UPDATE: UI and client assets

.gitignore

@@ -1,3 +1,6 @@
+# Node
+node_modules/
+
 # Python build artifacts
 __pycache__/
 *.pyc

client/index.html

@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>AdaptiveAuth — Framework Demo</title>
+    <link rel="preconnect" href="https://fonts.googleapis.com" />
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
+    <link
+      href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap"
+      rel="stylesheet"
+    />
+  </head>
+  <body>
+    <div id="root"></div>
+    <script type="module" src="/src/main.jsx"></script>
+  </body>
+</html>

client/package-lock.json

@@ -0,0 +1,1794 @@
+{
+  "name": "adaptiveauth-ui",
+  "version": "1.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "adaptiveauth-ui",
+      "version": "1.0.0",
+      "dependencies": {
+        "react": "^18.3.1",
+        "react-dom": "^18.3.1"
+      },
+      "devDependencies": {
+        "@vitejs/plugin-react": "^4.3.4",
+        "vite": "^6.0.0"
+      }
+    },
+    "node_modules/@babel/code-frame": {
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.0.tgz",
+      "integrity": "sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-validator-identifier": "^7.28.5",
+        "js-tokens": "^4.0.0",
+        "picocolors": "^1.1.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/compat-data": {
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.29.0.tgz",
+      "integrity": "sha512-T1NCJqT/j9+cn8fvkt7jtwbLBfLC/1y1c7NtCeXFRgzGTsafi68MRv8yzkYSapBnFA6L3U2VSc02ciDzoAJhJg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/core": {
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.29.0.tgz",
+      "integrity": "sha512-CGOfOJqWjg2qW/Mb6zNsDm+u5vFQ8DxXfbM09z69p5Z6+mE1ikP2jUXw+j42Pf1XTYED2Rni5f95npYeuwMDQA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/code-frame": "^7.29.0",
+        "@babel/generator": "^7.29.0",
+        "@babel/helper-compilation-targets": "^7.28.6",
+        "@babel/helper-module-transforms": "^7.28.6",
+        "@babel/helpers": "^7.28.6",
+        "@babel/parser": "^7.29.0",
+        "@babel/template": "^7.28.6",
+        "@babel/traverse": "^7.29.0",
+        "@babel/types": "^7.29.0",
+        "@jridgewell/remapping": "^2.3.5",
+        "convert-source-map": "^2.0.0",
+        "debug": "^4.1.0",
+        "gensync": "^1.0.0-beta.2",
+        "json5": "^2.2.3",
+        "semver": "^6.3.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/babel"
+      }
+    },
+    "node_modules/@babel/generator": {
+      "version": "7.29.1",
+      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.29.1.tgz",
+      "integrity": "sha512-qsaF+9Qcm2Qv8SRIMMscAvG4O3lJ0F1GuMo5HR/Bp02LopNgnZBC/EkbevHFeGs4ls/oPz9v+Bsmzbkbe+0dUw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "^7.29.0",
+        "@babel/types": "^7.29.0",
+        "@jridgewell/gen-mapping": "^0.3.12",
+        "@jridgewell/trace-mapping": "^0.3.28",
+        "jsesc": "^3.0.2"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-compilation-targets": {
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.28.6.tgz",
+      "integrity": "sha512-JYtls3hqi15fcx5GaSNL7SCTJ2MNmjrkHXg4FSpOA/grxK8KwyZ5bubHsCq8FXCkua6xhuaaBit+3b7+VZRfcA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/compat-data": "^7.28.6",
+        "@babel/helper-validator-option": "^7.27.1",
+        "browserslist": "^4.24.0",
+        "lru-cache": "^5.1.1",
+        "semver": "^6.3.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-globals": {
+      "version": "7.28.0",
+      "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.28.0.tgz",
+      "integrity": "sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-module-imports": {
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.28.6.tgz",
+      "integrity": "sha512-l5XkZK7r7wa9LucGw9LwZyyCUscb4x37JWTPz7swwFE/0FMQAGpiWUZn8u9DzkSBWEcK25jmvubfpw2dnAMdbw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/traverse": "^7.28.6",
+        "@babel/types": "^7.28.6"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-module-transforms": {
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.28.6.tgz",
+      "integrity": "sha512-67oXFAYr2cDLDVGLXTEABjdBJZ6drElUSI7WKp70NrpyISso3plG9SAGEF6y7zbha/wOzUByWWTJvEDVNIUGcA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-module-imports": "^7.28.6",
+        "@babel/helper-validator-identifier": "^7.28.5",
+        "@babel/traverse": "^7.28.6"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0"
+      }
+    },
+    "node_modules/@babel/helper-plugin-utils": {
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.28.6.tgz",
+      "integrity": "sha512-S9gzZ/bz83GRysI7gAD4wPT/AI3uCnY+9xn+Mx/KPs2JwHJIz1W8PZkg2cqyt3RNOBM8ejcXhV6y8Og7ly/Dug==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-string-parser": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz",
+      "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-validator-identifier": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz",
+      "integrity": "sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-validator-option": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.27.1.tgz",
+      "integrity": "sha512-YvjJow9FxbhFFKDSuFnVCe2WxXk1zWc22fFePVNEaWJEu8IrZVlda6N0uHwzZrUM1il7NC9Mlp4MaJYbYd9JSg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helpers": {
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.28.6.tgz",
+      "integrity": "sha512-xOBvwq86HHdB7WUDTfKfT/Vuxh7gElQ+Sfti2Cy6yIWNW05P8iUslOVcZ4/sKbE+/jQaukQAdz/gf3724kYdqw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/template": "^7.28.6",
+        "@babel/types": "^7.28.6"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/parser": {
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.29.0.tgz",
+      "integrity": "sha512-IyDgFV5GeDUVX4YdF/3CPULtVGSXXMLh1xVIgdCgxApktqnQV0r7/8Nqthg+8YLGaAtdyIlo2qIdZrbCv4+7ww==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/types": "^7.29.0"
+      },
+      "bin": {
+        "parser": "bin/babel-parser.js"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@babel/plugin-transform-react-jsx-self": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-jsx-self/-/plugin-transform-react-jsx-self-7.27.1.tgz",
+      "integrity": "sha512-6UzkCs+ejGdZ5mFFC/OCUrv028ab2fp1znZmCZjAOBKiBK2jXD1O+BPSfX8X2qjJ75fZBMSnQn3Rq2mrBJK2mw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-plugin-utils": "^7.27.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0-0"
+      }
+    },
+    "node_modules/@babel/plugin-transform-react-jsx-source": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-jsx-source/-/plugin-transform-react-jsx-source-7.27.1.tgz",
+      "integrity": "sha512-zbwoTsBruTeKB9hSq73ha66iFeJHuaFkUbwvqElnygoNbj/jHRsSeokowZFN3CZ64IvEqcmmkVe89OPXc7ldAw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-plugin-utils": "^7.27.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0-0"
+      }
+    },
+    "node_modules/@babel/template": {
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.28.6.tgz",
+      "integrity": "sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/code-frame": "^7.28.6",
+        "@babel/parser": "^7.28.6",
+        "@babel/types": "^7.28.6"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/traverse": {
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.29.0.tgz",
+      "integrity": "sha512-4HPiQr0X7+waHfyXPZpWPfWL/J7dcN1mx9gL6WdQVMbPnF3+ZhSMs8tCxN7oHddJE9fhNE7+lxdnlyemKfJRuA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/code-frame": "^7.29.0",
+        "@babel/generator": "^7.29.0",
+        "@babel/helper-globals": "^7.28.0",
+        "@babel/parser": "^7.29.0",
+        "@babel/template": "^7.28.6",
+        "@babel/types": "^7.29.0",
+        "debug": "^4.3.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/types": {
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.29.0.tgz",
+      "integrity": "sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-string-parser": "^7.27.1",
+        "@babel/helper-validator-identifier": "^7.28.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@esbuild/aix-ppc64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.12.tgz",
+      "integrity": "sha512-Hhmwd6CInZ3dwpuGTF8fJG6yoWmsToE+vYgD4nytZVxcu1ulHpUQRAB1UJ8+N1Am3Mz4+xOByoQoSZf4D+CpkA==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "aix"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-arm": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.12.tgz",
+      "integrity": "sha512-VJ+sKvNA/GE7Ccacc9Cha7bpS8nyzVv0jdVgwNDaR4gDMC/2TTRc33Ip8qrNYUcpkOHUT5OZ0bUcNNVZQ9RLlg==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.12.tgz",
+      "integrity": "sha512-6AAmLG7zwD1Z159jCKPvAxZd4y/VTO0VkprYy+3N2FtJ8+BQWFXU+OxARIwA46c5tdD9SsKGZ/1ocqBS/gAKHg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.12.tgz",
+      "integrity": "sha512-5jbb+2hhDHx5phYR2By8GTWEzn6I9UqR11Kwf22iKbNpYrsmRB18aX/9ivc5cabcUiAT/wM+YIZ6SG9QO6a8kg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/darwin-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.12.tgz",
+      "integrity": "sha512-N3zl+lxHCifgIlcMUP5016ESkeQjLj/959RxxNYIthIg+CQHInujFuXeWbWMgnTo4cp5XVHqFPmpyu9J65C1Yg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/darwin-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.12.tgz",
+      "integrity": "sha512-HQ9ka4Kx21qHXwtlTUVbKJOAnmG1ipXhdWTmNXiPzPfWKpXqASVcWdnf2bnL73wgjNrFXAa3yYvBSd9pzfEIpA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/freebsd-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.12.tgz",
+      "integrity": "sha512-gA0Bx759+7Jve03K1S0vkOu5Lg/85dou3EseOGUes8flVOGxbhDDh/iZaoek11Y8mtyKPGF3vP8XhnkDEAmzeg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/freebsd-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.12.tgz",
+      "integrity": "sha512-TGbO26Yw2xsHzxtbVFGEXBFH0FRAP7gtcPE7P5yP7wGy7cXK2oO7RyOhL5NLiqTlBh47XhmIUXuGciXEqYFfBQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-arm": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.12.tgz",
+      "integrity": "sha512-lPDGyC1JPDou8kGcywY0YILzWlhhnRjdof3UlcoqYmS9El818LLfJJc3PXXgZHrHCAKs/Z2SeZtDJr5MrkxtOw==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.12.tgz",
+      "integrity": "sha512-8bwX7a8FghIgrupcxb4aUmYDLp8pX06rGh5HqDT7bB+8Rdells6mHvrFHHW2JAOPZUbnjUpKTLg6ECyzvas2AQ==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-ia32": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.12.tgz",
+      "integrity": "sha512-0y9KrdVnbMM2/vG8KfU0byhUN+EFCny9+8g202gYqSSVMonbsCfLjUO+rCci7pM0WBEtz+oK/PIwHkzxkyharA==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-loong64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.12.tgz",
+      "integrity": "sha512-h///Lr5a9rib/v1GGqXVGzjL4TMvVTv+s1DPoxQdz7l/AYv6LDSxdIwzxkrPW438oUXiDtwM10o9PmwS/6Z0Ng==",
+      "cpu": [
+        "loong64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-mips64el": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.12.tgz",
+      "integrity": "sha512-iyRrM1Pzy9GFMDLsXn1iHUm18nhKnNMWscjmp4+hpafcZjrr2WbT//d20xaGljXDBYHqRcl8HnxbX6uaA/eGVw==",
+      "cpu": [
+        "mips64el"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-ppc64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.12.tgz",
+      "integrity": "sha512-9meM/lRXxMi5PSUqEXRCtVjEZBGwB7P/D4yT8UG/mwIdze2aV4Vo6U5gD3+RsoHXKkHCfSxZKzmDssVlRj1QQA==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-riscv64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.12.tgz",
+      "integrity": "sha512-Zr7KR4hgKUpWAwb1f3o5ygT04MzqVrGEGXGLnj15YQDJErYu/BGg+wmFlIDOdJp0PmB0lLvxFIOXZgFRrdjR0w==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-s390x": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.12.tgz",
+      "integrity": "sha512-MsKncOcgTNvdtiISc/jZs/Zf8d0cl/t3gYWX8J9ubBnVOwlk65UIEEvgBORTiljloIWnBzLs4qhzPkJcitIzIg==",
+      "cpu": [
+        "s390x"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.12.tgz",
+      "integrity": "sha512-uqZMTLr/zR/ed4jIGnwSLkaHmPjOjJvnm6TVVitAa08SLS9Z0VM8wIRx7gWbJB5/J54YuIMInDquWyYvQLZkgw==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/netbsd-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.12.tgz",
+      "integrity": "sha512-xXwcTq4GhRM7J9A8Gv5boanHhRa/Q9KLVmcyXHCTaM4wKfIpWkdXiMog/KsnxzJ0A1+nD+zoecuzqPmCRyBGjg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/netbsd-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.12.tgz",
+      "integrity": "sha512-Ld5pTlzPy3YwGec4OuHh1aCVCRvOXdH8DgRjfDy/oumVovmuSzWfnSJg+VtakB9Cm0gxNO9BzWkj6mtO1FMXkQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openbsd-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.12.tgz",
+      "integrity": "sha512-fF96T6KsBo/pkQI950FARU9apGNTSlZGsv1jZBAlcLL1MLjLNIWPBkj5NlSz8aAzYKg+eNqknrUJ24QBybeR5A==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openbsd-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.12.tgz",
+      "integrity": "sha512-MZyXUkZHjQxUvzK7rN8DJ3SRmrVrke8ZyRusHlP+kuwqTcfWLyqMOE3sScPPyeIXN/mDJIfGXvcMqCgYKekoQw==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openharmony-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.25.12.tgz",
+      "integrity": "sha512-rm0YWsqUSRrjncSXGA7Zv78Nbnw4XL6/dzr20cyrQf7ZmRcsovpcRBdhD43Nuk3y7XIoW2OxMVvwuRvk9XdASg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/sunos-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.12.tgz",
+      "integrity": "sha512-3wGSCDyuTHQUzt0nV7bocDy72r2lI33QL3gkDNGkod22EsYl04sMf0qLb8luNKTOmgF/eDEDP5BFNwoBKH441w==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "sunos"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.12.tgz",
+      "integrity": "sha512-rMmLrur64A7+DKlnSuwqUdRKyd3UE7oPJZmnljqEptesKM8wx9J8gx5u0+9Pq0fQQW8vqeKebwNXdfOyP+8Bsg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-ia32": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.12.tgz",
+      "integrity": "sha512-HkqnmmBoCbCwxUKKNPBixiWDGCpQGVsrQfJoVGYLPT41XWF8lHuE5N6WhVia2n4o5QK5M4tYr21827fNhi4byQ==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.12.tgz",
+      "integrity": "sha512-alJC0uCZpTFrSL0CCDjcgleBXPnCrEAhTBILpeAp7M/OFgoqtAetfBzX0xM00MUsVVPpVjlPuMbREqnZCXaTnA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@jridgewell/gen-mapping": {
+      "version": "0.3.13",
+      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz",
+      "integrity": "sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/sourcemap-codec": "^1.5.0",
+        "@jridgewell/trace-mapping": "^0.3.24"
+      }
+    },
+    "node_modules/@jridgewell/remapping": {
+      "version": "2.3.5",
+      "resolved": "https://registry.npmjs.org/@jridgewell/remapping/-/remapping-2.3.5.tgz",
+      "integrity": "sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/gen-mapping": "^0.3.5",
+        "@jridgewell/trace-mapping": "^0.3.24"
+      }
+    },
+    "node_modules/@jridgewell/resolve-uri": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz",
+      "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@jridgewell/sourcemap-codec": {
+      "version": "1.5.5",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+      "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@jridgewell/trace-mapping": {
+      "version": "0.3.31",
+      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.31.tgz",
+      "integrity": "sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/resolve-uri": "^3.1.0",
+        "@jridgewell/sourcemap-codec": "^1.4.14"
+      }
+    },
+    "node_modules/@rolldown/pluginutils": {
+      "version": "1.0.0-beta.27",
+      "resolved": "https://registry.npmjs.org/@rolldown/pluginutils/-/pluginutils-1.0.0-beta.27.tgz",
+      "integrity": "sha512-+d0F4MKMCbeVUJwG96uQ4SgAznZNSq93I3V+9NHA4OpvqG8mRCpGdKmK8l/dl02h2CCDHwW2FqilnTyDcAnqjA==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@rollup/rollup-android-arm-eabi": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.58.0.tgz",
+      "integrity": "sha512-mr0tmS/4FoVk1cnaeN244A/wjvGDNItZKR8hRhnmCzygyRXYtKF5jVDSIILR1U97CTzAYmbgIj/Dukg62ggG5w==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ]
+    },
+    "node_modules/@rollup/rollup-android-arm64": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.58.0.tgz",
+      "integrity": "sha512-+s++dbp+/RTte62mQD9wLSbiMTV+xr/PeRJEc/sFZFSBRlHPNPVaf5FXlzAL77Mr8FtSfQqCN+I598M8U41ccQ==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ]
+    },
+    "node_modules/@rollup/rollup-darwin-arm64": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.58.0.tgz",
+      "integrity": "sha512-MFWBwTcYs0jZbINQBXHfSrpSQJq3IUOakcKPzfeSznONop14Pxuqa0Kg19GD0rNBMPQI2tFtu3UzapZpH0Uc1Q==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ]
+    },
+    "node_modules/@rollup/rollup-darwin-x64": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.58.0.tgz",
+      "integrity": "sha512-yiKJY7pj9c9JwzuKYLFaDZw5gma3fI9bkPEIyofvVfsPqjCWPglSHdpdwXpKGvDeYDms3Qal8qGMEHZ1M/4Udg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ]
+    },
+    "node_modules/@rollup/rollup-freebsd-arm64": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.58.0.tgz",
+      "integrity": "sha512-x97kCoBh5MOevpn/CNK9W1x8BEzO238541BGWBc315uOlN0AD/ifZ1msg+ZQB05Ux+VF6EcYqpiagfLJ8U3LvQ==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ]
+    },
+    "node_modules/@rollup/rollup-freebsd-x64": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.58.0.tgz",
+      "integrity": "sha512-Aa8jPoZ6IQAG2eIrcXPpjRcMjROMFxCt1UYPZZtCxRV68WkuSigYtQ/7Zwrcr2IvtNJo7T2JfDXyMLxq5L4Jlg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.58.0.tgz",
+      "integrity": "sha512-Ob8YgT5kD/lSIYW2Rcngs5kNB/44Q2RzBSPz9brf2WEtcGR7/f/E9HeHn1wYaAwKBni+bdXEwgHvUd0x12lQSA==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm-musleabihf": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.58.0.tgz",
+      "integrity": "sha512-K+RI5oP1ceqoadvNt1FecL17Qtw/n9BgRSzxif3rTL2QlIu88ccvY+Y9nnHe/cmT5zbH9+bpiJuG1mGHRVwF4Q==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm64-gnu": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.58.0.tgz",
+      "integrity": "sha512-T+17JAsCKUjmbopcKepJjHWHXSjeW7O5PL7lEFaeQmiVyw4kkc5/lyYKzrv6ElWRX/MrEWfPiJWqbTvfIvjM1Q==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm64-musl": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.58.0.tgz",
+      "integrity": "sha512-cCePktb9+6R9itIJdeCFF9txPU7pQeEHB5AbHu/MKsfH/k70ZtOeq1k4YAtBv9Z7mmKI5/wOLYjQ+B9QdxR6LA==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-loong64-gnu": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.58.0.tgz",
+      "integrity": "sha512-iekUaLkfliAsDl4/xSdoCJ1gnnIXvoNz85C8U8+ZxknM5pBStfZjeXgB8lXobDQvvPRCN8FPmmuTtH+z95HTmg==",
+      "cpu": [
+        "loong64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-loong64-musl": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.58.0.tgz",
+      "integrity": "sha512-68ofRgJNl/jYJbxFjCKE7IwhbfxOl1muPN4KbIqAIe32lm22KmU7E8OPvyy68HTNkI2iV/c8y2kSPSm2mW/Q9Q==",
+      "cpu": [
+        "loong64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-ppc64-gnu": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.58.0.tgz",
+      "integrity": "sha512-dpz8vT0i+JqUKuSNPCP5SYyIV2Lh0sNL1+FhM7eLC457d5B9/BC3kDPp5BBftMmTNsBarcPcoz5UGSsnCiw4XQ==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-ppc64-musl": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.58.0.tgz",
+      "integrity": "sha512-4gdkkf9UJ7tafnweBCR/mk4jf3Jfl0cKX9Np80t5i78kjIH0ZdezUv/JDI2VtruE5lunfACqftJ8dIMGN4oHew==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-riscv64-gnu": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.58.0.tgz",
+      "integrity": "sha512-YFS4vPnOkDTD/JriUeeZurFYoJhPf9GQQEF/v4lltp3mVcBmnsAdjEWhr2cjUCZzZNzxCG0HZOvJU44UGHSdzw==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-riscv64-musl": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.58.0.tgz",
