LifeOSAI — Platform Overview · hub-and-spoke view
User Management is the central gateway hub. Six client surfaces fan in on the left. Six backend destinations fan out on the right. Inside the hub: HTTPS ingress, auth middleware, the Express dispatcher, and routing target resolution.
CLIENTS Web Users Browser (Next.js) apps/web · port 3000 SSR + static Tauri Desktop macOS · Win · Linux WebView + sidecars local-mode iOS App apps/ios · native talks to cloud UM over HTTPS Internal Admin Ops console deploy · health cost · routines Chat Users WhatsApp · Telegram message-driven never see the app UI Phone Caller Voice bridge SIP / WebRTC in Gemini Live realtime
USER MANAGEMENT GATEWAY · apps/user-management · Express on port 3001
INBOUND · ingress + auth middleware Ingress Cloud Run (HTTPS) · Tauri (HTTP) rate limiters · CORS Auth middleware JWT validation session check via apps/auth Webhook receivers /webhook/whatsapp /api/billing (Stripe) · OAuth
USER MANAGEMENT CORE · Express dispatcher · the central routing hub Route Dispatcher files · models · billing plugins · skills · microapps apps/user-management/src/routes Agent Proxy proxies /api/agent/* requests cloud: spot-vm proxy proxy/agent-proxy.ts Target Resolution cloud: spot VM agent containers local: Tauri sidecar (port 4000) provisioner/spot-vm.ts
OUTBOUND · fan-out per route family Agent routes → Agent API (4000) /api/agent/* Direct routes handled by UM itself files · models · billing · … SSE pass-through /api/events/company/:id → Agent API SSE
ADJACENT SERVICES Web SSR (3000) apps/web · Next.js server-side fetches UM Auth Service (3002) apps/auth · identity UM calls for JWT verify Tauri Sidecars local-mode only UM + Agent API in-process SAME GATEWAY CONTRACT IN BOTH MODES
In cloud mode UM runs on Cloud Run and proxies to spot-VM agent containers.
In local mode UM runs as a Tauri sidecar and proxies to the local Agent API.
Browser code is identical — only the target URL changes.
BACKEND DESTINATIONS Auth Service apps/auth · 3002 identity · tokens refresh · sessions Agent API · Orchestration apps/api · 4000 heartbeat · invoker runs · routines · issues Agent API · Channels registry · dispatch WhatsApp (Baileys) Telegram (grammy) Direct APIs files · models · billing plugins · skills · OAuth handled by UM directly External Providers LLM · OAuth · Voice Stripe · Firebase · GCS third-party APIs Data Tier Postgres / SQLite Filestore / Local FS Secrets · keychain
HTTPS requests →
→ routed to backend