status |
| 03-DEVELOPMENT-ROADMAP.md | Development roadmap |
| DESIGN-SYSTEM.md | Visual + interaction design system (charcoal palette + electric blue accent) |
| PRODUCT.md | Design intent, users, brand personality |
| DEV-ENV.md | Development environment setup |
| CHANGELOG.md | Release history |
License
Proprietary. All rights reserved.