+      "integrity": "sha512-x2xgZlFne+QVNKV8b4wwaCS8pwq3y14zedZ5DqLzjdRITvreBk//4Knbcvm7+lWmms9V9qFp60MtUd0/t/PXPw==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-s390x-gnu": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.58.0.tgz",
+      "integrity": "sha512-jIhrujyn4UnWF8S+DHSkAkDEO3hLX0cjzxJZPLF80xFyzyUIYgSMRcYQ3+uqEoyDD2beGq7Dj7edi8OnJcS/hg==",
+      "cpu": [
+        "s390x"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-x64-gnu": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.58.0.tgz",
+      "integrity": "sha512-+410Srdoh78MKSJxTQ+hZ/Mx+ajd6RjjPwBPNd0R3J9FtL6ZA0GqiiyNjCO9In0IzZkCNrpGymSfn+kgyPQocg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-x64-musl": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.58.0.tgz",
+      "integrity": "sha512-ZjMyby5SICi227y1MTR3VYBpFTdZs823Rs/hpakufleBoufoOIB6jtm9FEoxn/cgO7l6PM2rCEl5Kre5vX0QrQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-openbsd-x64": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.58.0.tgz",
+      "integrity": "sha512-ds4iwfYkSQ0k1nb8LTcyXw//ToHOnNTJtceySpL3fa7tc/AsE+UpUFphW126A6fKBGJD5dhRvg8zw1rvoGFxmw==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ]
+    },
+    "node_modules/@rollup/rollup-openharmony-arm64": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.58.0.tgz",
+      "integrity": "sha512-fd/zpJniln4ICdPkjWFhZYeY/bpnaN9pGa6ko+5WD38I0tTqk9lXMgXZg09MNdhpARngmxiCg0B0XUamNw/5BQ==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-arm64-msvc": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.58.0.tgz",
+      "integrity": "sha512-YpG8dUOip7DCz3nr/JUfPbIUo+2d/dy++5bFzgi4ugOGBIox+qMbbqt/JoORwvI/C9Kn2tz6+Bieoqd5+B1CjA==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-ia32-msvc": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.58.0.tgz",
+      "integrity": "sha512-b9DI8jpFQVh4hIXFr0/+N/TzLdpBIoPzjt0Rt4xJbW3mzguV3mduR9cNgiuFcuL/TeORejJhCWiAXe3E/6PxWA==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-x64-gnu": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.58.0.tgz",
+      "integrity": "sha512-CSrVpmoRJFN06LL9xhkitkwUcTZtIotYAF5p6XOR2zW0Zz5mzb3IPpcoPhB02frzMHFNo1reQ9xSF5fFm3hUsQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-x64-msvc": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.58.0.tgz",
+      "integrity": "sha512-QFsBgQNTnh5K0t/sBsjJLq24YVqEIVkGpfN2VHsnN90soZyhaiA9UUHufcctVNL4ypJY0wrwad0wslx2KJQ1/w==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@types/babel__core": {
+      "version": "7.20.5",
+      "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz",
+      "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "^7.20.7",
+        "@babel/types": "^7.20.7",
+        "@types/babel__generator": "*",
+        "@types/babel__template": "*",
+        "@types/babel__traverse": "*"
+      }
+    },
+    "node_modules/@types/babel__generator": {
+      "version": "7.27.0",
+      "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.27.0.tgz",
+      "integrity": "sha512-ufFd2Xi92OAVPYsy+P4n7/U7e68fex0+Ee8gSG9KX7eo084CWiQ4sdxktvdl0bOPupXtVJPY19zk6EwWqUQ8lg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/types": "^7.0.0"
+      }
+    },
+    "node_modules/@types/babel__template": {
+      "version": "7.4.4",
+      "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz",
+      "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "^7.1.0",
+        "@babel/types": "^7.0.0"
+      }
+    },
+    "node_modules/@types/babel__traverse": {
+      "version": "7.28.0",
+      "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.28.0.tgz",
+      "integrity": "sha512-8PvcXf70gTDZBgt9ptxJ8elBeBjcLOAcOtoO/mPJjtji1+CdGbHgm77om1GrsPxsiE+uXIpNSK64UYaIwQXd4Q==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/types": "^7.28.2"
+      }
+    },
+    "node_modules/@types/estree": {
+      "version": "1.0.8",
+      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz",
+      "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@vitejs/plugin-react": {
+      "version": "4.7.0",
+      "resolved": "https://registry.npmjs.org/@vitejs/plugin-react/-/plugin-react-4.7.0.tgz",
+      "integrity": "sha512-gUu9hwfWvvEDBBmgtAowQCojwZmJ5mcLn3aufeCsitijs3+f2NsrPtlAWIR6OPiqljl96GVCUbLe0HyqIpVaoA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/core": "^7.28.0",
+        "@babel/plugin-transform-react-jsx-self": "^7.27.1",
+        "@babel/plugin-transform-react-jsx-source": "^7.27.1",
+        "@rolldown/pluginutils": "1.0.0-beta.27",
+        "@types/babel__core": "^7.20.5",
+        "react-refresh": "^0.17.0"
+      },
+      "engines": {
+        "node": "^14.18.0 || >=16.0.0"
+      },
+      "peerDependencies": {
+        "vite": "^4.2.0 || ^5.0.0 || ^6.0.0 || ^7.0.0"
+      }
+    },
+    "node_modules/baseline-browser-mapping": {
+      "version": "2.10.0",
+      "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.10.0.tgz",
+      "integrity": "sha512-lIyg0szRfYbiy67j9KN8IyeD7q7hcmqnJ1ddWmNt19ItGpNN64mnllmxUNFIOdOm6by97jlL6wfpTTJrmnjWAA==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "bin": {
+        "baseline-browser-mapping": "dist/cli.cjs"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/browserslist": {
+      "version": "4.28.1",
+      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.28.1.tgz",
+      "integrity": "sha512-ZC5Bd0LgJXgwGqUknZY/vkUQ04r8NXnJZ3yYi4vDmSiZmC/pdSN0NbNRPxZpbtO4uAfDUAFffO8IZoM3Gj8IkA==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/browserslist"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "baseline-browser-mapping": "^2.9.0",
+        "caniuse-lite": "^1.0.30001759",
+        "electron-to-chromium": "^1.5.263",
+        "node-releases": "^2.0.27",
+        "update-browserslist-db": "^1.2.0"
+      },
+      "bin": {
+        "browserslist": "cli.js"
+      },
+      "engines": {
+        "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7"
+      }
+    },
+    "node_modules/caniuse-lite": {
+      "version": "1.0.30001770",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001770.tgz",
+      "integrity": "sha512-x/2CLQ1jHENRbHg5PSId2sXq1CIO1CISvwWAj027ltMVG2UNgW+w9oH2+HzgEIRFembL8bUlXtfbBHR1fCg2xw==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/caniuse-lite"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "CC-BY-4.0"
+    },
+    "node_modules/convert-source-map": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
+      "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/debug": {
+      "version": "4.4.3",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+      "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "ms": "^2.1.3"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "peerDependenciesMeta": {
+        "supports-color": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/electron-to-chromium": {
+      "version": "1.5.302",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.302.tgz",
+      "integrity": "sha512-sM6HAN2LyK82IyPBpznDRqlTQAtuSaO+ShzFiWTvoMJLHyZ+Y39r8VMfHzwbU8MVBzQ4Wdn85+wlZl2TLGIlwg==",
+      "dev": true,
+      "license": "ISC"
+    },
+    "node_modules/esbuild": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.12.tgz",
+      "integrity": "sha512-bbPBYYrtZbkt6Os6FiTLCTFxvq4tt3JKall1vRwshA3fdVztsLAatFaZobhkBC8/BrPetoa0oksYoKXoG4ryJg==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "bin": {
+        "esbuild": "bin/esbuild"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "optionalDependencies": {
+        "@esbuild/aix-ppc64": "0.25.12",
+        "@esbuild/android-arm": "0.25.12",
+        "@esbuild/android-arm64": "0.25.12",
+        "@esbuild/android-x64": "0.25.12",
+        "@esbuild/darwin-arm64": "0.25.12",
+        "@esbuild/darwin-x64": "0.25.12",
+        "@esbuild/freebsd-arm64": "0.25.12",
+        "@esbuild/freebsd-x64": "0.25.12",
+        "@esbuild/linux-arm": "0.25.12",
+        "@esbuild/linux-arm64": "0.25.12",
+        "@esbuild/linux-ia32": "0.25.12",
+        "@esbuild/linux-loong64": "0.25.12",
+        "@esbuild/linux-mips64el": "0.25.12",
+        "@esbuild/linux-ppc64": "0.25.12",
+        "@esbuild/linux-riscv64": "0.25.12",
+        "@esbuild/linux-s390x": "0.25.12",
+        "@esbuild/linux-x64": "0.25.12",
+        "@esbuild/netbsd-arm64": "0.25.12",
+        "@esbuild/netbsd-x64": "0.25.12",
+        "@esbuild/openbsd-arm64": "0.25.12",
+        "@esbuild/openbsd-x64": "0.25.12",
+        "@esbuild/openharmony-arm64": "0.25.12",
+        "@esbuild/sunos-x64": "0.25.12",
+        "@esbuild/win32-arm64": "0.25.12",
+        "@esbuild/win32-ia32": "0.25.12",
+        "@esbuild/win32-x64": "0.25.12"
+      }
+    },
+    "node_modules/escalade": {
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz",
+      "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/fdir": {
+      "version": "6.5.0",
+      "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz",
+      "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=12.0.0"
+      },
+      "peerDependencies": {
+        "picomatch": "^3 || ^4"
+      },
+      "peerDependenciesMeta": {
+        "picomatch": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/fsevents": {
+      "version": "2.3.3",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
+      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
+    "node_modules/gensync": {
+      "version": "1.0.0-beta.2",
+      "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz",
+      "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/js-tokens": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
+      "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==",
+      "license": "MIT"
+    },
+    "node_modules/jsesc": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.1.0.tgz",
+      "integrity": "sha512-/sM3dO2FOzXjKQhJuo0Q173wf2KOo8t4I8vHy6lF9poUp7bKT0/NHE8fPX23PwfhnykfqnC2xRxOnVw5XuGIaA==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "jsesc": "bin/jsesc"
+      },
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/json5": {
+      "version": "2.2.3",
+      "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
+      "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "json5": "lib/cli.js"
+      },
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/loose-envify": {
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz",
+      "integrity": "sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==",
+      "license": "MIT",
+      "dependencies": {
+        "js-tokens": "^3.0.0 || ^4.0.0"
+      },
+      "bin": {
+        "loose-envify": "cli.js"
+      }
+    },
+    "node_modules/lru-cache": {
+      "version": "5.1.1",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz",
+      "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "yallist": "^3.0.2"
+      }
+    },
+    "node_modules/ms": {
+      "version": "2.1.3",
+      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
+      "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/nanoid": {
+      "version": "3.3.11",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.11.tgz",
+      "integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "bin": {
+        "nanoid": "bin/nanoid.cjs"
+      },
+      "engines": {
+        "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1"
+      }
+    },
+    "node_modules/node-releases": {
+      "version": "2.0.27",
+      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.27.tgz",
+      "integrity": "sha512-nmh3lCkYZ3grZvqcCH+fjmQ7X+H0OeZgP40OierEaAptX4XofMh5kwNbWh7lBduUzCcV/8kZ+NDLCwm2iorIlA==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/picocolors": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz",
+      "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==",
+      "dev": true,
+      "license": "ISC"
+    },
+    "node_modules/picomatch": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+      "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/postcss": {
+      "version": "8.5.6",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.6.tgz",
+      "integrity": "sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/postcss"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "nanoid": "^3.3.11",
+        "picocolors": "^1.1.1",
+        "source-map-js": "^1.2.1"
+      },
+      "engines": {
+        "node": "^10 || ^12 || >=14"
+      }
+    },
+    "node_modules/react": {
+      "version": "18.3.1",
+      "resolved": "https://registry.npmjs.org/react/-/react-18.3.1.tgz",
+      "integrity": "sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==",
+      "license": "MIT",
+      "dependencies": {
+        "loose-envify": "^1.1.0"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/react-dom": {
+      "version": "18.3.1",
+      "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-18.3.1.tgz",
+      "integrity": "sha512-5m4nQKp+rZRb09LNH59GM4BxTh9251/ylbKIbpe7TpGxfJ+9kv6BLkLBXIjjspbgbnIBNqlI23tRnTWT0snUIw==",
+      "license": "MIT",
+      "dependencies": {
+        "loose-envify": "^1.1.0",
+        "scheduler": "^0.23.2"
+      },
+      "peerDependencies": {
+        "react": "^18.3.1"
+      }
+    },
+    "node_modules/react-refresh": {
+      "version": "0.17.0",
+      "resolved": "https://registry.npmjs.org/react-refresh/-/react-refresh-0.17.0.tgz",
+      "integrity": "sha512-z6F7K9bV85EfseRCp2bzrpyQ0Gkw1uLoCel9XBVWPg/TjRj94SkJzUTGfOa4bs7iJvBWtQG0Wq7wnI0syw3EBQ==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/rollup": {
+      "version": "4.58.0",
+      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.58.0.tgz",
+      "integrity": "sha512-wbT0mBmWbIvvq8NeEYWWvevvxnOyhKChir47S66WCxw1SXqhw7ssIYejnQEVt7XYQpsj2y8F9PM+Cr3SNEa0gw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@types/estree": "1.0.8"
+      },
+      "bin": {
+        "rollup": "dist/bin/rollup"
+      },
+      "engines": {
+        "node": ">=18.0.0",
+        "npm": ">=8.0.0"
+      },
+      "optionalDependencies": {
+        "@rollup/rollup-android-arm-eabi": "4.58.0",
+        "@rollup/rollup-android-arm64": "4.58.0",
+        "@rollup/rollup-darwin-arm64": "4.58.0",
+        "@rollup/rollup-darwin-x64": "4.58.0",
+        "@rollup/rollup-freebsd-arm64": "4.58.0",
+        "@rollup/rollup-freebsd-x64": "4.58.0",
+        "@rollup/rollup-linux-arm-gnueabihf": "4.58.0",
+        "@rollup/rollup-linux-arm-musleabihf": "4.58.0",
+        "@rollup/rollup-linux-arm64-gnu": "4.58.0",
+        "@rollup/rollup-linux-arm64-musl": "4.58.0",
+        "@rollup/rollup-linux-loong64-gnu": "4.58.0",
+        "@rollup/rollup-linux-loong64-musl": "4.58.0",
+        "@rollup/rollup-linux-ppc64-gnu": "4.58.0",
+        "@rollup/rollup-linux-ppc64-musl": "4.58.0",
+        "@rollup/rollup-linux-riscv64-gnu": "4.58.0",
+        "@rollup/rollup-linux-riscv64-musl": "4.58.0",
+        "@rollup/rollup-linux-s390x-gnu": "4.58.0",
+        "@rollup/rollup-linux-x64-gnu": "4.58.0",
+        "@rollup/rollup-linux-x64-musl": "4.58.0",
+        "@rollup/rollup-openbsd-x64": "4.58.0",
+        "@rollup/rollup-openharmony-arm64": "4.58.0",
+        "@rollup/rollup-win32-arm64-msvc": "4.58.0",
+        "@rollup/rollup-win32-ia32-msvc": "4.58.0",
+        "@rollup/rollup-win32-x64-gnu": "4.58.0",
+        "@rollup/rollup-win32-x64-msvc": "4.58.0",
+        "fsevents": "~2.3.2"
+      }
+    },
+    "node_modules/scheduler": {
+      "version": "0.23.2",
+      "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.23.2.tgz",
+      "integrity": "sha512-UOShsPwz7NrMUqhR6t0hWjFduvOzbtv7toDH1/hIrfRNIDBnnBWd0CwJTGvTpngVlmwGCdP9/Zl/tVrDqcuYzQ==",
+      "license": "MIT",
+      "dependencies": {
+        "loose-envify": "^1.1.0"
+      }
+    },
+    "node_modules/semver": {
+      "version": "6.3.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
+      "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==",
+      "dev": true,
+      "license": "ISC",
+      "bin": {
+        "semver": "bin/semver.js"
+      }
+    },
+    "node_modules/source-map-js": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.1.tgz",
+      "integrity": "sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==",
+      "dev": true,
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/tinyglobby": {
+      "version": "0.2.15",
+      "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.15.tgz",
+      "integrity": "sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "fdir": "^6.5.0",
+        "picomatch": "^4.0.3"
+      },
+      "engines": {
+        "node": ">=12.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/SuperchupuDev"
+      }
+    },
+    "node_modules/update-browserslist-db": {
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.2.3.tgz",
+      "integrity": "sha512-Js0m9cx+qOgDxo0eMiFGEueWztz+d4+M3rGlmKPT+T4IS/jP4ylw3Nwpu6cpTTP8R1MAC1kF4VbdLt3ARf209w==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/browserslist"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "escalade": "^3.2.0",
+        "picocolors": "^1.1.1"
+      },
+      "bin": {
+        "update-browserslist-db": "cli.js"
+      },
+      "peerDependencies": {
+        "browserslist": ">= 4.21.0"
+      }
+    },
+    "node_modules/vite": {
+      "version": "6.4.1",
+      "resolved": "https://registry.npmjs.org/vite/-/vite-6.4.1.tgz",
+      "integrity": "sha512-+Oxm7q9hDoLMyJOYfUYBuHQo+dkAloi33apOPP56pzj+vsdJDzr+j1NISE5pyaAuKL4A3UD34qd0lx5+kfKp2g==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "esbuild": "^0.25.0",
+        "fdir": "^6.4.4",
+        "picomatch": "^4.0.2",
+        "postcss": "^8.5.3",
+        "rollup": "^4.34.9",
+        "tinyglobby": "^0.2.13"
+      },
+      "bin": {
+        "vite": "bin/vite.js"
+      },
+      "engines": {
+        "node": "^18.0.0 || ^20.0.0 || >=22.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/vitejs/vite?sponsor=1"
+      },
+      "optionalDependencies": {
+        "fsevents": "~2.3.3"
+      },
+      "peerDependencies": {
+        "@types/node": "^18.0.0 || ^20.0.0 || >=22.0.0",
+        "jiti": ">=1.21.0",
+        "less": "*",
+        "lightningcss": "^1.21.0",
+        "sass": "*",
+        "sass-embedded": "*",
+        "stylus": "*",
+        "sugarss": "*",
+        "terser": "^5.16.0",
+        "tsx": "^4.8.1",
+        "yaml": "^2.4.2"
+      },
+      "peerDependenciesMeta": {
+        "@types/node": {
+          "optional": true
+        },
+        "jiti": {
+          "optional": true
+        },
+        "less": {
+          "optional": true
+        },
+        "lightningcss": {
+          "optional": true
+        },
+        "sass": {
+          "optional": true
+        },
+        "sass-embedded": {
+          "optional": true
+        },
+        "stylus": {
+          "optional": true
+        },
+        "sugarss": {
+          "optional": true
+        },
+        "terser": {
+          "optional": true
+        },
+        "tsx": {
+          "optional": true
+        },
+        "yaml": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/yallist": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
+      "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==",
+      "dev": true,
+      "license": "ISC"
+    }
+  }
+}

client/package.json

@@ -0,0 +1,19 @@
+{
+  "name": "adaptiveauth-ui",
+  "private": true,
+  "version": "1.0.0",
+  "type": "module",
+  "scripts": {
+    "dev": "vite",
+    "build": "vite build",
+    "preview": "vite preview"
+  },
+  "dependencies": {
+    "react": "^18.3.1",
+    "react-dom": "^18.3.1"
+  },
+  "devDependencies": {
+    "@vitejs/plugin-react": "^4.3.4",
+    "vite": "^6.0.0"
+  }
+}

