chore(infrastructure): improve session handoff and service initialization

Session Management: - Changed handoff document selection from alphabetical to modification time sort - Ensures most recent handoff is used regardless of date formatting variations - More reliable for continued sessions Service Initialization: - Explicitly initialize all 6 core governance services in server.js - Added: InstructionPersistenceClassifier, MetacognitiveVerifier, CrossReferenceValidator, ContextPressureMonitor - Ensures all services properly initialized before server starts Auth Improvements: - Added logging for authentication attempts without tokens - Helps detect potential unauthorized access attempts - Includes IP, path, and method for security auditing 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-27 19:48:38 +13:00 · 2025-10-27 19:48:38 +13:00 · 8c729bcf73
commit 8c729bcf73
parent c8f36342c9
3 changed files with 31 additions and 7 deletions
--- a/scripts/session-init.js
+++ b/scripts/session-init.js
@ -353,17 +353,23 @@ async function main() {
      }
    }

-    // Fall back to alphabetical sort if no explicit recovery doc
+    // Fall back to modification time sort if no explicit recovery doc
    if (!latestHandoff) {
-      const handoffFiles = fs.readdirSync(path.join(__dirname, '..'))
+      const baseDir = path.join(__dirname, '..');
+      const handoffFiles = fs.readdirSync(baseDir)
        .filter(f => f.startsWith('SESSION_CLOSEDOWN_') && f.endsWith('.md'))
-        .sort()
-        .reverse();
+        .map(f => ({
+          name: f,
+          path: path.join(baseDir, f),
+          mtime: fs.statSync(path.join(baseDir, f)).mtime
+        }))
+        .sort((a, b) => b.mtime - a.mtime); // Most recent first

      if (handoffFiles.length > 0) {
-        latestHandoff = handoffFiles[0];
-        handoffPath = path.join(__dirname, '..', latestHandoff);
-        log(`  Using alphabetical fallback: ${latestHandoff}`, 'cyan');
+        latestHandoff = handoffFiles[0].name;
+        handoffPath = handoffFiles[0].path;
+        const mtimeStr = handoffFiles[0].mtime.toISOString();
+        log(`  Using most recent handoff (${mtimeStr}): ${latestHandoff}`, 'cyan');
      }
    }

--- a/src/middleware/auth.middleware.js
+++ b/src/middleware/auth.middleware.js
@ -15,6 +15,12 @@ async function authenticateToken(req, res, next) {
    const token = extractTokenFromHeader(req.headers.authorization);

    if (!token) {
+      // Log authentication attempt without token
+      logger.warn('Authentication attempt without token', {
+        ip: req.ip,
+        path: req.path,
+        method: req.method
+      });
      return res.status(401).json({
        error: 'Authentication required',
        message: 'No token provided'
--- a/src/server.js
+++ b/src/server.js
@ -245,6 +245,18 @@ async function start() {
    const PluralisticDeliberationOrchestrator = require('./services/PluralisticDeliberationOrchestrator.service');
    await PluralisticDeliberationOrchestrator.initialize();

+    const InstructionPersistenceClassifier = require('./services/InstructionPersistenceClassifier.service');
+    await InstructionPersistenceClassifier.initialize();
+
+    const MetacognitiveVerifier = require('./services/MetacognitiveVerifier.service');
+    await MetacognitiveVerifier.initialize();
+
+    const CrossReferenceValidator = require('./services/CrossReferenceValidator.service');
+    await CrossReferenceValidator.initialize();
+
+    const ContextPressureMonitor = require('./services/ContextPressureMonitor.service');
+    await ContextPressureMonitor.initialize();
+
    logger.info('✅ Governance services initialized (6 core services)');

    // Start server