Skip to main content

Cronozen AI Context

This page provides structured context for AI agents (Claude, Cursor, ChatGPT) to understand the Cronozen platform and generate accurate code.
For machine-readable versions, see llms.txt and llms-full.txt.

What is Cronozen?

A multi-tenant SaaS operating system for 7 verticals: rehabilitation, welfare, education, pharmacy, commerce, mentoring, interior design. Hub-and-spoke architecture with SSO, DPU (cryptographic decision proof), and white-label support.

Key Entities

EntityDescriptionKey Identifier
ActorAn authenticated identity (person)actorId (UUID)
CenterAn isolated organization (tenant)centerId (Integer)
MembershipActor-to-center access grantrole + status
WorkspacePersonal actor contextisPersonalWorkspaceDomain()
DPUTamper-evident decision recordchainHash (SHA-256)
TenantLMS service tenanttenantId (UUID)

Actor Roles

ADMIN        — Center administrator (full access)
INSTRUCTOR   — Service provider (isolated from center data)
PARENT       — Guardian (cross-center view of children)
CHILD        — Service recipient

Membership Lifecycle

INVITED → PENDING → ACTIVE → ENDED

                  SUSPENDED

Tech Stack

Framework:    Next.js 16 + TypeScript
ORM:          Prisma 6.18 (scoped models for tenant isolation)
Database:     PostgreSQL + pgvector
Cache:        Redis
Auth:         JWT (SSO via auth.cronozen.com)
Infrastructure: AWS ECS Fargate (ap-northeast-2)
Edge:         CloudFlare (DNS, Workers, WAF)
CI/CD:        GitHub Actions (develop→staging, main→production)
Payment:      Toss Payments (Korea)
Video:        Vimeo (LMS)

Hub-and-Spoke Services

OPS (cronozen.com)           — Hub: SSO, billing, DPU, tenant master
LMS (learn.cronozen.com)     — Learning, HRD-Net compliance, EMON
CMS (blog.cronozen.com)      — Blog, manuals, content
ERP (erp.cronozen.com)       — Odoo business management
Docs (docs.cronozen.com)     — Developer documentation (Mintlify)

Common Patterns

Authentication Flow

# 1. Login
POST /api/auth/login
{ "email": "admin@center.com", "password": "..." }
 { "accessToken": "jwt...", "refreshToken": "..." }

# 2. Use token
GET /api/auth/me
Authorization: Bearer jwt...

# 3. Switch center
POST /api/auth/switch-center
{ "centerId": 2 }

# 4. Cross-app SSO
POST /api/auth/sso/token
{ "targetApp": "lms" }
 { "token": "sso-token-..." }

Multi-Tenant Data Access

// CORRECT: Scoped Prisma (auto-filters by center_id)
const sessions = await scopedPrisma.session.findMany();

// CORRECT: Explicit scope check
const scope = await requireCenterScope(actorId);
const data = await basePrisma.schedule.findMany({
  where: { center_id: scope.centerId }
});

// WRONG: Never query without center scope
const data = await basePrisma.schedule.findMany(); // ❌ Returns ALL centers

DPU Hash Chain

import { computeChainHash } from '@cronozen/dpu-core';

const hash = computeChainHash(
  content,        // decision content
  previousHash,   // previous DPU hash (null for genesis)
  timestamp        // ISO 8601
);
// → SHA-256 hex string

White-Label Domain Resolution

// CloudFlare Worker proxies: brand.co.kr → cronozen.com/brand-slug
// Middleware resolves: hostname → center_domain → centerId

// Config files to update for new white-label:
// 1. config/domains.config.ts          — domain → center mapping
// 2. src/lib/proxy/constants.ts        — rewrite segments, auth client
// 3. config/auth-clients.config.ts     — redirect URI

API Quick Reference

Core Endpoints

ActionMethodPath
LoginPOST/api/auth/login
Current userGET/api/auth/me
Switch centerPOST/api/auth/switch-center
SSO tokenPOST/api/auth/sso/token
Get centerGET/api/centers/{domain}
Search centersPOST/api/centers/search
Create DPUPOST/api/dpu/demo
Get DPUGET/api/dpu/{id}
Export DPUGET/api/dpu/{id}/export
Verify chainGET/api/dpu/{id}/verify

Partner Endpoints

ActionMethodPath
List centersGET/api/partner/centers
Create centerPOST/api/partner/centers
Dashboard statsGET/api/partner/stats/dashboard
Audit logGET/api/partner/audit
MembersGET/api/partner/members
SettingsGET/PATCH/api/partner/settings

Provisioning

ActionMethodPath
Create centerPOST/api/provisioning/center-tenant
Check subdomainPOST/api/provisioning/check-subdomain
Center plansGET/api/provisioning/center-plans
LMS plansGET/api/provisioning/lms-plans

OpenAPI Spec

Full API specification available at: Use with AI tools: 
# Claude / Cursor
"Read the OpenAPI spec at docs.cronozen.com/openapi.yaml and generate a TypeScript client"

# ChatGPT
"Based on the Cronozen API spec, create integration code for..."

Repository Structure

thearound-ops/          — OPS Hub (cronozen.com)
├── src/app/api/        — 134+ API routes
├── src/lib/auth/       — Auth system (resolvers, JWT, SSO)
├── src/lib/proxy/      — Domain routing, white-label
├── src/core/           — Tenant OS (audit, membership, RBAC)
├── config/             — Domain registry, auth clients
└── prisma/             — 200+ table schema

thearound-lms/          — LMS Spoke (learn.cronozen.com)
├── src/lib/learning/   — HRD compliance, heartbeat, assessment
├── src/lib/emon/       — EMON electronic monitoring
├── src/lib/attendance/ — DPU proof, fraud detection, QR
└── prisma/             — 77 models

thearound-cms/          — CMS Spoke (blog.cronozen.com)
thearound-docs/         — Docs (docs.cronozen.com, Mintlify)