client/src/App.jsx

@@ -0,0 +1,78 @@
+import { useState, useEffect } from 'react';
+import Topbar       from './components/Topbar';
+import TokenBar     from './components/TokenBar';
+import Scenario1Tab from './tabs/Scenario1Tab';
+import Scenario2Tab from './tabs/Scenario2Tab';
+import ApiTab       from './tabs/ApiTab';
+import AdminTab     from './tabs/AdminTab';
+import IntelTab     from './tabs/IntelTab';
+import { getToken, clearToken } from './api';
+
+const TABS = [
+  { id: 'scenario1', label: '🔬 Scenario 1: Behavior' },
+  { id: 'scenario2', label: '🚨 Scenario 2: Attacks'  },
+  { id: 'api',       label: '🔧 API Testing'           },
+  { id: 'admin',     label: '🛡️ Admin Dashboard'       },
+  { id: 'intel',     label: '🧠 Intelligence'          },
+];
+
+export default function App() {
+  const [activeTab,     setActiveTab]     = useState('scenario1');
+  const [token,         setToken]         = useState(getToken);
+  const [serverStatus,  setServerStatus]  = useState('checking');
+
+  const refreshToken = () => setToken(getToken());
+  const handleClear  = () => { clearToken(); setToken(''); };
+
+  const ping = async () => {
+    setServerStatus('checking');
+    try {
+      const r = await fetch('/health');
+      setServerStatus(r.ok ? 'online' : 'error');
+    } catch {
+      setServerStatus('offline');
+    }
+  };
+
+  useEffect(() => { ping(); }, []);
+
+  return (
+    <div className="app">
+      <Topbar serverStatus={serverStatus} onRefresh={ping} />
+
+      <div className="container">
+        <div className="hero">
+          <h1>Adaptive Authentication <span>Framework</span></h1>
+          <p>
+            Production-ready risk-based auth &mdash; JWT &bull; 2FA &bull;
+            Behavioral Analysis &bull; Anomaly Detection
+          </p>
+        </div>
+
+        <TokenBar token={token} onRefresh={refreshToken} onClear={handleClear} />
+
+        <nav className="main-tabs" role="tablist">
+          {TABS.map(t => (
+            <button
+              key={t.id}
+              role="tab"
+              aria-selected={activeTab === t.id}
+              className={activeTab === t.id ? 'active' : ''}
+              onClick={() => setActiveTab(t.id)}
+            >
+              {t.label}
+            </button>
+          ))}
+        </nav>
+
+        <div role="tabpanel">
+          {activeTab === 'scenario1' && <Scenario1Tab onTokenSave={refreshToken} />}
+          {activeTab === 'scenario2' && <Scenario2Tab onTokenSave={refreshToken} />}
+          {activeTab === 'api'       && <ApiTab       onTokenSave={refreshToken} />}
+          {activeTab === 'admin'     && <AdminTab     onTokenSave={refreshToken} />}
+          {activeTab === 'intel'     && <IntelTab     onTokenSave={refreshToken} />}
+        </div>
+      </div>
+    </div>
+  );
+}

client/src/api.js

@@ -0,0 +1,35 @@
+// Shared API utility for AdaptiveAuth React UI
+const BASE = '/api/v1';
+
+export const ENDPOINTS = {
+  AUTH:  `${BASE}/auth`,
+  DEMO:  `${BASE}/demo`,
+  ADMIN: `${BASE}/admin`,
+  USER:  `${BASE}/user`,
+  RISK:  `${BASE}/risk`,
+  INTEL: `${BASE}/session-intel`,
+  API:   BASE,
+};
+
+export const getToken  = () => localStorage.getItem('token') || '';
+export const saveToken = (t) => localStorage.setItem('token', t);
+export const clearToken = () => localStorage.removeItem('token');
+
+export async function req(url, method = 'GET', body = null, auth = true) {
+  const headers = { 'Content-Type': 'application/json' };
+  if (auth) {
+    const t = getToken();
+    if (t) headers['Authorization'] = `Bearer ${t}`;
+  }
+  try {
+    const res = await fetch(url, {
+      method,
+      headers,
+      body: body != null ? JSON.stringify(body) : undefined,
+    });
+    const data = await res.json().catch(() => ({}));
+    return { ok: res.ok, status: res.status, data };
+  } catch (e) {
+    return { ok: false, status: 0, data: { detail: e.message } };
+  }
+}

client/src/components/RiskViz.jsx

@@ -0,0 +1,184 @@
+// ─── Risk Visualization Components ───────────────────────────────────────────
+
+const ARC_LEN = 220;
+
+const RISK_COLORS = {
+  low:      '#16a34a',
+  medium:   '#d97706',
+  high:     '#f97316',
+  critical: '#dc2626',
+};
+
+const STATUS_CLASS = {
+  success:           'success',
+  challenge_required:'challenge',
+  blocked:           'blocked',
+};
+const STATUS_LABEL = {
+  success:           '✅ ACCESS GRANTED',
+  challenge_required:'⚠️ CHALLENGE REQUIRED',
+  blocked:           '🚫 BLOCKED',
+};
+
+// ── Gauge Arc (SVG Semi-circle) ───────────────────────────────────────────────
+function GaugeArc({ score, color }) {
+  const offset = ARC_LEN - (score / 100) * ARC_LEN;
+  return (
+    <div className="gauge-wrap">
+      <svg width="170" height="100" viewBox="0 0 170 100" style={{ overflow: 'visible' }}>
+        {/* Track */}
+        <path
+          d="M 10,80 A 75,75 0 0,1 160,80"
+          fill="none"
+          stroke="#e2e8f0"
+          strokeWidth="13"
+          strokeLinecap="round"
+        />
+        {/* Fill */}
+        <path
+          d="M 10,80 A 75,75 0 0,1 160,80"
+          fill="none"
+          stroke={color}
+          strokeWidth="13"
+          strokeLinecap="round"
+          strokeDasharray={ARC_LEN}
+          strokeDashoffset={offset}
+          style={{ transition: 'stroke-dashoffset .8s ease, stroke .5s' }}
+        />
+        {/* Score text */}
+        <text
+          x="85"
+          y="72"
+          textAnchor="middle"
+          fontSize="28"
+          fontWeight="800"
+          fill={color}
+          style={{ transition: 'fill .5s' }}
+        >
+          {Math.round(score)}
+        </text>
+      </svg>
+    </div>
+  );
+}
+
+// ── Security Level Segments ───────────────────────────────────────────────────
+function LevelBar({ level }) {
+  return (
+    <div>
+      <div className="text-sm text-muted mb-1">Security Level</div>
+      <div className="level-bar">
+        {[0, 1, 2, 3, 4].map(i => (
+          <div
+            key={i}
+            className={`level-seg ${i <= level ? `seg-${i}` : ''}`}
+          />
+        ))}
+      </div>
+      <div className="flex justify-between text-xs text-muted mt-1">
+        <span>0 Trusted</span>
+        <span>4 Blocked</span>
+      </div>
+    </div>
+  );
+}
+
+// ── Risk Factor Bars ──────────────────────────────────────────────────────────
+const FACTOR_NAMES   = { device: 'Device', location: 'Location', time: 'Time Pattern', velocity: 'Velocity', behavior: 'Behavior' };
+const FACTOR_WEIGHTS = { device: '21%', location: '97.68%', time: '0.02%', velocity: '2.08%', behavior: '0.01%' };
+
+function FactorBars({ factors }) {
+  if (!factors) return null;
+  return (
+    <div>
+      <div className="text-xs font-600 uppercase letter-wide text-muted mb-2">Risk Factor Breakdown</div>
+      {['device', 'location', 'time', 'velocity', 'behavior'].map(k => {
+        const val = factors[k] || 0;
+        const color = val > 70 ? '#dc2626' : val > 40 ? '#d97706' : '#16a34a';
+        return (
+          <div className="factor-row" key={k}>
+            <div className="factor-label">
+              <span>{FACTOR_NAMES[k]}</span>
+              <span className="text-xs">{val.toFixed(1)} / 100 &nbsp;(w: {FACTOR_WEIGHTS[k]})</span>
+            </div>
+            <div className="factor-bar-wrap">
+              <div className="factor-bar" style={{ width: `${val}%`, background: color }} />
+            </div>
+          </div>
+        );
+      })}
+    </div>
+  );
+}
+
+// ── Decision Panel ────────────────────────────────────────────────────────────
+function DecisionPanel({ decision }) {
+  const status = decision.status || 'success';
+  const cls    = STATUS_CLASS[status] || 'success';
+  const label  = STATUS_LABEL[status] || status.toUpperCase();
+  const level  = decision.security_level !== undefined ? decision.security_level : 0;
+
+  return (
+    <div className="decision-panel">
+      <div className={`decision-header ${cls}`}>{label}</div>
+      <div className="decision-body">
+        <div className="mb-1">
+          Security Level: <strong>{level}</strong> / 4
+        </div>
+        {decision.challenge_type && (
+          <div>Challenge: <strong>{decision.challenge_type.toUpperCase()}</strong></div>
+        )}
+        {decision.message && (
+          <div className="mt-2 text-muted text-sm">{decision.message}</div>
+        )}
+      </div>
+    </div>
+  );
+}
+
+// ── Full Risk Viz Card ────────────────────────────────────────────────────────
+export function RiskVizCard({ decision, notes }) {
+  if (!decision) return null;
+  const score  = decision.risk_score || 0;
+  const level  = decision.security_level !== undefined ? decision.security_level : 0;
+  const rl     = (decision.risk_level || 'low').toLowerCase();
+  const color  = RISK_COLORS[rl] || '#2563eb';
+
+  return (
+    <div className="card" style={{ animation: 'fadeIn .3s ease' }}>
+      <div className="card-header">📊 Risk Assessment Result</div>
+
+      <div className="grid-2" style={{ alignItems: 'start' }}>
+        <div>
+          <GaugeArc score={score} color={color} />
+          <div className="gauge-label" style={{ color }}>{rl.toUpperCase()} RISK</div>
+        </div>
+        <div>
+          <LevelBar level={level} />
+          <DecisionPanel decision={decision} />
+        </div>
+      </div>
+
+      <div className="mt-4">
+        <FactorBars factors={decision.risk_factors} />
+      </div>
+
+      {notes && notes.length > 0 && (
+        <div className="mt-3">
+          <div className="text-xs font-600 uppercase letter-wide text-muted mb-2">
+            What the Framework Saw
+          </div>
+          {notes.map((n, i) => (
+            <div
+              key={i}
+              className="text-sm text-2"
+              style={{ padding: '4px 0', borderBottom: '1px solid var(--border)' }}
+            >
+              {n}
+            </div>
+          ))}
+        </div>
+      )}
+    </div>
+  );
+}

client/src/components/TokenBar.jsx

@@ -0,0 +1,20 @@
+export default function TokenBar({ token, onRefresh, onClear }) {
+  const handleCopy = () => {
+    if (!token) { alert('No token to copy.'); return; }
+    navigator.clipboard
+      .writeText(token)
+      .then(() => alert('Token copied!'))
+      .catch(() => alert(token.substring(0, 80) + '…'));
+  };
+
+  return (
+    <div className="token-bar">
+      <span className="token-label">JWT Token</span>
+      <span className="token-val">
+        {token ? token.substring(0, 64) + '…' : 'No token — log in first'}
+      </span>
+      <button className="btn btn-ghost btn-sm" onClick={handleCopy}>Copy</button>
+      <button className="btn btn-danger btn-sm" onClick={onClear}>Clear</button>
+    </div>
+  );
+}

client/src/components/Topbar.jsx

@@ -0,0 +1,21 @@
+export default function Topbar({ serverStatus, onRefresh }) {
+  const statusText =
+    serverStatus === 'online'   ? 'Server online'  :
+    serverStatus === 'checking' ? 'Checking…'       :
+    serverStatus === 'error'    ? 'Server error'    : 'Server offline';
+
+  return (
+    <header className="topbar">
+      <div className="topbar-logo">
+        ⚡ Adaptive<em>Auth</em>
+      </div>
+      <div className="topbar-status">
+        <span className={`status-dot ${serverStatus}`}></span>
+        <span>{statusText}</span>
+        <button className="btn btn-ghost btn-sm" onClick={onRefresh} style={{ marginLeft: 4 }}>
+          Refresh
+        </button>
+      </div>
+    </header>
+  );
+}

client/src/components/ui.jsx

@@ -0,0 +1,72 @@
+// ─── Shared UI Primitives ────────────────────────────────────────────────────
+
+export function Card({ children, style }) {
+  return <div className="card" style={style}>{children}</div>;
+}
+
+export function CardHeader({ icon, children, actions }) {
+  if (actions) {
+    return (
+      <div className="card-header-row">
+        <span className="card-title">
+          {icon && <span>{icon}</span>}
+          {children}
+        </span>
+        {actions}
+      </div>
+    );
+  }
+  return (
+    <div className="card-header">
+      {icon && <span>{icon}</span>}
+      {children}
+    </div>
+  );
+}
+
+export function Callout({ type = 'info', children }) {
+  return <div className={`callout callout-${type}`}>{children}</div>;
+}
+
+export function FormGroup({ label, children }) {
+  return (
+    <div className="form-group">
+      {label && <label>{label}</label>}
+      {children}
+    </div>
+  );
+}
+
+export function ResponseBox({ result }) {
+  if (!result) return null;
+  return (
+    <div className={`resp-box ${result.ok ? 'ok' : 'err'}`}>
+      {JSON.stringify(result.data, null, 2)}
+    </div>
+  );
+}
+
+export function Tag({ children }) {
+  return <span className="tag">{children}</span>;
+}
+
+export function Badge({ type = 'muted', children }) {
+  return <span className={`badge badge-${type}`}>{children}</span>;
+}
+
+export function StepBar({ steps, current }) {
+  return (
+    <div className="step-bar">
+      {steps.map((s, i) => (
+        <div
+          key={i}
+          className={`step-item ${i < current ? 'done' : i === current ? 'active' : ''}`}
+        >
+          <div className="step-num">{i < current ? '✓' : i}</div>
+          <div className="step-label">{s.label}</div>
+          <div className="step-sub">{s.sub}</div>
+        </div>
+      ))}
+    </div>
+  );
+}

client/src/index.css

@@ -0,0 +1,707 @@
+/* =====================================================
+   AdaptiveAuth UI — Professional Light Theme
+   ===================================================== */
+
+*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+
+:root {
+  /* Background */
+  --bg:             #f0f4f8;
+  --surface:        #ffffff;
+  --surface-2:      #f8fafc;
+
+  /* Borders */
+  --border:         #e2e8f0;
+  --border-2:       #cbd5e1;
+
+  /* Text */
+  --text:           #0f172a;
+  --text-2:         #334155;
+  --muted:          #64748b;
+  --placeholder:    #94a3b8;
+
+  /* Primary — Blue-600 */
+  --primary:        #2563eb;
+  --primary-h:      #1d4ed8;
+  --primary-50:     #eff6ff;
+  --primary-100:    #dbeafe;
+  --primary-text:   #1e40af;
+
+  /* Success — Green-600 */
+  --success:        #16a34a;
+  --success-h:      #15803d;
+  --success-50:     #f0fdf4;
+  --success-100:    #dcfce7;
+  --success-border: #86efac;
+
+  /* Warning — Amber-600 */
+  --warn:           #d97706;
+  --warn-h:         #b45309;
+  --warn-50:        #fffbeb;
+  --warn-100:       #fef3c7;
+  --warn-border:    #fcd34d;
+
+  /* Danger — Red-600 */
+  --danger:         #dc2626;
+  --danger-h:       #b91c1c;
+  --danger-50:      #fef2f2;
+  --danger-100:     #fee2e2;
+  --danger-border:  #fca5a5;
+
+  /* Info — Sky-600 */
+  --info:           #0284c7;
+  --info-50:        #f0f9ff;
+  --info-100:       #e0f2fe;
+  --info-border:    #7dd3fc;
+
+  /* Layout */
+  --r:              8px;
+  --r-sm:           5px;
+  --r-lg:           12px;
+  --shadow-sm:      0 1px 2px rgba(0,0,0,.05);
+  --shadow:         0 1px 3px rgba(0,0,0,.08), 0 1px 2px rgba(0,0,0,.05);
+  --shadow-md:      0 4px 6px rgba(0,0,0,.06), 0 2px 4px rgba(0,0,0,.05);
+}
+
+/* ── Base ─────────────────────────────────────────── */
+body {
+  font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+  background: var(--bg);
+  color: var(--text);
+  line-height: 1.6;
+  font-size: 14px;
+  -webkit-font-smoothing: antialiased;
+}
+
+/* ── Topbar ───────────────────────────────────────── */
+.topbar {
+  background: var(--surface);
+  border-bottom: 1px solid var(--border);
+  height: 56px;
+  padding: 0 28px;
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  position: sticky;
+  top: 0;
+  z-index: 100;
+  box-shadow: var(--shadow-sm);
+}
+.topbar-logo {
+  font-size: 18px;
+  font-weight: 800;
+  color: var(--primary);
+  letter-spacing: -.3px;
+  display: flex;
+  align-items: center;
+  gap: 7px;
+}
+.topbar-logo em { color: var(--text); font-style: normal; font-weight: 600; }
+.topbar-status {
+  display: flex;
+  align-items: center;
+  gap: 8px;
+  font-size: 12px;
+  color: var(--muted);
+}
+.status-dot {
+  width: 8px; height: 8px;
+  border-radius: 50%;
+  background: var(--danger);
+  flex-shrink: 0;
+  transition: background .3s;
+}
+.status-dot.online { background: var(--success); }
+.status-dot.checking { background: var(--warn); animation: pulse 1s ease-in-out infinite; }
+
+/* ── Container ────────────────────────────────────── */
+.container { max-width: 1280px; margin: 0 auto; padding: 28px 28px 60px; }
+
+/* ── Hero ─────────────────────────────────────────── */
+.hero {
+  padding-bottom: 20px;
+  margin-bottom: 24px;
+  border-bottom: 1px solid var(--border);
+}
+.hero h1 {
+  font-size: 24px;
+  font-weight: 800;
+  color: var(--text);
+  letter-spacing: -.4px;
+  margin-bottom: 4px;
+}
+.hero h1 span { color: var(--primary); }
+.hero p { color: var(--muted); font-size: 13px; }
+
+/* ── Token Bar ────────────────────────────────────── */
+.token-bar {
+  background: var(--surface);
+  border: 1px solid var(--border);
+  border-radius: var(--r);
+  padding: 10px 16px;
+  margin-bottom: 20px;
+  display: flex;
+  align-items: center;
+  gap: 10px;
+  box-shadow: var(--shadow-sm);
+}
+.token-label {
+  font-size: 10px;
+  font-weight: 700;
+  text-transform: uppercase;
+  letter-spacing: .8px;
+  color: var(--muted);
+  white-space: nowrap;
+}
+.token-val {
+  flex: 1;
+  font-family: 'Consolas', 'Cascadia Code', monospace;
+  font-size: 12px;
+  color: var(--primary-text);
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+}
+
+/* ── Main Tabs ────────────────────────────────────── */
+.main-tabs {
+  display: flex;
+  gap: 0;
+  border-bottom: 2px solid var(--border);
+  margin-bottom: 24px;
+  overflow-x: auto;
+}
+.main-tabs button {
+  background: none;
+  border: none;
+  border-bottom: 2px solid transparent;
+  margin-bottom: -2px;
+  color: var(--muted);
+  padding: 10px 20px;
+  font-size: 13px;
+  font-weight: 600;
+  cursor: pointer;
+  white-space: nowrap;
+  transition: color .15s, border-color .15s;
+  font-family: inherit;
+}
+.main-tabs button.active { color: var(--primary); border-bottom-color: var(--primary); }
+.main-tabs button:hover:not(.active) { color: var(--text-2); }
+
+/* ── Cards ────────────────────────────────────────── */
+.card {
+  background: var(--surface);
+  border: 1px solid var(--border);
+  border-radius: var(--r);
+  padding: 20px 22px;
+  margin-bottom: 16px;
+  box-shadow: var(--shadow);
+}
+.card-header {
+  display: flex;
+  align-items: center;
+  gap: 8px;
+  font-size: 11px;
+  font-weight: 700;
+  text-transform: uppercase;
+  letter-spacing: .7px;
+  color: var(--muted);
+  padding-bottom: 12px;
+  margin-bottom: 14px;
+  border-bottom: 1px solid var(--border);
+}
+.card-header-row {
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  padding-bottom: 12px;
+  margin-bottom: 14px;
+  border-bottom: 1px solid var(--border);
+}
+.card-header-row .card-title {
+  font-size: 11px;
+  font-weight: 700;
+  text-transform: uppercase;
+  letter-spacing: .7px;
+  color: var(--muted);
+  display: flex;
+  align-items: center;
+  gap: 8px;
+}
+
+/* ── Buttons ──────────────────────────────────────── */
+button, .btn {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  gap: 5px;
+  padding: 8px 16px;
+  border: 1px solid transparent;
+  border-radius: var(--r-sm);
+  font-size: 13px;
+  font-weight: 600;
+  cursor: pointer;
+  transition: background .12s, filter .1s, transform .08s, box-shadow .12s;
+  white-space: nowrap;
+  font-family: inherit;
+  text-align: center;
+}
+button:active:not(:disabled) { transform: scale(.97); }
+button:disabled { opacity: .45; cursor: not-allowed; }
+
+.btn-primary  { background: var(--primary);  color: #fff; border-color: var(--primary-h); }
+.btn-primary:hover:not(:disabled)  { background: var(--primary-h); }
+.btn-success  { background: var(--success);  color: #fff; border-color: var(--success-h); }
+.btn-success:hover:not(:disabled)  { background: var(--success-h); }
+.btn-warn     { background: var(--warn);     color: #fff; border-color: var(--warn-h); }
+.btn-warn:hover:not(:disabled)     { background: var(--warn-h); }
+.btn-danger   { background: var(--danger);   color: #fff; border-color: var(--danger-h); }
+.btn-danger:hover:not(:disabled)   { background: var(--danger-h); }
+.btn-ghost {
+  background: var(--surface);
+  color: var(--text-2);
+  border-color: var(--border);
+  box-shadow: var(--shadow-sm);
+}
+.btn-ghost:hover:not(:disabled) { background: var(--bg); border-color: var(--border-2); }
+
+.btn-sm { padding: 5px 11px; font-size: 12px; }
+.btn-full { width: 100%; }
+
+/* ── Forms ────────────────────────────────────────── */
+.form-group { margin-bottom: 13px; }
+.form-group label {
+  display: block;
+  font-size: 11px;
+  font-weight: 600;
+  color: var(--muted);
+  margin-bottom: 5px;
+  text-transform: uppercase;
+  letter-spacing: .5px;
+}
+input, select, .form-input {
+  width: 100%;
+  background: var(--surface);
+  border: 1px solid var(--border);
+  border-radius: var(--r-sm);
+  color: var(--text);
+  padding: 8px 11px;
+  font-size: 13px;
+  font-family: inherit;
+  transition: border-color .15s, box-shadow .15s;
+}
+input:focus, select:focus, .form-input:focus {
+  outline: none;
+  border-color: var(--primary);
+  box-shadow: 0 0 0 3px var(--primary-100);
+}
+input::placeholder { color: var(--placeholder); }
+input[readonly] { background: var(--surface-2); color: var(--muted); cursor: default; }
+
+/* ── Response Box ─────────────────────────────────── */
+.resp-box {
+  margin-top: 10px;
+  padding: 12px 14px;
+  border-radius: var(--r-sm);
+  font-size: 12px;
+  font-family: 'Consolas', 'Cascadia Code', monospace;
+  background: var(--surface-2);
+  border: 1px solid var(--border);
+  white-space: pre-wrap;
+  word-break: break-all;
+  max-height: 280px;
+  overflow-y: auto;
+  line-height: 1.6;
+  color: var(--text-2);
+}
+.resp-box.ok  { border-color: var(--success-border); color: var(--success); background: var(--success-50); }
+.resp-box.err { border-color: var(--danger-border);  color: var(--danger);  background: var(--danger-50); }
+
+/* ── Callouts ─────────────────────────────────────── */
+.callout {
+  padding: 12px 15px;
+  border-radius: var(--r-sm);
+  font-size: 13px;
+  line-height: 1.65;
+  margin-bottom: 14px;
+  border-left: 3px solid;
+}
+.callout-info    { background: var(--info-50);    border-color: var(--info);    color: #0c4a6e; }
+.callout-success { background: var(--success-50); border-color: var(--success); color: #14532d; }
+.callout-warn    { background: var(--warn-50);    border-color: var(--warn);    color: #78350f; }
+.callout-danger  { background: var(--danger-50);  border-color: var(--danger);  color: #7f1d1d; }
+
+/* ── Badges & Tags ────────────────────────────────── */
+.badge {
+  display: inline-flex;
+  align-items: center;
+  padding: 2px 9px;
+  border-radius: 4px;
+  font-size: 11px;
+  font-weight: 700;
+  letter-spacing: .4px;
+  text-transform: uppercase;
+}
+.badge-success { background: var(--success-100); color: var(--success); border: 1px solid var(--success-border); }
+.badge-warn    { background: var(--warn-100);    color: var(--warn);    border: 1px solid var(--warn-border); }
+.badge-danger  { background: var(--danger-100);  color: var(--danger);  border: 1px solid var(--danger-border); }
+.badge-info    { background: var(--info-100);    color: var(--info);    border: 1px solid var(--info-border); }
+.badge-muted   { background: var(--surface-2);   color: var(--muted);   border: 1px solid var(--border); }
+
+.tag {
+  display: inline-block;
+  padding: 1px 7px;
+  border-radius: 4px;
+  font-size: 11px;
+  background: var(--primary-50);
+  color: var(--primary-text);
+  margin: 2px;
+  font-weight: 600;
+  border: 1px solid var(--primary-100);
+}
+
+/* ── Pill ─────────────────────────────────────────── */
+.pill {
+  display: inline-flex;
+  align-items: center;
+  gap: 4px;
+  padding: 3px 9px;
+  border-radius: 4px;
+  font-size: 11px;
+  font-weight: 700;
+  text-transform: uppercase;
+  letter-spacing: .3px;
+}
+.pill-ok  { background: var(--success-100); color: var(--success); border: 1px solid var(--success-border); }
+.pill-err { background: var(--danger-100);  color: var(--danger);  border: 1px solid var(--danger-border); }
+.pill-warn{ background: var(--warn-100);    color: var(--warn);    border: 1px solid var(--warn-border); }
+
+/* ── Step Bar ─────────────────────────────────────── */
+.step-bar {
+  display: flex;
+  gap: 8px;
+  margin-bottom: 20px;
+  overflow-x: auto;
+}
+.step-item {
+  flex: 1;
+  min-width: 120px;
+  background: var(--surface);
+  border: 1px solid var(--border);
+  border-radius: var(--r);
+  padding: 11px 14px;
+  text-align: center;
+  box-shadow: var(--shadow-sm);
+  transition: border-color .2s;
+}
+.step-item.active { border-color: var(--primary); background: var(--primary-50); }
+.step-item.done   { border-color: var(--success-border); background: var(--success-50); }
+.step-num {
+  width: 26px; height: 26px;
+  border-radius: 50%;
+  background: var(--border);
+  color: var(--muted);
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  font-size: 12px;
+  font-weight: 700;
+  margin-bottom: 5px;
+}
+.step-item.active .step-num { background: var(--primary); color: #fff; }
+.step-item.done   .step-num { background: var(--success); color: #fff; font-size: 14px; }
+.step-label { font-size: 12px; font-weight: 700; color: var(--text-2); }
+.step-sub   { font-size: 11px; color: var(--muted); margin-top: 2px; }
+
+/* ── Compare Grid ─────────────────────────────────── */
+.compare-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 12px; margin-bottom: 16px; }
+.compare-side {
+  background: var(--surface);
+  border-radius: var(--r);
+  padding: 16px;
+  border: 1px solid var(--border);
+  box-shadow: var(--shadow-sm);
+}
+.compare-side.success { border-top: 3px solid var(--success); }
+.compare-side.danger  { border-top: 3px solid var(--danger); }
+.compare-title { font-size: 11px; font-weight: 700; text-transform: uppercase; letter-spacing: .5px; margin-bottom: 10px; }
+.compare-title.success { color: var(--success); }
+.compare-title.danger  { color: var(--danger); }
+.context-list { display: flex; flex-direction: column; gap: 5px; font-size: 13px; margin-bottom: 10px; }
+.context-list > div { color: var(--text-2); }
+
+/* ── Risk Gauge ───────────────────────────────────── */
+.gauge-wrap { text-align: center; padding: 10px 0 4px; }
+.gauge-val {
+  font-size: 32px;
+  font-weight: 800;
+  letter-spacing: -1px;
+  line-height: 1;
+  margin-top: 2px;
+}
+.gauge-label {
+  font-size: 11px;
+  font-weight: 700;
+  text-transform: uppercase;
+  letter-spacing: .8px;
+  color: var(--muted);
+  margin-top: 4px;
+}
+
+/* ── Level Bar ────────────────────────────────────── */
+.level-bar { display: flex; gap: 4px; margin-top: 8px; }
+.level-seg {
+  flex: 1; height: 7px; border-radius: 4px;
+  background: var(--border);
+  transition: background .4s;
+}
+.level-seg.seg-0 { background: var(--success); }
+.level-seg.seg-1 { background: #84cc16; }
+.level-seg.seg-2 { background: var(--warn); }
+.level-seg.seg-3 { background: #f97316; }
+.level-seg.seg-4 { background: var(--danger); }
+
+/* ── Factor Bars ──────────────────────────────────── */
+.factor-row { margin-bottom: 8px; }
+.factor-label {
+  font-size: 12px;
+  color: var(--muted);
+  margin-bottom: 4px;
+  display: flex;
+  justify-content: space-between;
+}
+.factor-bar-wrap { height: 8px; background: var(--border); border-radius: 4px; overflow: hidden; }
+.factor-bar { height: 100%; border-radius: 4px; transition: width .7s ease; }
+
+/* ── Decision Panel ───────────────────────────────── */
+.decision-panel {
+  border-radius: var(--r-sm);
+  overflow: hidden;
+  border: 1px solid var(--border);
+  margin-top: 8px;
+}
+.decision-header {
+  padding: 11px 14px;
+  font-size: 14px;
+  font-weight: 800;
+  text-align: center;
+  letter-spacing: .3px;
+}
+.decision-header.success  { background: var(--success-50);  color: var(--success);  border-bottom: 1px solid var(--success-border); }
+.decision-header.challenge{ background: var(--warn-50);     color: var(--warn);     border-bottom: 1px solid var(--warn-border); }
+.decision-header.blocked  { background: var(--danger-50);   color: var(--danger);   border-bottom: 1px solid var(--danger-border); }
+.decision-body { padding: 12px 14px; font-size: 13px; background: var(--surface); color: var(--text-2); }
+
+/* ── Attack Log ───────────────────────────────────── */
+.attack-log {
+  background: #1e1b4b;
+  border-radius: var(--r-sm);
+  padding: 10px 13px;
+  font-family: 'Consolas', monospace;
+  font-size: 12px;
+  height: 190px;
+  overflow-y: auto;
+  margin-top: 12px;
+}
+.attack-line { margin: 2px 0; color: #c7d2fe; }
+.attack-detected { color: #fcd34d; font-weight: 700; }
+.attack-blocked  { color: #f9a8d4; font-weight: 700; }
+
+/* ── Anomaly Feed ─────────────────────────────────── */
+.anomaly-item {
+  background: var(--danger-50);
+  border: 1px solid var(--danger-border);
+  border-radius: var(--r-sm);
+  padding: 10px 13px;
+  margin-bottom: 8px;
+  display: flex;
+  align-items: flex-start;
+  gap: 10px;
+  animation: slideIn .25s ease;
+}
+.anomaly-type { font-weight: 700; font-size: 13px; color: var(--danger); }
+.anomaly-meta { font-size: 11px; color: var(--muted); margin-top: 3px; }
+
+/* ── Monitor Badge ────────────────────────────────── */
+.monitor-badge {
+  display: inline-flex;
+  align-items: center;
+  gap: 5px;
+  padding: 3px 10px;
+  border-radius: 4px;
+  font-size: 11px;
+  font-weight: 700;
+  text-transform: uppercase;
+  letter-spacing: .4px;
+  transition: all .2s;
+}
+.monitor-badge.mon-on  { background: var(--danger-100);  color: var(--danger);  border: 1px solid var(--danger-border); animation: pulse 1.4s ease-in-out infinite; }
+.monitor-badge.mon-off { background: var(--surface-2);   color: var(--muted);   border: 1px solid var(--border); }
+
+/* ── Monitor Stats ────────────────────────────────── */
+.monitor-stats {
+  display: flex;
+  flex-wrap: wrap;
+  gap: 8px;
+  padding: 10px 14px;
+  background: var(--surface-2);
+  border: 1px solid var(--border);
+  border-radius: var(--r-sm);
+  font-size: 12px;
+  margin-bottom: 10px;
+}
+.ms-item { display: flex; flex-direction: column; align-items: center; min-width: 56px; }
+.ms-val  { font-size: 20px; font-weight: 800; line-height: 1; letter-spacing: -.3px; }
+.ms-lbl  { font-size: 10px; color: var(--muted); text-transform: uppercase; letter-spacing: .4px; margin-top: 2px; }
+
+/* ── Monitor Log ──────────────────────────────────── */
+.monitor-log {
+  background: #0f172a;
+  border-radius: var(--r-sm);
+  padding: 10px 13px;
+  font-family: 'Consolas', monospace;
+  font-size: 11.5px;
+  height: 140px;
+  overflow-y: auto;
+  line-height: 1.7;
+  margin-top: 10px;
+}
+.ml-ok     { color: #86efac; }
+.ml-threat { color: #fca5a5; font-weight: 700; }
+.ml-warn   { color: #fcd34d; }
+.ml-info   { color: #93c5fd; }
+
+/* ── Stat Boxes ───────────────────────────────────── */
+.stat-box {
+  background: var(--surface);
+  border: 1px solid var(--border);
+  border-radius: var(--r);
+  padding: 18px 12px;
+  text-align: center;
+  box-shadow: var(--shadow-sm);
+}
+.stat-num   { font-size: 32px; font-weight: 800; line-height: 1; letter-spacing: -.5px; }
+.stat-label { font-size: 10px; color: var(--muted); margin-top: 6px; text-transform: uppercase; letter-spacing: .6px; }
+
+/* ── Trust Gauge ──────────────────────────────────���─ */
+.trust-label { font-size: 11px; font-weight: 700; color: var(--muted); text-transform: uppercase; letter-spacing: .6px; margin-top: 4px; text-align: center; }
+
+/* ── Behavior Bars ────────────────────────────────── */
+.behavior-bar-group { margin-bottom: 10px; }
+.behavior-bar-header {
+  display: flex;
+  justify-content: space-between;
+  font-size: 12px;
+  margin-bottom: 4px;
+  color: var(--text-2);
+}
+.behavior-bar-track { height: 8px; background: var(--border); border-radius: 4px; overflow: hidden; }
+.behavior-bar-fill  { height: 100%; border-radius: 4px; transition: width .5s, background .5s; }
+
+/* ── Code inline ──────────────────────────────────── */
+code {
+  background: var(--primary-50);
+  border: 1px solid var(--primary-100);
+  border-radius: 3px;
+  padding: 1px 5px;
+  font-size: 11.5px;
+  color: var(--primary-text);
+  font-family: 'Consolas', monospace;
+}
+
+/* ── QR Code ──────────────────────────────────────── */
+.qr-img {
+  max-width: 180px;
+  border: 3px solid var(--border);
+  border-radius: var(--r);
+  display: block;
+  margin: 10px auto;
+}
+
+/* ── Compare (side-by-side) ───────────────────────── */
+.side-compare { display: grid; grid-template-columns: 1fr 1fr; gap: 12px; margin-top: 10px; }
+.side-item { border: 1px solid var(--border); border-radius: var(--r-sm); padding: 14px; background: var(--surface); }
+.side-title { font-size: 11px; font-weight: 700; text-transform: uppercase; letter-spacing: .5px; margin-bottom: 8px; }
+
+/* ── Email Status ─────────────────────────────────── */
+.env-row {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  padding: 5px 0;
+  border-bottom: 1px solid var(--border);
+  font-size: 12px;
+}
+.env-key { font-family: 'Consolas', monospace; color: var(--text-2); }
+
+/* ── Grids ────────────────────────────────────────── */
+.grid-2 { display: grid; grid-template-columns: 1fr 1fr; gap: 16px; }
+.grid-3 { display: grid; grid-template-columns: repeat(3,1fr); gap: 16px; }
+.grid-4 { display: grid; grid-template-columns: repeat(4,1fr); gap: 12px; }
+
+/* ── Utilities ────────────────────────────────────── */
+.flex          { display: flex; }
+.flex-wrap     { flex-wrap: wrap; }
+.flex-col      { flex-direction: column; }
+.items-center  { align-items: center; }
+.items-start   { align-items: flex-start; }
+.justify-between{ justify-content: space-between; }
+.justify-center{ justify-content: center; }
+.gap-1  { gap: 4px; }
+.gap-2  { gap: 8px; }
+.gap-3  { gap: 12px; }
+.gap-4  { gap: 16px; }
+.flex-1 { flex: 1; }
+.min-w-0{ min-width: 0; }
+.mt-1   { margin-top: 4px; }
+.mt-2   { margin-top: 8px; }
+.mt-3   { margin-top: 12px; }
+.mt-4   { margin-top: 16px; }
+.mb-1   { margin-bottom: 4px; }
+.mb-2   { margin-bottom: 8px; }
+.mb-3   { margin-bottom: 12px; }
+.mb-4   { margin-bottom: 16px; }
+.ml-auto{ margin-left: auto; }
+.ml-4   { margin-left: 16px; }
+.p-3    { padding: 12px; }
+.p-4    { padding: 16px; }
+.text-sm   { font-size: 12px; }
+.text-xs   { font-size: 11px; }
+.text-muted{ color: var(--muted); }
+.text-2    { color: var(--text-2); }
+.text-primary { color: var(--primary); }
+.text-success { color: var(--success); }
+.text-warn    { color: var(--warn); }
+.text-danger  { color: var(--danger); }
+.text-center  { text-align: center; }
+.font-bold    { font-weight: 700; }
+.font-600     { font-weight: 600; }
+.font-800     { font-weight: 800; }
+.w-full       { width: 100%; }
+.uppercase    { text-transform: uppercase; }
+.letter-wide  { letter-spacing: .5px; }
+.mono         { font-family: 'Consolas', monospace; }
+.border-t     { border-top: 1px solid var(--border); padding-top: 12px; margin-top: 12px; }
+
+/* ── Animations ───────────────────────────────────── */
+@keyframes slideIn  { from { opacity:0; transform:translateY(-6px); } to { opacity:1; transform:translateY(0); } }
+@keyframes pulse    { 0%,100%{opacity:1} 50%{opacity:.35} }
+@keyframes fadeIn   { from { opacity:0; } to { opacity:1; } }
+
+/* ── Scrollbars ───────────────────────────────────── */
+::-webkit-scrollbar        { width: 6px; height: 6px; }
+::-webkit-scrollbar-track  { background: var(--surface-2); }
+::-webkit-scrollbar-thumb  { background: var(--border-2); border-radius: 3px; }
+::-webkit-scrollbar-thumb:hover { background: var(--muted); }
+
+/* ── Responsive ────────────────────────────��──────── */
+@media (max-width: 900px) {
+  .grid-4, .grid-3 { grid-template-columns: 1fr 1fr; }
+  .compare-grid     { grid-template-columns: 1fr; }
+  .side-compare     { grid-template-columns: 1fr; }
+}
+@media (max-width: 600px) {
+  .grid-2, .grid-3, .grid-4 { grid-template-columns: 1fr; }
+  .container { padding: 16px; }
+  .topbar    { padding: 0 16px; }
+}

client/src/main.jsx

@@ -0,0 +1,10 @@
+import React from 'react'
+import ReactDOM from 'react-dom/client'
+import App from './App'
+import './index.css'
+
+ReactDOM.createRoot(document.getElementById('root')).render(
+  <React.StrictMode>
+    <App />
+  </React.StrictMode>
+)

client/src/tabs/AdminTab.jsx

@@ -0,0 +1,204 @@
+import { useState } from 'react';
+import { req, saveToken, ENDPOINTS } from '../api';
+import { Card, CardHeader, Callout, FormGroup, ResponseBox } from '../components/ui';
+
+const { AUTH, ADMIN, RISK } = ENDPOINTS;
+
+function EmailStatusBody({ data }) {
+  if (!data) return <p className="text-muted text-sm">Click Refresh to check email configuration.</p>;
+  const configured = data.configured;
+  const fields     = data.fields || {};
+  return (
+    <div>
+      <div className="flex items-center gap-2 mb-3">
+        <span className={`pill ${configured ? 'pill-ok' : 'pill-err'}`}>
+          {configured ? '✔ Configured' : '✘ Not Configured'}
+        </span>
+        {data.mail_port && (
+          <span className="text-sm text-muted">
+            Port: {data.mail_port} &nbsp;·&nbsp; STARTTLS: {data.starttls ? 'Yes' : 'No'}
+          </span>
+        )}
+      </div>
+      {Object.entries(fields).map(([k, v]) => (
+        <div className="env-row" key={k}>
+          <span className="env-key">ADAPTIVEAUTH_{k}</span>
+          <span className={`pill ${v ? 'pill-ok' : 'pill-err'}`}>{v ? 'Set' : 'Missing'}</span>
+        </div>
+      ))}
+      {!configured && data.setup_instructions && (
+        <Callout type="warn" style={{ marginTop: 12 }}>
+          <strong>Setup:</strong> Create a <code>.env</code> file with the missing fields above.<br />
+          <code style={{ background: 'none', border: 'none', padding: 0, color: 'inherit', display: 'block', marginTop: 4 }}>
+            {data.setup_instructions}
+          </code>
+        </Callout>
+      )}
+    </div>
+  );
+}
+
+export default function AdminTab({ onTokenSave }) {
+  const [adminLoginResp, setAdminLoginResp] = useState(null);
+  const [statsData,      setStatsData]      = useState(null);
+  const [emailData,      setEmailData]      = useState(null);
+  const [adminUserResp,  setAdminUserResp]  = useState(null);
+  const [adminRiskResp,  setAdminRiskResp]  = useState(null);
+  const [statsResp,      setStatsResp]      = useState(null);
+  const [adminUserId,    setAdminUserId]    = useState('');
+  const [loading,        setLoading]        = useState({});
+
+  const setLoad = (k, v) => setLoading(p => ({ ...p, [k]: v }));
+
+  const quickAdminLogin = async () => {
+    setLoad('login', true);
+    const r = await req(`${AUTH}/login`, 'POST', { email: 'demo.admin@adaptive.demo', password: 'Admin@Demo456!' }, false);
+    setAdminLoginResp(r);
+    if (r.ok && r.data?.access_token) { saveToken(r.data.access_token); onTokenSave?.(); }
+    setLoad('login', false);
+  };
+
+  const loadAdminStats = async () => {
+    setLoad('stats', true);
+    const r = await req(`${ADMIN}/statistics`);
+    if (r.ok) setStatsData(r.data);
+    setLoad('stats', false);
+  };
+
+  const checkEmailStatus = async () => {
+    setLoad('email', true);
+    const r = await req(`${ADMIN}/email-status`);
+    if (r.ok) setEmailData(r.data);
+    else setEmailData(null);
+    setLoad('email', false);
+  };
+
+  const userCall = async (url, method = 'GET') => {
+    setLoad('user', true);
+    setAdminUserResp(await req(url, method));
+    setLoad('user', false);
+  };
+  const riskCall = async (url) => {
+    setLoad('risk', true);
+    setAdminRiskResp(await req(url));
+    setLoad('risk', false);
+  };
+
+  const adminBlock = async () => {
+    if (!adminUserId) { alert('Enter user ID.'); return; }
+    await userCall(`${ADMIN}/users/${adminUserId}/block`, 'POST');
+  };
+  const adminUnblock = async () => {
+    if (!adminUserId) { alert('Enter user ID.'); return; }
+    await userCall(`${ADMIN}/users/${adminUserId}/unblock`, 'POST');
+  };
+
+  const STAT_ITEMS = [
+    { key: 'total_users',           label: 'Total Users',   color: 'var(--info)' },
+    { key: 'active_sessions',       label: 'Active Sessions',color: 'var(--success)' },
+    { key: 'high_risk_events_today',label: 'High Risk Today',color: 'var(--danger)' },
+    { key: 'failed_logins_today',   label: 'Failed Logins', color: 'var(--warn)' },
+  ];
+
+  return (
+    <div>
+      <Callout type="warn">
+        Admin endpoints require an admin JWT token. Login with{' '}
+        <code>demo.admin@adaptive.demo</code> / <code>Admin@Demo456!</code> first.
+      </Callout>
+
+      {/* Quick Admin Login */}
+      <Card>
+        <CardHeader icon="🔑">Quick Admin Login</CardHeader>
+        <div className="flex items-center gap-3 flex-wrap">
+          <span className="text-sm text-2">
+            <code>demo.admin@adaptive.demo</code> / <code>Admin@Demo456!</code>
+          </span>
+          <button className="btn btn-primary btn-sm" onClick={quickAdminLogin} disabled={loading.login}>
+            {loading.login ? '…' : 'Login as Admin'}
+          </button>
+        </div>
+        <ResponseBox result={adminLoginResp} />
+      </Card>
+
+      {/* Stats */}
+      <div className="flex items-center gap-3 mb-3">
+        <button className="btn btn-ghost btn-sm" onClick={loadAdminStats} disabled={loading.stats}>
+          {loading.stats ? '…' : '🔄 Load Statistics'}
+        </button>
+      </div>
+      <div className="grid-4 mb-4">
+        {STAT_ITEMS.map(s => (
+          <div className="stat-box" key={s.key}>
+            <div className="stat-num" style={{ color: s.color }}>
+              {statsData ? (statsData[s.key] ?? '—') : '—'}
+            </div>
+            <div className="stat-label">{s.label}</div>
+          </div>
+        ))}
+      </div>
+
+      {/* Email Status */}
+      <Card>
+        <CardHeader
+          icon="✉️"
+          actions={
+            <button className="btn btn-ghost btn-sm" onClick={checkEmailStatus} disabled={loading.email}>
+              {loading.email ? '…' : '🔄 Refresh'}
+            </button>
+          }
+        >
+          Email Service Status
+        </CardHeader>
+        <EmailStatusBody data={emailData} />
+      </Card>
+
+      <div className="grid-2">
+        {/* User Management */}
+        <Card>
+          <CardHeader icon="👥">User Management</CardHeader>
+          <div className="flex flex-wrap gap-2 mb-3">
+            <button className="btn btn-ghost btn-sm" onClick={() => userCall(`${ADMIN}/users`)}>List Users</button>
+            <button className="btn btn-ghost btn-sm" onClick={() => userCall(`${ADMIN}/sessions`)}>List Sessions</button>
+          </div>
+          <FormGroup label="User ID">
+            <input type="number" value={adminUserId} onChange={e => setAdminUserId(e.target.value)} placeholder="User ID" />
+          </FormGroup>
+          <div className="flex gap-2">
+            <button className="btn btn-success btn-sm flex-1" onClick={adminUnblock} disabled={loading.user}>Unblock</button>
+            <button className="btn btn-danger btn-sm flex-1"  onClick={adminBlock}   disabled={loading.user}>Block</button>
+          </div>
+          <ResponseBox result={adminUserResp} />
+        </Card>
+
+        {/* Risk Events */}
+        <Card>
+          <CardHeader icon="⚠️">Risk Events &amp; Anomalies</CardHeader>
+          <div className="flex flex-wrap gap-2 mb-3">
+            <button className="btn btn-warn btn-sm"   onClick={() => riskCall(`${ADMIN}/risk-events`)} disabled={loading.risk}>Risk Events</button>
+            <button className="btn btn-danger btn-sm" onClick={() => riskCall(`${ADMIN}/anomalies`)}   disabled={loading.risk}>Active Anomalies</button>
+            <button className="btn btn-ghost btn-sm"  onClick={() => riskCall(`${RISK}/overview`)}     disabled={loading.risk}>Overview</button>
+          </div>
+          <ResponseBox result={adminRiskResp} />
+        </Card>
+      </div>
+
+      {/* Risk Stats */}
+      <Card>
+        <CardHeader icon="📈">Risk Statistics</CardHeader>
+        <div className="flex gap-2 mb-3">
+          {['day','week','month'].map(p => (
+            <button key={p} className="btn btn-ghost btn-sm" onClick={async () => {
+              setLoad('period', true);
+              setStatsResp(await req(`${ADMIN}/risk-statistics?period=${p}`));
+              setLoad('period', false);
+            }} disabled={loading.period}>
+              {p.charAt(0).toUpperCase() + p.slice(1)}
+            </button>
+          ))}
+        </div>
+        <ResponseBox result={statsResp} />
+      </Card>
+    </div>
+  );
+}

client/src/tabs/ApiTab.jsx

@@ -0,0 +1,247 @@
+import { useState } from 'react';
+import { req, saveToken, ENDPOINTS } from '../api';
+import { Card, CardHeader, FormGroup, ResponseBox } from '../components/ui';
+
+const { AUTH, USER, API: API_BASE } = ENDPOINTS;
+
+export default function ApiTab({ onTokenSave }) {
+  // Register
+  const [regEmail,    setRegEmail]    = useState('');
+  const [regPassword, setRegPassword] = useState('');
+  const [regName,     setRegName]     = useState('');
+  const [regResp,     setRegResp]     = useState(null);
+
+  // Login
+  const [loginEmail,    setLoginEmail]    = useState('');
+  const [loginPassword, setLoginPassword] = useState('');
+  const [loginResp,     setLoginResp]     = useState(null);
+
+  // 2FA
+  const [qrCode,    setQrCode]    = useState('');
+  const [totpCode,  setTotpCode]  = useState('');
+  const [tfaResp,   setTfaResp]   = useState(null);
+
+  // Profile
+  const [profileResp, setProfileResp] = useState(null);
+
+  // Password
+  const [curPwd,      setCurPwd]      = useState('');
+  const [newPwd,      setNewPwd]      = useState('');
+  const [resetEmail,  setResetEmail]  = useState('');
+  const [pwdResp,     setPwdResp]     = useState(null);
+
+  // Protected
+  const [protResp, setProtResp] = useState(null);
+
+  // Loading
+  const [loading, setLoading] = useState({});
+  const setLoad = (k, v) => setLoading(p => ({ ...p, [k]: v }));
+
+  const doSave = (r, set, extract = false) => {
+    set(r);
+    if (extract && r.ok) {
+      const t = r.data?.access_token || r.data?.framework_decision?.access_token;
+      if (t) { saveToken(t); onTokenSave?.(); }
+    }
+  };
+
+  // Register
+  const apiRegister = async () => {
+    if (!regEmail || !regPassword) { alert('Email and password required.'); return; }
+    setLoad('reg', true);
+    const body = { email: regEmail, password: regPassword };
+    if (regName) body.full_name = regName;
+    doSave(await req(`${AUTH}/register`, 'POST', body, false), setRegResp);
+    setLoad('reg', false);
+  };
+
+  // Login
+  const apiLogin = async () => {
+    if (!loginEmail || !loginPassword) { alert('Email and password required.'); return; }
+    setLoad('login', true);
+    doSave(await req(`${AUTH}/login`, 'POST', { email: loginEmail, password: loginPassword }, false), setLoginResp, true);
+    setLoad('login', false);
+  };
+  const apiAdaptiveLogin = async () => {
+    if (!loginEmail || !loginPassword) { alert('Email and password required.'); return; }
+    setLoad('alogin', true);
+    doSave(await req(`${AUTH}/adaptive-login`, 'POST', { email: loginEmail, password: loginPassword }, false), setLoginResp, true);
+    setLoad('alogin', false);
+  };
+
+  // 2FA
+  const api2faEnable = async () => {
+    setLoad('2fa', true);
+    const r = await req(`${AUTH}/enable-2fa`, 'POST');
+    if (r.ok && r.data?.qr_code) setQrCode(r.data.qr_code);
+    setTfaResp(r);
+    setLoad('2fa', false);
+  };
+  const api2faVerify = async () => {
+    if (!totpCode) { alert('Enter TOTP code.'); return; }
+    setLoad('2fav', true);
+    setTfaResp(await req(`${AUTH}/verify-2fa`, 'POST', { otp: totpCode }));
+    setLoad('2fav', false);
+  };
+  const api2faDisable = async () => {
+    const pwd = prompt('Enter your password to disable 2FA:');
+    if (!pwd) return;
+    setLoad('2fad', true);
+    setTfaResp(await req(`${AUTH}/disable-2fa?password=${encodeURIComponent(pwd)}`, 'POST'));
+    setLoad('2fad', false);
+  };
+  const api2faStatus = async () => {
+    setLoad('2fas', true);
+    setTfaResp(await req(`${USER}/security`));
+    setLoad('2fas', false);
+  };
+
+  // Profile endpoints
+  const profileCall = async (url, label) => {
+    setLoad(label, true);
+    setProfileResp(await req(url));
+    setLoad(label, false);
+  };
+  const apiRevokeAll = async () => {
+    setLoad('revoke', true);
+    setProfileResp(await req(`${USER}/sessions/revoke`, 'POST', { session_ids: [], revoke_all: true }));
+    setLoad('revoke', false);
+  };
+
+  // Password
+  const apiChangePwd = async () => {
+    setLoad('chpwd', true);
+    setPwdResp(await req(`${USER}/change-password`, 'POST', { current_password: curPwd, new_password: newPwd, confirm_password: newPwd }));
+    setLoad('chpwd', false);
+  };
+  const apiForgotPwd = async () => {
+    if (!resetEmail) { alert('Enter email.'); return; }
+    setLoad('forgot', true);
+    setPwdResp(await req(`${AUTH}/forgot-password`, 'POST', { email: resetEmail }, false));
+    setLoad('forgot', false);
+  };
+
+  // Protected
+  const protCall = async (url, label, method = 'GET') => {
+    setLoad(label, true);
+    const r = await req(url, method);
+    setProtResp(r);
+    setLoad(label, false);
+    return r;
+  };
+  const apiLogout = async () => {
+    const r = await protCall(`${AUTH}/logout`, 'logout', 'POST');
+    if (r.ok) { localStorage.removeItem('token'); onTokenSave?.(); }
+  };
+
+  return (
+    <div className="grid-2">
+      {/* Register */}
+      <Card>
+        <CardHeader icon="📝">Register</CardHeader>
+        <FormGroup label="Email">
+          <input type="email" value={regEmail} onChange={e => setRegEmail(e.target.value)} placeholder="user@example.com" />
+        </FormGroup>
+        <FormGroup label="Password">
+          <input type="password" value={regPassword} onChange={e => setRegPassword(e.target.value)} placeholder="Min 8 chars, upper, lower, digit" />
+        </FormGroup>
+        <FormGroup label="Full Name">
+          <input type="text" value={regName} onChange={e => setRegName(e.target.value)} placeholder="Optional" />
+        </FormGroup>
+        <button className="btn btn-primary btn-full" onClick={apiRegister} disabled={loading.reg}>
+          {loading.reg ? 'Registering…' : 'Register'}
+        </button>
+        <ResponseBox result={regResp} />
+      </Card>
+
+      {/* Login */}
+      <Card>
+        <CardHeader icon="🔑">Login</CardHeader>
+        <FormGroup label="Email">
+          <input type="email" value={loginEmail} onChange={e => setLoginEmail(e.target.value)} placeholder="user@example.com" />
+        </FormGroup>
+        <FormGroup label="Password">
+          <input type="password" value={loginPassword} onChange={e => setLoginPassword(e.target.value)} placeholder="Password" />
+        </FormGroup>
+        <div className="flex gap-2">
+          <button className="btn btn-primary flex-1" onClick={apiLogin} disabled={loading.login}>
+            {loading.login ? '…' : 'Login'}
+          </button>
+          <button className="btn btn-ghost flex-1" onClick={apiAdaptiveLogin} disabled={loading.alogin}>
+            {loading.alogin ? '…' : 'Adaptive Login'}
+          </button>
+        </div>
+        <ResponseBox result={loginResp} />
+      </Card>
+
+      {/* 2FA */}
+      <Card>
+        <CardHeader icon="🔐">Two-Factor Auth (TOTP)</CardHeader>
+        <div className="flex flex-wrap gap-2 mb-3">
+          <button className="btn btn-primary btn-sm" onClick={api2faEnable}  disabled={loading['2fa']}>Enable 2FA</button>
+          <button className="btn btn-ghost btn-sm"   onClick={api2faStatus}  disabled={loading['2fas']}>Status</button>
+          <button className="btn btn-danger btn-sm"  onClick={api2faDisable} disabled={loading['2fad']}>Disable</button>
+        </div>
+        {qrCode && <img src={qrCode} className="qr-img" alt="TOTP QR Code" />}
+        <FormGroup label="TOTP Code">
+          <input type="text" value={totpCode} onChange={e => setTotpCode(e.target.value)} placeholder="6-digit code from authenticator" />
+        </FormGroup>
+        <button className="btn btn-success btn-full" onClick={api2faVerify} disabled={loading['2fav']}>
+          Verify &amp; Activate
+        </button>
+        <ResponseBox result={tfaResp} />
+      </Card>
+
+      {/* Profile */}
+      <Card>
+        <CardHeader icon="👤">My Profile</CardHeader>
+        <div className="flex flex-wrap gap-2 mb-3">
+          <button className="btn btn-ghost btn-sm" onClick={() => profileCall(`${USER}/profile`,  'prof')}>Profile</button>
+          <button className="btn btn-ghost btn-sm" onClick={() => profileCall(`${USER}/security`, 'sec')}>Security</button>
+          <button className="btn btn-ghost btn-sm" onClick={() => profileCall(`${USER}/devices`,  'dev')}>Devices</button>
+          <button className="btn btn-ghost btn-sm" onClick={() => profileCall(`${USER}/sessions`, 'sess')}>Sessions</button>
+          <button className="btn btn-danger btn-sm" onClick={apiRevokeAll} disabled={loading.revoke}>Revoke All</button>
+        </div>
+        <ResponseBox result={profileResp} />
+      </Card>
+
+      {/* Password */}
+      <Card>
+        <CardHeader icon="🔒">Password Management</CardHeader>
+        <FormGroup label="Current Password">
+          <input type="password" value={curPwd} onChange={e => setCurPwd(e.target.value)} />
+        </FormGroup>
+        <FormGroup label="New Password">
+          <input type="password" value={newPwd} onChange={e => setNewPwd(e.target.value)} />
+        </FormGroup>
+        <button className="btn btn-warn btn-full" onClick={apiChangePwd} disabled={loading.chpwd}>
+          {loading.chpwd ? '…' : 'Change Password'}
+        </button>
+        <div className="border-t">
+          <FormGroup label="Email for Reset Link">
+            <input type="email" value={resetEmail} onChange={e => setResetEmail(e.target.value)} />
+          </FormGroup>
+          <button className="btn btn-ghost btn-full" onClick={apiForgotPwd} disabled={loading.forgot}>
+            {loading.forgot ? '…' : 'Send Reset Email'}
+          </button>
+        </div>
+        <ResponseBox result={pwdResp} />
+      </Card>
+
+      {/* Protected endpoints */}
+      <Card>
+        <CardHeader icon="🛡️">Protected Endpoints</CardHeader>
+        <p className="text-sm text-muted mb-3">
+          Test JWT-protected routes. Must have a valid token saved.
+        </p>
+        <div className="flex flex-wrap gap-2">
+          <button className="btn btn-success btn-sm" onClick={() => protCall(`${API_BASE}/protected`,         'prot')}>Test /protected</button>
+          <button className="btn btn-warn btn-sm"    onClick={() => protCall(`${API_BASE}/admin-only`,        'admin')}>Test /admin-only</button>
+          <button className="btn btn-ghost btn-sm"   onClick={() => protCall(`${USER}/risk-profile`,          'risk')}>Risk Profile</button>
+          <button className="btn btn-danger btn-sm"  onClick={apiLogout}>Logout</button>
+        </div>
+        <ResponseBox result={protResp} />
+      </Card>
+    </div>
+  );
+}

client/src/tabs/IntelTab.jsx

@@ -0,0 +1,629 @@
+import { useState, useEffect, useRef, useCallback } from 'react';
+import { req, getToken, saveToken, ENDPOINTS } from '../api';
+import { Card, CardHeader, Callout, FormGroup, ResponseBox } from '../components/ui';
+
+const { AUTH, INTEL } = ENDPOINTS;
+
+// ── Trust Gauge ───────────────────────────────────────────────────────────────
+const TRUST_ARC = 204;
+function TrustGauge({ score, label, color }) {
+  const offset = TRUST_ARC - (score / 100) * TRUST_ARC;
+  return (
+    <div style={{ textAlign: 'center' }}>
+      <svg width="160" height="100" viewBox="-5 -5 170 110" style={{ overflow: 'visible' }}>
+        <path d="M 10 80 A 65 65 0 0 1 140 80" stroke="#e2e8f0" strokeWidth="16" fill="none" />
+        <path
+          d="M 10 80 A 65 65 0 0 1 140 80"
+          stroke={color || '#16a34a'}
+          strokeWidth="16"
+          fill="none"
+          strokeDasharray={TRUST_ARC}
+          strokeDashoffset={offset}
+          strokeLinecap="round"
+          style={{ transition: 'stroke-dashoffset .6s, stroke .6s' }}
+        />
+        <text x="75" y="77" textAnchor="middle" fontSize="28" fontWeight="800" fill={color || '#16a34a'}>
+          {Math.round(score)}
+        </text>
+        <text x="75" y="94" textAnchor="middle" fontSize="10" fill="#94a3b8">/ 100</text>
+      </svg>
+      <div className="trust-label" style={{ color: color || 'var(--muted)' }}>
+        {(label || 'loading').toUpperCase()}
+      </div>
+    </div>
+  );
+}
+
+// ── Behavior bar ──────────────────────────────────────────────────────────────
+function BehaviorBar({ label, value }) {
+  const color = value > 0.7 ? '#16a34a' : value > 0.4 ? '#d97706' : '#dc2626';
+  return (
+    <div className="behavior-bar-group">
+      <div className="behavior-bar-header">
+        <span>{label}</span>
+        <span style={{ fontWeight: 700, color }}>{value.toFixed(2)}</span>
+      </div>
+      <div className="behavior-bar-track">
+        <div className="behavior-bar-fill" style={{ width: `${value * 100}%`, background: color }} />
+      </div>
+    </div>
+  );
+}
+
+// ── Travel result renderer ────────────────────────────────────────────────────
+function TravelResult({ data }) {
+  if (!data) return null;
+  const CMAP = { impossible:'#dc2626', suspicious:'#f97316', plausible:'#16a34a', same_area:'#16a34a', coords_unknown:'#94a3b8' };
+  const IMAP = { impossible:'🚨', suspicious:'⚠️', plausible:'✅', same_area:'✅', coords_unknown:'❓' };
+  const col  = CMAP[data.verdict] || '#94a3b8';
+  const icon = IMAP[data.verdict] || '❓';
+  return (
+    <div style={{ background: `${col}18`, border: `1px solid ${col}`, borderRadius: 8, padding: 12, marginTop: 10 }}>
+      <div style={{ fontWeight: 700, fontSize: 15, color: col, marginBottom: 6 }}>
+        {icon} {(data.verdict || '').toUpperCase().replace('_', ' ')}
+      </div>
+      <div className="text-sm">{data.message}</div>
+      <div className="grid-3 mt-2" style={{ gap: 6 }}>
+        {[
+          { v: data.distance_km || 0,                  l: 'Distance', u: 'km' },
+          { v: Math.round(data.speed_kmh || 0),        l: 'Speed',    u: 'km/h' },
+          { v: Math.round(data.time_gap_minutes || 0), l: 'Gap',      u: 'min' },
+        ].map(s => (
+          <div key={s.l}>
+            <div style={{ fontWeight: 700 }}>{s.v} {s.u}</div>
+            <div className="text-xs text-muted">{s.l}</div>
+          </div>
+        ))}
+      </div>
+      {data.trust_delta < 0 && (
+        <div className="text-sm text-warn mt-2">⚠ Trust impact: {data.trust_delta} pts</div>
+      )}
+    </div>
+  );
+}
+
+// ── AI Anomaly result ─────────────────────────────────────────────────────────
+function AnomalyResult({ data }) {
+  if (!data) return null;
+  return (
+    <div style={{ background: `${data.color}18`, border: `1px solid ${data.color}`, borderRadius: 8, padding: 12, marginTop: 10 }}>
+      <div style={{ display: 'flex', justifyContent: 'space-between', alignItems: 'center', marginBottom: 8 }}>
+        <div style={{ fontWeight: 800, fontSize: 22, color: data.color }}>{data.anomaly_score.toFixed(1)} / 100</div>
+        <div style={{ fontSize: 11, fontWeight: 700, background: data.color, color: '#fff', padding: '2px 10px', borderRadius: 4 }}>
+          {data.classification}
+        </div>
+      </div>
+      <div className="text-xs text-muted mb-2">
+        Confidence: {(data.confidence * 100).toFixed(0)}% · Statistical Isolation Forest
+      </div>
+      {Object.entries(data.per_feature || {}).map(([fn, fs]) => {
+        const fc = fs > 60 ? '#dc2626' : fs > 30 ? '#d97706' : '#16a34a';
+        return (
+          <div key={fn} style={{ marginBottom: 6 }}>
+            <div style={{ display: 'flex', justifyContent: 'space-between', fontSize: 11 }}>
+              <span>{fn}</span><span style={{ color: fc }}>{fs.toFixed(1)}</span>
+            </div>
+            <div style={{ height: 5, background: '#e2e8f0', borderRadius: 3, overflow: 'hidden' }}>
+              <div style={{ height: '100%', width: `${fs}%`, background: fc, borderRadius: 3 }} />
+            </div>
+          </div>
+        );
+      })}
+    </div>
+  );
+}
+
+export default function IntelTab({ onTokenSave }) {
+  // Login status
+  const [loginStatus, setLoginStatus] = useState('');
+  // Trust
+  const [trust,        setTrust]       = useState({ score: 0, label: 'loading', color: '#94a3b8' });
+  const [trustHistory, setTrustHist]   = useState([]);
+  const [trustResp,    setTrustResp]   = useState(null);
+  // Behavior
+  const [collecting,   setCollecting]  = useState(false);
+  const [bhScores,     setBhScores]    = useState({ te: 0.5, ml: 0.6, sv: 0.5 });
+  const [collectStatus,setCollStatus]  = useState('');
+  const [behaviorResp, setBehavResp]   = useState(null);
+  // Travel
+  const [cities,       setCities]      = useState([]);
+  const [travelFrom,   setTravelFrom]  = useState('New York');
+  const [travelTo,     setTravelTo]    = useState('Moscow');
+  const [travelHours,  setTravelHours] = useState('2');
+  const [travelResult, setTravelResult]= useState(null);
+  // AI Anomaly
+  const [aiTyping,  setAiTyping]  = useState('0.70');
+  const [aiMouse,   setAiMouse]   = useState('0.62');
+  const [aiScroll,  setAiScroll]  = useState('0.48');
+  const [aiHour,    setAiHour]    = useState('0.55');
+  const [aiFailed,  setAiFailed]  = useState('0.00');
+  const [anomResult, setAnomResult]= useState(null);
+  // Challenge
+  const [showChallenge,   setShowChallenge]   = useState(false);
+  const [challengeQ,      setChallengeQ]      = useState('');
+  const [challengeAnswer, setChallengeAnswer] = useState('');
+  const [challengeMsg,    setChallengeMsg]    = useState('');
+  const [challengeId,     setChallengeId]     = useState(null);
+  const [challengeResp,   setChallengeResp]   = useState(null);
+  // Explain
+  const [expLoc,   setExpLoc]   = useState('85');
+  const [expDev,   setExpDev]   = useState('15');
+  const [expTime,  setExpTime]  = useState('10');
+  const [expVel,   setExpVel]   = useState('5');
+  const [expBeh,   setExpBeh]   = useState('20');
+  const [expLevel, setExpLevel] = useState('2');
+  const [explainResult, setExplainResult] = useState(null);
+  // Session audit
+  const [sessionResp, setSessionResp] = useState(null);
+  // Loading
+  const [loading, setLoading] = useState({});
+  const setLoad = (k, v) => setLoading(p => ({ ...p, [k]: v }));
+
+  // ── Behavior refs ─────────────────────────────────────────────────────────
+  const bhKeyTimes  = useRef([]);
+  const bhMousePts  = useRef([]);
+  const bhScrollDs  = useRef([]);
+  const bhLastKey   = useRef(0);
+  const bhLastMouse = useRef(0);
+
+  const onKeyDown = useCallback(e => {
+    const now = performance.now();
+    if (bhLastKey.current > 0) bhKeyTimes.current.push(now - bhLastKey.current);
+    bhLastKey.current = now;
+  }, []);
+  const onMouseMove = useCallback(e => {
+    const now = performance.now();
+    if (now - bhLastMouse.current < 50) return;
+    bhLastMouse.current = now;
+    bhMousePts.current.push([e.clientX, e.clientY]);
+  }, []);
+  const onScroll = useCallback(e => {
+    const d = e.target?.scrollTop != null ? Math.abs(e.target.scrollTop) : window.scrollY;
+    bhScrollDs.current.push(d);
+  }, []);
+
+  const computeScores = useCallback(() => {
+    // Typing entropy (coefficient of variation)
+    let te = 0.5;
+    const kt = bhKeyTimes.current;
+    if (kt.length >= 3) {
+      const mean = kt.reduce((a, b) => a + b, 0) / kt.length;
+      const std  = Math.sqrt(kt.reduce((s, v) => s + (v - mean) ** 2, 0) / kt.length);
+      const cv   = std / (mean + 1e-6);
+      te = cv < 0.05 ? 0.10 : cv < 0.20 ? 0.30 + cv * 1.5 : cv < 0.90 ? 0.50 + (cv - 0.20) * 0.7 : Math.max(0.10, 1.0 - (cv - 0.90) * 0.8);
+      te = Math.max(0, Math.min(1, te));
+    }
+    // Mouse linearity
+    let ml = 0.6;
+    const mp = bhMousePts.current;
+    if (mp.length >= 3) {
+      let totalD = 0;
+      for (let i = 1; i < mp.length; i++) {
+        const dx = mp[i][0] - mp[i-1][0], dy = mp[i][1] - mp[i-1][1];
+        totalD += Math.sqrt(dx * dx + dy * dy);
+      }
+      const dxA = mp[mp.length-1][0] - mp[0][0], dyA = mp[mp.length-1][1] - mp[0][1];
+      const straightD = Math.sqrt(dxA * dxA + dyA * dyA);
+      ml = Math.max(0, Math.min(1, 1.0 - Math.abs((totalD > 0 ? straightD / totalD : 0) - 0.6) * 1.5));
+    }
+    // Scroll variance
+    let sv = 0.5;
+    const sd = bhScrollDs.current;
+    if (sd.length >= 2) {
+      const sm = sd.reduce((a, b) => a + b, 0) / sd.length;
+      const ss = Math.sqrt(sd.reduce((s, v) => s + (v - sm) ** 2, 0) / sd.length);
+      sv = Math.min(1, ss / 200);
+    }
+    return { te, ml, sv, lr: Math.max(0, 1.0 - (0.40 * te + 0.35 * ml + 0.25 * sv)) };
+  }, []);
+
+  const startCollecting = () => {
+    bhKeyTimes.current = []; bhMousePts.current = []; bhScrollDs.current = [];
+    bhLastKey.current = 0; bhLastMouse.current = 0;
+    document.addEventListener('keydown',   onKeyDown);
+    document.addEventListener('mousemove', onMouseMove);
+    document.addEventListener('scroll',    onScroll, true);
+    setCollecting(true);
+    setCollStatus('Collecting… (type, move mouse, scroll)');
+    setBhScores({ te: 0.5, ml: 0.6, sv: 0.5 });
+  };
+  const stopCollecting = () => {
+    document.removeEventListener('keydown',   onKeyDown);
+    document.removeEventListener('mousemove', onMouseMove);
+    document.removeEventListener('scroll',    onScroll, true);
+    const s = computeScores();
+    setBhScores(s);
+    setCollecting(false);
+    setCollStatus(`Done — Keys:${bhKeyTimes.current.length}  Mouse:${bhMousePts.current.length}  Scrolls:${bhScrollDs.current.length}`);
+  };
+  useEffect(() => () => {
+    document.removeEventListener('keydown',   onKeyDown);
+    document.removeEventListener('mousemove', onMouseMove);
+    document.removeEventListener('scroll',    onScroll, true);
+  }, [onKeyDown, onMouseMove, onScroll]);
+
+  // ── Cities ────────────────────────────────────────────────────────────────
+  useEffect(() => {
+    req(`${INTEL}/demo/city-list`, 'GET', null, false).then(r => {
+      if (r.ok && r.data?.cities) setCities(r.data.cities.map(c => c.name));
+    });
+    if (getToken()) intelGetTrust();
+  // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, []);
+
+  // ── Trust ─────────────────────────────────────────────────────────────────
+  const intelGetTrust = async () => {
+    if (!getToken()) return;
+    setLoad('trust', true);
+    const r = await req(`${INTEL}/trust-score`);
+    setTrustResp(r);
+    if (r.ok && r.data) {
+      setTrust({ score: r.data.trust_score, label: r.data.label, color: r.data.color });
+      setTrustHist(r.data.history || []);
+    }
+    setLoad('trust', false);
+  };
+  const intelVerify = async () => {
+    if (!getToken()) { alert('Login first.'); return; }
+    setLoad('verify', true);
+    const r = await req(`${INTEL}/continuous-verify`, 'POST', {});
+    setTrustResp(r);
+    if (r.ok) setTrust({ score: r.data.trust_score, label: r.data.label, color: r.data.color });
+    setLoad('verify', false);
+  };
+  const intelDropTrust = async () => {
+    if (!getToken()) { alert('Login first (use Quick Login above).'); return; }
+    setLoad('drop', true);
+    const r = await req(`${INTEL}/simulate-trust-drop`, 'POST', { target_score: 25, reason: 'Manual demo drop' });
+    setTrustResp(r);
+    if (r.ok && r.data) {
+      setTrust({ score: r.data.new_trust, label: r.data.trust_label, color: r.data.trust_color });
+    }
+    setLoad('drop', false);
+  };
+
+  // ── Quick Login ───────────────────────────────────────────────────────────
+  const quickLogin = async () => {
+    setLoad('ql', true);
+    const r = await req(`${AUTH}/login`, 'POST', { email: 'demo.user@adaptive.demo', password: 'DemoUser@123!' }, false);
+    if (r.ok && r.data?.access_token) {
+      saveToken(r.data.access_token);
+      onTokenSave?.();
+      setLoginStatus('✅ Logged in as demo.user@adaptive.demo');
+      await intelGetTrust();
+    } else {
+      setLoginStatus('❌ Login failed — run Setup in Scenario 1 first.');
+    }
+    setLoad('ql', false);
+  };
+
+  // ── Behavior Send ─────────────────────────────────────────────────────────
+  const sendBehavior = async () => {
+    if (!getToken()) { alert('Login first.'); return; }
+    const s = computeScores();
+    setBhScores(s);
+    setLoad('beh', true);
+    const r = await req(`${INTEL}/behavior-signal`, 'POST', {
+      typing_entropy: s.te, mouse_linearity: s.ml, scroll_variance: s.sv, local_risk_score: s.lr,
+    });
+    setBehavResp(r);
+    if (r.ok && r.data?.trust) {
+      setTrust({ score: r.data.trust.score, label: r.data.trust.label, color: r.data.trust.color });
+    }
+    setLoad('beh', false);
+  };
+
+  // ── Travel ────────────────────────────────────────────────────────────────
+  const checkTravel = async () => {
+    setLoad('travel', true);
+    const r = await req(`${INTEL}/demo/impossible-travel`, 'POST', {
+      from_city: travelFrom, to_city: travelTo,
+      time_gap_hours: parseFloat(travelHours), from_country: '', to_country: '',
+    }, false);
+    setTravelResult(r.ok ? r.data : null);
+    setLoad('travel', false);
+  };
+
+  // ── AI Anomaly ────────────────────────────────────────────────────────────
+  const scoreAnomaly = async () => {
+    setLoad('ai', true);
+    const r = await req(`${INTEL}/demo/anomaly-score`, 'POST', {
+      typing_entropy:       parseFloat(aiTyping),
+      mouse_linearity:      parseFloat(aiMouse),
+      scroll_variance:      parseFloat(aiScroll),
+      hour_normalized:      parseFloat(aiHour),
+      failed_attempts_norm: parseFloat(aiFailed),
+    }, false);
+    setAnomResult(r.ok ? r.data : null);
+    setLoad('ai', false);
+  };
+
+  // ── Micro-Challenge ───────────────────────────────────────────────────────
+  const generateChallenge = async () => {
+    if (!getToken()) {
+      const a = Math.floor(Math.random() * 9) + 2, b = Math.floor(Math.random() * 9) + 2;
+      setChallengeId('demo-no-auth');
+      setChallengeQ(`What is ${a} × ${b} ?`);
+      setChallengeAnswer('');
+      setChallengeMsg('(Demo mode — login to persist trust changes)');
+      setShowChallenge(true);
+      return;
+    }
+    setLoad('ch', true);
+    const r = await req(`${INTEL}/micro-challenge/generate`, 'POST', {});
+    setChallengeResp(r);
+    if (r.ok && r.data?.challenge) {
+      setChallengeId(r.data.challenge.challenge_id);
+      setChallengeQ(r.data.challenge.question);
+      setChallengeAnswer('');
+      setChallengeMsg(r.data.challenge_needed ? '' : 'ℹ Trust is healthy — showing challenge for demo purposes.');
+      setShowChallenge(true);
+    }
+    setLoad('ch', false);
+  };
+
+  const verifyChallenge = async () => {
+    if (!challengeAnswer.trim()) { alert('Enter your answer.'); return; }
+    if (!challengeId || challengeId === 'demo-no-auth') {
+      setChallengeMsg('✅ Submitted (login to update real trust score).');
+      setShowChallenge(false);
+      return;
+    }
+    setLoad('chv', true);
+    const r = await req(`${INTEL}/micro-challenge/verify`, 'POST', { challenge_id: challengeId, response: challengeAnswer });
+    setChallengeResp(r);
+    if (r.ok && r.data) {
+      setChallengeMsg(r.data.reason);
+      if (r.data.correct) {
+        setShowChallenge(false);
+        setTrust({ score: r.data.new_trust, label: r.data.trust_label, color: r.data.trust_color });
+      } else {
+        setChallengeAnswer('');
+      }
+    }
+    setLoad('chv', false);
+  };
+
+  // ── Explain ───────────────────────────────────────────────────────────────
+  const explainRisk = async () => {
+    setLoad('exp', true);
+    const r = await req(`${INTEL}/demo/explain`, 'POST', {
+      location_score: parseFloat(expLoc), device_score: parseFloat(expDev),
+      time_score: parseFloat(expTime),    velocity_score: parseFloat(expVel),
+      behavior_score: parseFloat(expBeh), security_level: parseInt(expLevel),
+      risk_level: 'medium',
+    }, false);
+    setExplainResult(r.ok ? r.data : null);
+    setLoad('exp', false);
+  };
+
+  return (
+    <div>
+      <Callout type="info">
+        <strong>🧠 Session Intelligence — 8 Advanced Security Features</strong><br />
+        Continuous Verification &bull; Behavioral Intelligence &bull; Dynamic Trust Score &bull;
+        Micro-Challenges &bull; Explainability &bull; AI Anomaly Detection &bull; Impossible Travel &bull;
+        Privacy-First Design.
+      </Callout>
+
+      {/* Quick Login */}
+      <Card>
+        <CardHeader icon="🔑">Session Authentication</CardHeader>
+        <div className="flex items-center gap-3 flex-wrap">
+          <span className="text-sm text-muted">Protected features require a JWT token.</span>
+          <button className="btn btn-primary btn-sm" onClick={quickLogin} disabled={loading.ql}>
+            {loading.ql ? '…' : '⚡ Quick Login (demo user)'}
+          </button>
+          {loginStatus && (
+            <span className="text-sm" style={{ color: loginStatus.startsWith('✅') ? 'var(--success)' : 'var(--danger)' }}>
+              {loginStatus}
+            </span>
+          )}
+        </div>
+      </Card>
+
+      {/* Trust Score */}
+      <Card>
+        <CardHeader icon="🛡️">Dynamic Trust Score &amp; Continuous Verification</CardHeader>
+        <div className="flex gap-4 flex-wrap items-start">
+          <TrustGauge score={trust.score} label={trust.label} color={trust.color} />
+          <div style={{ flex: 1, minWidth: 180 }}>
+            <div className="flex gap-2 flex-wrap mb-3">
+              <button className="btn btn-ghost btn-sm" onClick={intelGetTrust}  disabled={loading.trust}>🔄 Refresh</button>
+              <button className="btn btn-ghost btn-sm" onClick={intelVerify}    disabled={loading.verify}>✔ Verify Now</button>
+              <button className="btn btn-warn btn-sm"  onClick={intelDropTrust} disabled={loading.drop}>🔽 Drop to 25</button>
+            </div>
+            {trustHistory.length > 0 && (
+              <div>
+                <div className="text-xs font-600 uppercase letter-wide text-muted mb-2">Recent Trust Events</div>
+                <div style={{ maxHeight: 130, overflowY: 'auto' }}>
+                  {[...trustHistory].reverse().slice(0, 20).map((e, i) => (
+                    <div key={i} className="flex justify-between text-xs" style={{ borderBottom: '1px solid var(--border)', padding: '2px 0' }}>
+                      <span className="text-muted">{e.event_type}</span>
+                      <span style={{ color: e.delta >= 0 ? 'var(--success)' : 'var(--danger)' }}>
+                        {e.delta >= 0 ? '+' : ''}{e.delta.toFixed(1)} → {e.score.toFixed(0)}
+                      </span>
+                    </div>
+                  ))}
+                </div>
+              </div>
+            )}
+          </div>
+        </div>
+        <ResponseBox result={trustResp} />
+      </Card>
+
+      {/* Behavior Intelligence */}
+      <Card>
+        <CardHeader icon="🔒">Privacy-First Behavioral Intelligence</CardHeader>
+        <div className="callout callout-info text-sm mb-3" style={{ padding: '8px 12px' }}>
+          <strong>🔒 Privacy-First:</strong> Keystroke timings, mouse coords and scroll deltas are processed{' '}
+          <em>entirely in-browser</em>. Only the aggregated 0–1 scores are sent to the server.
+        </div>
+        <div className="flex gap-2 flex-wrap mb-3 items-center">
+          <button
+            className={`btn btn-sm ${collecting ? 'btn-danger' : 'btn-success'}`}
+            onClick={collecting ? stopCollecting : startCollecting}
+          >
+            {collecting ? '⏹ Stop Collecting' : '▶ Start Collecting'}
+          </button>
+          <button className="btn btn-primary btn-sm" onClick={sendBehavior} disabled={loading.beh}>
+            📤 Send Signals
+          </button>
+          {collectStatus && <span className="text-xs text-muted">{collectStatus}</span>}
+        </div>
+        <BehaviorBar label="⌨️ Typing Entropy (1.0 = human-like rhythm)"   value={bhScores.te} />
+        <BehaviorBar label="🖱️ Mouse Linearity (1.0 = curved/natural)"      value={bhScores.ml} />
+        <BehaviorBar label="📜 Scroll Variance (0.5 = organic human rhythm)" value={bhScores.sv} />
+        <ResponseBox result={behaviorResp} />
+      </Card>
+
+      <div className="grid-2">
+        {/* Impossible Travel */}
+        <Card style={{ margin: 0 }}>
+          <CardHeader icon="✈️">Impossible Travel Detector</CardHeader>
+          <div className="grid-2 mb-2">
+            <FormGroup label="FROM City">
+              <select value={travelFrom} onChange={e => setTravelFrom(e.target.value)}>
+                {cities.map(c => <option key={c}>{c}</option>)}
+              </select>
+            </FormGroup>
+            <FormGroup label="TO City">
+              <select value={travelTo} onChange={e => setTravelTo(e.target.value)}>
+                {cities.map(c => <option key={c}>{c}</option>)}
+              </select>
+            </FormGroup>
+          </div>
+          <FormGroup label="Time gap (hours)">
+            <input type="number" value={travelHours} onChange={e => setTravelHours(e.target.value)} min="0.01" step="0.5" />
+          </FormGroup>
+          <button className="btn btn-primary btn-sm btn-full" onClick={checkTravel} disabled={loading.travel}>
+            {loading.travel ? '…' : '📏 Calculate Travel Risk'}
+          </button>
+          <TravelResult data={travelResult} />
+        </Card>
+
+        {/* AI Anomaly Scorer */}
+        <Card style={{ margin: 0 }}>
+          <CardHeader icon="🤖">AI Anomaly Scorer</CardHeader>
+          {[
+            { label: 'Typing entropy',         val: aiTyping,  set: setAiTyping },
+            { label: 'Mouse linearity',         val: aiMouse,   set: setAiMouse  },
+            { label: 'Scroll variance',         val: aiScroll,  set: setAiScroll },
+            { label: 'Hour normalized',         val: aiHour,    set: setAiHour   },
+            { label: 'Failed attempts (÷20)',   val: aiFailed,  set: setAiFailed },
+          ].map(f => (
+            <div key={f.label} className="flex items-center justify-between gap-2 mb-2">
+              <span className="text-sm text-2">{f.label}</span>
+              <input
+                type="number" value={f.val} onChange={e => f.set(e.target.value)}
+                min="0" max="1" step="0.05"
+                style={{ width: 72, textAlign: 'right', padding: '3px 6px' }}
+              />
+            </div>
+          ))}
+          <button className="btn btn-primary btn-sm btn-full mt-2" onClick={scoreAnomaly} disabled={loading.ai}>
+            {loading.ai ? '…' : '🧠 Score with AI'}
+          </button>
+          <AnomalyResult data={anomResult} />
+        </Card>
+      </div>
+
+      {/* Micro-Challenges */}
+      <Card>
+        <CardHeader icon="🧩">Low-Friction Micro-Challenges</CardHeader>
+        <p className="text-sm text-muted mb-3">
+          Challenges fire <em>only when trust drops below 40</em> — never interrupts a trusted session.
+        </p>
+        <div className="flex gap-2 flex-wrap mb-3">
+          <button className="btn btn-warn btn-sm"    onClick={intelDropTrust}    disabled={loading.drop}>🔽 Drop Trust to 25</button>
+          <button className="btn btn-primary btn-sm" onClick={generateChallenge} disabled={loading.ch}>🧩 Generate Challenge</button>
+        </div>
+        {showChallenge && (
+          <div className="callout callout-info">
+            <div className="font-bold mb-2" style={{ fontSize: 16 }}>{challengeQ}</div>
+            <div className="flex gap-2 items-center">
+              <input
+                type="text"
+                value={challengeAnswer}
+                onChange={e => setChallengeAnswer(e.target.value)}
+                placeholder="Your answer…"
+                style={{ width: 160 }}
+              />
+              <button className="btn btn-success btn-sm" onClick={verifyChallenge} disabled={loading.chv}>
+                {loading.chv ? '…' : '✔ Verify'}
+              </button>
+            </div>
+            {challengeMsg && <div className="text-sm mt-2">{challengeMsg}</div>}
+          </div>
+        )}
+        <ResponseBox result={challengeResp} />
+      </Card>
+
+      {/* Explainability */}
+      <Card>
+        <CardHeader icon="📊">Explainable Risk Transparency</CardHeader>
+        <p className="text-sm text-muted mb-3">
+          Submit factor scores and see exactly which signals contributed and why — with model weights.
+        </p>
+        <div className="grid-3 mb-3">
+          {[
+            { label: '🌍 Location (0-100)',   val: expLoc,   set: setExpLoc,   max: 100 },
+            { label: '💻 Device',             val: expDev,   set: setExpDev,   max: 100 },
+            { label: '🕐 Time',               val: expTime,  set: setExpTime,  max: 100 },
+            { label: '⚡ Velocity',            val: expVel,   set: setExpVel,   max: 100 },
+            { label: '🧠 Behavior',            val: expBeh,   set: setExpBeh,   max: 100 },
+            { label: '🔒 Security level (0-4)',val: expLevel, set: setExpLevel, max: 4 },
+          ].map(f => (
+            <FormGroup key={f.label} label={f.label}>
+              <input type="number" value={f.val} onChange={e => f.set(e.target.value)} min="0" max={f.max} />
+            </FormGroup>
+          ))}
+        </div>
+        <button className="btn btn-primary btn-sm" onClick={explainRisk} disabled={loading.exp}>
+          {loading.exp ? '…' : '🔍 Generate Explanation'}
+        </button>
+        {explainResult && (
+          <div className="mt-3">
+            <div className="text-sm text-muted mb-2">
+              🔍 Audit ID: <code>{explainResult.audit_id}</code> &nbsp;·&nbsp;
+              Confidence: {(explainResult.confidence * 100).toFixed(0)}% &nbsp;·&nbsp;
+              Action: <em>{explainResult.action}</em>
+            </div>
+            <div className="resp-box" style={{ background: 'var(--surface-2)' }}>{explainResult.summary}</div>
+            {(explainResult.factors || []).map(f => {
+              const col = f.status === 'anomalous' ? '#dc2626' : '#16a34a';
+              const bar = Math.min(100, Math.max(0, Math.abs(f.contribution) * 4));
+              return (
+                <div key={f.factor} className="factor-row mt-2">
+                  <div className="factor-label">
+                    <span>{f.icon} <strong>{f.factor}</strong> <span className="text-xs text-muted">w:{f.model_weight}</span></span>
+                    <span style={{ color: col }}>{f.contribution >= 0 ? '+' : ''}{f.contribution.toFixed(1)}</span>
+                  </div>
+                  <div className="factor-bar-wrap">
+                    <div className="factor-bar" style={{ width: `${bar}%`, background: col }} />
+                  </div>
+                  <div className="text-xs text-muted mt-1">{f.detail}</div>
+                </div>
+              );
+            })}
+          </div>
+        )}
+      </Card>
+
+      {/* Session Audit Trail */}
+      <Card>
+        <CardHeader icon="📋">Session Audit Trail <span className="text-sm text-muted font-400">(requires login)</span></CardHeader>
+        <button className="btn btn-ghost btn-sm mb-2" onClick={async () => {
+          if (!getToken()) { alert('Login first.'); return; }
+          setLoad('audit', true);
+          setSessionResp(await req(`${INTEL}/explain`));
+          setLoad('audit', false);
+        }} disabled={loading.audit}>
+          {loading.audit ? '…' : '📄 Fetch My Session Events'}
+        </button>
+        <ResponseBox result={sessionResp} />
+      </Card>
+    </div>
+  );
+}

client/src/tabs/Scenario1Tab.jsx

@@ -0,0 +1,214 @@
+import { useState } from 'react';
+import { req, saveToken, ENDPOINTS } from '../api';
+import { Card, CardHeader, Callout, FormGroup, ResponseBox, StepBar, Tag } from '../components/ui';
+import { RiskVizCard } from '../components/RiskViz';
+
+const DEMO = ENDPOINTS.DEMO;
+
+const STEPS = [
+  { label: 'Setup',            sub: 'Create demo user'  },
+  { label: 'Normal Login',     sub: 'Known context'     },
+  { label: 'Suspicious Login', sub: 'Unknown context'   },
+  { label: 'Verify Challenge', sub: 'Step-up auth'      },
+];
+
+export default function Scenario1Tab({ onTokenSave }) {
+  const [step,           setStep]           = useState(-1);
+  const [setupResp,      setSetupResp]      = useState(null);
+  const [normalResp,     setNormalResp]     = useState(null);
+  const [suspResp,       setSuspResp]       = useState(null);
+  const [challengeResp,  setChallengeResp]  = useState(null);
+  const [riskData,       setRiskData]       = useState(null);
+  const [challengeId,    setChallengeId]    = useState('');
+  const [challengeCode,  setChallengeCode]  = useState('');
+  const [showChallenge,  setShowChallenge]  = useState(false);
+  const [loading,        setLoading]        = useState({});
+
+  const setLoad = (k, v) => setLoading(prev => ({ ...prev, [k]: v }));
+
+  const setupDemo = async (reset) => {
+    setLoad('setup', true);
+    const r = await req(`${DEMO}/setup?reset=${reset}`, 'POST', null, false);
+    setSetupResp(r);
+    if (r.ok) setStep(0);
+    setLoad('setup', false);
+  };
+
+  const checkState = async () => {
+    setLoad('setup', true);
+    const r = await req(`${DEMO}/state`, 'GET', null, false);
+    setSetupResp(r);
+    setLoad('setup', false);
+  };
+
+  const doNormalLogin = async () => {
+    setLoad('normal', true);
+    const r = await req(`${DEMO}/scenario1/normal-login`, 'POST', null, false);
+    setNormalResp(r);
+    if (r.ok && r.data) {
+      const fd = r.data.framework_decision || {};
+      const t  = fd.access_token || r.data.access_token;
+      if (t) { saveToken(t); onTokenSave?.(); }
+      setRiskData({ decision: fd, notes: r.data.what_the_framework_checked });
+      setStep(s => Math.max(s, 1));
+      setShowChallenge(false);
+    }
+    setLoad('normal', false);
+  };
+
+  const doSuspiciousLogin = async () => {
+    setLoad('susp', true);
+    const r = await req(`${DEMO}/scenario1/suspicious-login`, 'POST', null, false);
+    setSuspResp(r);
+    if (r.ok && r.data) {
+      const fd = r.data.framework_decision || {};
+      setRiskData({ decision: fd, notes: r.data.anomalies_triggered });
+      setStep(s => Math.max(s, 2));
+      if (fd.status === 'challenge_required' && fd.challenge_id) {
+        setChallengeId(fd.challenge_id);
+        setShowChallenge(true);
+      } else {
+        setShowChallenge(false);
+      }
+    }
+    setLoad('susp', false);
+  };
+
+  const doCompleteChallenge = async () => {
+    if (!challengeId || !challengeCode) { alert('Enter challenge ID and code.'); return; }
+    setLoad('challenge', true);
+    const url = `${DEMO}/scenario1/complete-challenge?challenge_id=${encodeURIComponent(challengeId)}&code=${encodeURIComponent(challengeCode)}`;
+    const r   = await req(url, 'POST', null, false);
+    setChallengeResp(r);
+    if (r.ok) {
+      const t = r.data?.result?.access_token;
+      if (t) { saveToken(t); onTokenSave?.(); }
+      setStep(3);
+    }
+    setLoad('challenge', false);
+  };
+
+  return (
+    <div>
+      <Callout type="info">
+        <strong>Scenario 1 — User Behaviour Anomaly Detection</strong><br />
+        The demo user has <strong>30 days of normal login history</strong> from New York on Windows Chrome
+        (Mon–Fri, 8AM–5PM). We show how the framework reacts when the <em>same password</em> is used
+        from a completely different context.
+      </Callout>
+
+      <StepBar steps={STEPS} current={step} />
+
+      {/* Step 0 — Setup */}
+      <Card>
+        <CardHeader icon="⚙️">Step 0 – Setup Demo Environment</CardHeader>
+        <p className="text-muted text-sm mb-3">
+          Creates the demo user with a realistic 30-day behavioral profile (15 logins from a
+          trusted IP, device, and time window).
+        </p>
+        <div className="flex gap-2 flex-wrap">
+          <button className="btn btn-primary" onClick={() => setupDemo(false)} disabled={loading.setup}>
+            🔧 Setup Demo
+          </button>
+          <button className="btn btn-warn" onClick={() => setupDemo(true)} disabled={loading.setup}>
+            🔄 Reset &amp; Re-setup
+          </button>
+          <button className="btn btn-ghost" onClick={checkState} disabled={loading.setup}>
+            📊 Check State
+          </button>
+        </div>
+        <ResponseBox result={setupResp} />
+      </Card>
+
+      {/* Step 1 & 2 — Compare */}
+      <div className="compare-grid">
+        {/* Normal */}
+        <div className="compare-side success">
+          <div className="compare-title success">✅ Normal Context</div>
+          <div className="context-list">
+            <div><Tag>IP</Tag> 203.0.113.10 (known)</div>
+            <div><Tag>Location</Tag> New York, US</div>
+            <div><Tag>Device</Tag> Windows Chrome</div>
+            <div><Tag>Time</Tag> Business hours</div>
+            <div><Tag>History</Tag> 15 logins seen</div>
+          </div>
+          <button
+            className="btn btn-success btn-full mt-3"
+            onClick={doNormalLogin}
+            disabled={loading.normal}
+          >
+            {loading.normal ? 'Logging in…' : '▶ Run Normal Login'}
+          </button>
+          <ResponseBox result={normalResp} />
+        </div>
+
+        {/* Suspicious */}
+        <div className="compare-side danger">
+          <div className="compare-title danger">🚩 Suspicious Context</div>
+          <div className="context-list">
+            <div><Tag>IP</Tag> 198.51.100.55 (new!)</div>
+            <div><Tag>Location</Tag> Moscow, Russia</div>
+            <div><Tag>Device</Tag> iPhone Safari (new!)</div>
+            <div><Tag>Time</Tag> Same password</div>
+            <div><Tag>History</Tag> 0 logins from here</div>
+          </div>
+          <button
+            className="btn btn-danger btn-full mt-3"
+            onClick={doSuspiciousLogin}
+            disabled={loading.susp}
+          >
+            {loading.susp ? 'Logging in…' : '▶ Run Suspicious Login'}
+          </button>
+          <ResponseBox result={suspResp} />
+        </div>
+      </div>
+
+      {/* Risk Visualization */}
+      {riskData && (
+        <RiskVizCard decision={riskData.decision} notes={riskData.notes} />
+      )}
+
+      {/* Step 3 — Challenge */}
+      {showChallenge && (
+        <Card>
+          <CardHeader icon="🔐">Step 3 – Complete Step-up Challenge</CardHeader>
+          <Callout type="warn">
+            The framework triggered a challenge because of the suspicious context. In a live deployment
+            this sends a real email. In the demo, use code <strong>000000</strong>.
+          </Callout>
+          <div className="grid-2" style={{ alignItems: 'start' }}>
+            <div>
+              <FormGroup label="Challenge ID">
+                <input value={challengeId} readOnly placeholder="Auto-filled from step 2" />
+              </FormGroup>
+              <FormGroup label="Verification Code">
+                <input
+                  value={challengeCode}
+                  onChange={e => setChallengeCode(e.target.value)}
+                  placeholder="Enter code (000000 for demo)"
+                />
+              </FormGroup>
+              <button
+                className="btn btn-primary btn-full"
+                onClick={doCompleteChallenge}
+                disabled={loading.challenge}
+              >
+                {loading.challenge ? 'Verifying…' : '✅ Verify & Complete Login'}
+              </button>
+            </div>
+            <div className="text-sm text-2">
+              <p className="font-600">Why was this required?</p>
+              <ul className="mt-2 ml-4" style={{ lineHeight: 2 }}>
+                <li>Unknown IP address</li>
+                <li>New device fingerprint</li>
+                <li>Geographic location changed</li>
+                <li>Security Level ≥ 2 → challenge required</li>
+              </ul>
+            </div>
+          </div>
+          <ResponseBox result={challengeResp} />
+        </Card>
+      )}
+    </div>
+  );
+}

client/src/tabs/Scenario2Tab.jsx

@@ -0,0 +1,346 @@
+import { useState, useEffect, useRef, useCallback } from 'react';
+import { req, saveToken, ENDPOINTS } from '../api';
+import { Card, CardHeader, Callout, ResponseBox, StepBar } from '../components/ui';
+
+const DEMO = ENDPOINTS.DEMO;
+const STEPS = [
+  { label: 'Brute Force',      sub: 'Inject failed logins'    },
+  { label: 'Legit User',       sub: 'Normal login during attack' },
+  { label: 'Attacker Unmasked',sub: 'Correct password, still blocked' },
+];
+
+function AnomalyFeed({ anomalies }) {
+  if (!anomalies || !anomalies.length) {
+    return <p className="text-muted text-sm">No active anomalies.</p>;
+  }
+  return (
+    <div>
+      {anomalies.map((a, i) => (
+        <div className="anomaly-item" key={i}>
+          <span style={{ fontSize: 22 }}>🚨</span>
+          <div style={{ flex: 1 }}>
+            <div className="anomaly-type">{a.type}</div>
+            <div className="anomaly-meta">
+              IP: <code>{a.ip || '—'}</code> &nbsp;|&nbsp; Confidence: <strong>{a.confidence || '—'}</strong>
+              &nbsp;|&nbsp; <span className="badge badge-danger">{a.severity || '—'}</span>
+              &nbsp;|&nbsp; {a.first_detected ? new Date(a.first_detected).toLocaleTimeString() : ''}
+            </div>
+          </div>
+        </div>
+      ))}
+    </div>
+  );
+}
+
+function CompareBox({ legitResult, attackerResult }) {
+  if (!legitResult && !attackerResult) {
+    return <p className="text-muted text-sm">Run steps 2 and 3 to see the comparison.</p>;
+  }
+  const ld = (legitResult?.framework_decision) || {};
+  const ad = (attackerResult?.framework_decision) || {};
+  const col  = s => s === 'success' ? 'var(--success)' : s === 'challenge_required' ? 'var(--warn)' : 'var(--danger)';
+  const icon = s => s === 'success' ? '✅' : s === 'challenge_required' ? '⚠️' : '🚫';
+  return (
+    <div className="side-compare">
+      <div className="side-item">
+        <div className="side-title text-success">Legitimate User</div>
+        {legitResult ? (
+          <>
+            <div style={{ fontSize: 26, textAlign: 'center', margin: '8px 0', color: col(ld.status) }}>{icon(ld.status)}</div>
+            <div style={{ textAlign: 'center', fontWeight: 700, color: col(ld.status) }}>{(ld.status || '').toUpperCase()}</div>
+            <div className="text-sm text-muted mt-1">Risk: {ld.risk_level || '—'} | Level: {ld.security_level ?? '—'}</div>
+            {legitResult.key_insight && <div className="text-sm mt-1">{legitResult.key_insight}</div>}
+          </>
+        ) : <p className="text-muted text-sm">Run step 2</p>}
+      </div>
+      <div className="side-item">
+        <div className="side-title text-danger">Attacker (correct password)</div>
+        {attackerResult ? (
+          <>
+            <div style={{ fontSize: 26, textAlign: 'center', margin: '8px 0', color: col(ad.status) }}>{icon(ad.status)}</div>
+            <div style={{ textAlign: 'center', fontWeight: 700, color: col(ad.status) }}>{(ad.status || '').toUpperCase()}</div>
+            <div className="text-sm text-muted mt-1">Risk: {ad.risk_level || '—'} | Level: {ad.security_level ?? '—'}</div>
+            {attackerResult.key_insight && <div className="text-sm mt-1">{attackerResult.key_insight}</div>}
+          </>
+        ) : <p className="text-muted text-sm">Run step 3</p>}
+      </div>
+    </div>
+  );
+}
+
+export default function Scenario2Tab({ onTokenSave }) {
+  const [step,              setStep]        = useState(-1);
+  const [attackAttempts,    setAtk]         = useState('12');
+  const [attackLog,         setAtkLog]      = useState([]);
+  const [attackResp,        setAtkResp]     = useState(null);
+  const [legitResp,         setLegitResp]   = useState(null);
+  const [attackerResp,      setAtkrResp]    = useState(null);
+  const [legitResult,       setLegitResult] = useState(null);
+  const [attackerResult,    setAtkrResult]  = useState(null);
+  const [anomalies,         setAnomalies]   = useState([]);
+  const [isMonitoring,      setMonitor]     = useState(false);
+  const [monStats,          setMonStats]    = useState(null);
+  const [monLog,            setMonLog]      = useState([]);
+  const [loading,           setLoading]     = useState({});
+
+  const intervalRef   = useRef(null);
+  const cycleCountRef = useRef(0);
+  const runCycleRef   = useRef(null);
+
+  const setLoad = (k, v) => setLoading(p => ({ ...p, [k]: v }));
+
+  const addLog = useCallback((type, msg) => {
+    setMonLog(prev => {
+      const next = [...prev, { type, msg, id: Date.now() + Math.random() }];
+      return next.length > 200 ? next.slice(-200) : next;
+    });
+  }, []);
+
+  const refreshAnomalies = useCallback(async () => {
+    const r = await req(`${DEMO}/scenario2/anomalies`, 'GET', null, false);
+    if (r.ok && r.data?.active_anomalies?.length) {
+      setAnomalies(r.data.active_anomalies);
+    } else {
+      setAnomalies([]);
+    }
+  }, []);
+
+  const runCycle = useCallback(async () => {
+    cycleCountRef.current++;
+    const r = await req(`${DEMO}/scenario2/run-monitoring-cycle`, 'POST', null, false);
+    if (!r.ok) {
+      addLog('warn', `Cycle ${cycleCountRef.current} failed: ${r.data?.detail || 'server error'}`);
+      return;
+    }
+    const d    = r.data;
+    const threat = d.threat_level || 'NORMAL';
+    const anom   = d.scan?.total_active_anomalies ?? 0;
+    const time   = new Date(d.cycle_at).toLocaleTimeString();
+    const bf     = d.scan?.brute_force_active         ? ' | BruteForce:ACTIVE'   : '';
+    const cs     = d.scan?.credential_stuffing_active ? ' | CredStuffing:ACTIVE' : '';
+    setMonStats(d);
+    addLog(anom > 0 ? 'threat' : 'ok',
+      `[${time}] #${cycleCountRef.current} ${anom > 0 ? '⚠' : '✓'}  Threat:${threat}  Anomalies:${anom}  Failed/1h:${d.scan?.recent_failed_logins_1h ?? 0}${bf}${cs}`
+    );
+    if (cycleCountRef.current % 3 === 0) await refreshAnomalies();
+  }, [addLog, refreshAnomalies]);
+
+  // Keep ref current so interval always calls the latest version
+  runCycleRef.current = runCycle;
+
+  const startMonitoring = () => {
+    cycleCountRef.current = 0;
+    setMonitor(true);
+    addLog('info', 'Continuous monitoring started. Scanning every 2 s…');
+    runCycleRef.current();
+    intervalRef.current = setInterval(() => runCycleRef.current(), 2000);
+  };
+
+  const stopMonitoring = () => {
+    if (intervalRef.current) { clearInterval(intervalRef.current); intervalRef.current = null; }
+    setMonitor(false);
+    addLog('info', `Monitoring stopped after ${cycleCountRef.current} cycles.`);
+  };
+
+  useEffect(() => () => {
+    if (intervalRef.current) clearInterval(intervalRef.current);
+  }, []);
+
+  const doSimulateAttack = async () => {
+    setLoad('attack', true);
+    const n   = parseInt(attackAttempts) || 12;
+    const log = [];
+    for (let i = 1; i <= n; i++) {
+      await new Promise(r => setTimeout(r, 70));
+      log.push({ id: i, msg: `[${new Date().toLocaleTimeString()}] ATTEMPT ${i}/${n} pw:****${i} → FAILED`, type: 'attempt' });
+      setAtkLog([...log]);
+    }
+    const r = await req(`${DEMO}/scenario2/simulate-attack?num_attempts=${n}`, 'POST', null, false);
+    setAtkResp(r);
+    if (r.ok && r.data) {
+      const cnt = r.data.anomalies_detected?.length || 0;
+      const aip = r.data.attack_details?.attacker_ip || '192.0.2.100';
+      setAtkLog(prev => [
+        ...prev,
+        { id: 'det', msg: `[FRAMEWORK] AnomalyDetector fired: ${cnt} pattern(s) detected.`, type: 'detected' },
+        { id: 'blk', msg: `[FRAMEWORK] IP ${aip} flagged as CRITICAL. All requests BLOCKED.`, type: 'blocked' },
+      ]);
+      setStep(s => Math.max(s, 0));
+    }
+    await refreshAnomalies();
+    setLoad('attack', false);
+  };
+
+  const doLegitLogin = async () => {
+    setLoad('legit', true);
+    const r = await req(`${DEMO}/scenario2/legitimate-user`, 'POST', null, false);
+    setLegitResp(r);
+    setLegitResult(r.data);
+    if (r.ok) {
+      const t = r.data?.framework_decision?.access_token || r.data?.access_token;
+      if (t) { saveToken(t); onTokenSave?.(); }
+      setStep(s => Math.max(s, 1));
+    }
+    setLoad('legit', false);
+  };
+
+  const doAttackerLogin = async () => {
+    setLoad('attacker', true);
+    const r = await req(`${DEMO}/scenario2/attacker-login-attempt`, 'POST', null, false);
+    setAtkrResp(r);
+    setAtkrResult(r.data);
+    if (r.ok) setStep(s => Math.max(s, 2));
+    setLoad('attacker', false);
+  };
+
+  const clearAnomalies = async () => {
+    await req(`${DEMO}/scenario2/clear-anomalies`, 'DELETE', null, false);
+    setAnomalies([]);
+    addLog('info', 'All anomalies cleared.');
+  };
+
+  const logClass = { attempt: 'attack-line', detected: 'attack-detected', blocked: 'attack-blocked' };
+
+  return (
+    <div>
+      <Callout type="danger">
+        <strong>Scenario 2 — Attack &amp; Anomaly Detection</strong><br />
+        We simulate a brute-force attack, watch the <code>AnomalyDetector</code> fire in real time,
+        then compare a <em>legitimate user</em> vs the <em>attacker with the correct password</em>.
+      </Callout>
+
+      <StepBar steps={STEPS} current={step} />
+
+      <div className="grid-2" style={{ alignItems: 'start' }}>
+        {/* Left column */}
+        <div>
+          {/* Attack Simulation */}
+          <Card>
+            <CardHeader icon="💣">Step 1 – Simulate Brute Force Attack</CardHeader>
+            <p className="text-sm text-muted mb-3">
+              Injects failed login attempts from attacker IP <code>192.0.2.100</code> (Beijing, China),
+              then triggers the AnomalyDetector.
+            </p>
+            <div className="form-group">
+              <label>Number of attempts</label>
+              <input
+                type="number"
+                value={attackAttempts}
+                onChange={e => setAtk(e.target.value)}
+                min="5" max="25"
+              />
+            </div>
+            <button
+              className="btn btn-danger btn-full"
+              onClick={doSimulateAttack}
+              disabled={loading.attack}
+            >
+              {loading.attack ? 'Simulating…' : '💥 Launch Attack Simulation'}
+            </button>
+            {attackLog.length > 0 && (
+              <div className="attack-log">
+                {attackLog.map(l => (
+                  <div key={l.id} className={logClass[l.type] || 'attack-line'}>{l.msg}</div>
+                ))}
+              </div>
+            )}
+            <ResponseBox result={attackResp} />
+          </Card>
+
+          {/* Monitoring */}
+          <Card>
+            <CardHeader
+              icon="🚨"
+              actions={
+                <span className={`monitor-badge ${isMonitoring ? 'mon-on' : 'mon-off'}`}>
+                  {isMonitoring ? '● Live' : '⏸ Idle'}
+                </span>
+              }
+            >
+              Live Anomaly Feed &amp; Monitoring
+            </CardHeader>
+
+            <div className="flex gap-2 flex-wrap mb-3 items-center">
+              <button
+                className={`btn btn-sm ${isMonitoring ? 'btn-danger' : 'btn-success'}`}
+                onClick={isMonitoring ? stopMonitoring : startMonitoring}
+              >
+                {isMonitoring ? '⏹ Stop Monitoring' : '▶ Start Monitoring'}
+              </button>
+              <button className="btn btn-ghost btn-sm" onClick={refreshAnomalies}>🔄 Refresh Feed</button>
+              <button className="btn btn-danger btn-sm" onClick={clearAnomalies}>🗑 Clear</button>
+              <span className="text-xs text-muted">Runs a full scan cycle every 2 s when active</span>
+            </div>
+
+            {isMonitoring && monStats && (
+              <div className="monitor-stats">
+                {[
+                  { val: monStats.threat_level || 'NORMAL', lbl: 'Threat',    color: monStats.threat_level === 'NORMAL' ? 'var(--success)' : 'var(--danger)' },
+                  { val: monStats.scan?.total_active_anomalies ?? '—', lbl: 'Anomalies', color: 'var(--warn)' },
+                  { val: monStats.scan?.recent_failed_logins_1h ?? '—', lbl: 'Failed/1h', color: 'var(--danger)' },
+                  { val: monStats.sessions?.active ?? '—', lbl: 'Sessions',   color: 'var(--info)' },
+                  { val: monStats.sessions?.suspicious ?? '—', lbl: 'Suspicious', color: 'var(--warn)' },
+                ].map(s => (
+                  <div className="ms-item" key={s.lbl}>
+                    <div className="ms-val" style={{ color: s.color }}>{s.val}</div>
+                    <div className="ms-lbl">{s.lbl}</div>
+                  </div>
+                ))}
+                <div className="ms-item ml-auto">
+                  <div className="ms-val" style={{ fontSize: 11, color: 'var(--muted)' }}>
+                    {monStats.cycle_at ? new Date(monStats.cycle_at).toLocaleTimeString() : '—'}
+                  </div>
+                  <div className="ms-lbl">Last cycle</div>
+                </div>
+              </div>
+            )}
+
+            {monLog.length > 0 && (
+              <div className="monitor-log">
+                {monLog.map(l => (
+                  <div key={l.id} className={`ml-${l.type}`}>{l.msg}</div>
+                ))}
+              </div>
+            )}
+
+            <div className="mt-3">
+              <AnomalyFeed anomalies={anomalies} />
+            </div>
+          </Card>
+        </div>
+
+        {/* Right column */}
+        <div>
+          <Card>
+            <CardHeader icon="👤">Step 2 – Legitimate User Logs In</CardHeader>
+            <p className="text-sm text-muted mb-3">
+              Same account. Logs in from <strong>New York (trusted IP, trusted device)</strong> while
+              the attack is in progress.
+            </p>
+            <button className="btn btn-success btn-full" onClick={doLegitLogin} disabled={loading.legit}>
+              {loading.legit ? 'Logging in…' : '▶ Login as Legitimate User'}
+            </button>
+            <ResponseBox result={legitResp} />
+          </Card>
+
+          <Card>
+            <CardHeader icon="🤖">Step 3 – Attacker Uses Correct Password</CardHeader>
+            <p className="text-sm text-muted mb-3">
+              The attacker somehow obtained the real password. See what happens.<br />
+              <strong>Spoiler:</strong> correct password alone is not enough.
+            </p>
+            <button className="btn btn-warn btn-full" onClick={doAttackerLogin} disabled={loading.attacker}>
+              {loading.attacker ? 'Attempting…' : '🔑 Attacker Login Attempt'}
+            </button>
+            <ResponseBox result={attackerResp} />
+          </Card>
+
+          <Card>
+            <CardHeader icon="⚖️">Side-by-side Comparison</CardHeader>
+            <CompareBox legitResult={legitResult} attackerResult={attackerResult} />
+          </Card>
+        </div>
+      </div>
+    </div>
+  );
+}

client/vite.config.js

@@ -0,0 +1,21 @@
+import { defineConfig } from 'vite'
+import react from '@vitejs/plugin-react'
+
+// https://vite.dev/config/
+export default defineConfig(({ mode }) => ({
+  plugins: [react()],
+  // In production, assets are served from FastAPI's /static mount.
+  // In dev, Vite dev-server proxies API calls and serves everything from root.
+  base: mode === 'production' ? '/static/' : '/',
+  build: {
+    outDir: '../static',   // demo-auth/static/
+    emptyOutDir: true,
+  },
+  server: {
+    port: 5173,
+    proxy: {
+      '/api':    { target: 'http://localhost:8000', changeOrigin: true },
+      '/health': { target: 'http://localhost:8000', changeOrigin: true },
+    },
+  },
+}))

static/assets/index-DKV7YaMs.css

@@ -0,0 +1 @@
+*,*:before,*:after{box-sizing:border-box;margin:0;padding:0}:root{--bg: #f0f4f8;--surface: #ffffff;--surface-2: #f8fafc;--border: #e2e8f0;--border-2: #cbd5e1;--text: #0f172a;--text-2: #334155;--muted: #64748b;--placeholder: #94a3b8;--primary: #2563eb;--primary-h: #1d4ed8;--primary-50: #eff6ff;--primary-100: #dbeafe;--primary-text: #1e40af;--success: #16a34a;--success-h: #15803d;--success-50: #f0fdf4;--success-100: #dcfce7;--success-border: #86efac;--warn: #d97706;--warn-h: #b45309;--warn-50: #fffbeb;--warn-100: #fef3c7;--warn-border: #fcd34d;--danger: #dc2626;--danger-h: #b91c1c;--danger-50: #fef2f2;--danger-100: #fee2e2;--danger-border: #fca5a5;--info: #0284c7;--info-50: #f0f9ff;--info-100: #e0f2fe;--info-border: #7dd3fc;--r: 8px;--r-sm: 5px;--r-lg: 12px;--shadow-sm: 0 1px 2px rgba(0,0,0,.05);--shadow: 0 1px 3px rgba(0,0,0,.08), 0 1px 2px rgba(0,0,0,.05);--shadow-md: 0 4px 6px rgba(0,0,0,.06), 0 2px 4px rgba(0,0,0,.05)}body{font-family:Inter,-apple-system,BlinkMacSystemFont,Segoe UI,sans-serif;background:var(--bg);color:var(--text);line-height:1.6;font-size:14px;-webkit-font-smoothing:antialiased}.topbar{background:var(--surface);border-bottom:1px solid var(--border);height:56px;padding:0 28px;display:flex;align-items:center;justify-content:space-between;position:sticky;top:0;z-index:100;box-shadow:var(--shadow-sm)}.topbar-logo{font-size:18px;font-weight:800;color:var(--primary);letter-spacing:-.3px;display:flex;align-items:center;gap:7px}.topbar-logo em{color:var(--text);font-style:normal;font-weight:600}.topbar-status{display:flex;align-items:center;gap:8px;font-size:12px;color:var(--muted)}.status-dot{width:8px;height:8px;border-radius:50%;background:var(--danger);flex-shrink:0;transition:background .3s}.status-dot.online{background:var(--success)}.status-dot.checking{background:var(--warn);animation:pulse 1s ease-in-out infinite}.container{max-width:1280px;margin:0 auto;padding:28px 28px 60px}.hero{padding-bottom:20px;margin-bottom:24px;border-bottom:1px solid var(--border)}.hero h1{font-size:24px;font-weight:800;color:var(--text);letter-spacing:-.4px;margin-bottom:4px}.hero h1 span{color:var(--primary)}.hero p{color:var(--muted);font-size:13px}.token-bar{background:var(--surface);border:1px solid var(--border);border-radius:var(--r);padding:10px 16px;margin-bottom:20px;display:flex;align-items:center;gap:10px;box-shadow:var(--shadow-sm)}.token-label{font-size:10px;font-weight:700;text-transform:uppercase;letter-spacing:.8px;color:var(--muted);white-space:nowrap}.token-val{flex:1;font-family:Consolas,Cascadia Code,monospace;font-size:12px;color:var(--primary-text);overflow:hidden;text-overflow:ellipsis;white-space:nowrap}.main-tabs{display:flex;gap:0;border-bottom:2px solid var(--border);margin-bottom:24px;overflow-x:auto}.main-tabs button{background:none;border:none;border-bottom:2px solid transparent;margin-bottom:-2px;color:var(--muted);padding:10px 20px;font-size:13px;font-weight:600;cursor:pointer;white-space:nowrap;transition:color .15s,border-color .15s;font-family:inherit}.main-tabs button.active{color:var(--primary);border-bottom-color:var(--primary)}.main-tabs button:hover:not(.active){color:var(--text-2)}.card{background:var(--surface);border:1px solid var(--border);border-radius:var(--r);padding:20px 22px;margin-bottom:16px;box-shadow:var(--shadow)}.card-header{display:flex;align-items:center;gap:8px;font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.7px;color:var(--muted);padding-bottom:12px;margin-bottom:14px;border-bottom:1px solid var(--border)}.card-header-row{display:flex;align-items:center;justify-content:space-between;padding-bottom:12px;margin-bottom:14px;border-bottom:1px solid var(--border)}.card-header-row .card-title{font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.7px;color:var(--muted);display:flex;align-items:center;gap:8px}button,.btn{display:inline-flex;align-items:center;justify-content:center;gap:5px;padding:8px 16px;border:1px solid transparent;border-radius:var(--r-sm);font-size:13px;font-weight:600;cursor:pointer;transition:background .12s,filter .1s,transform .08s,box-shadow .12s;white-space:nowrap;font-family:inherit;text-align:center}button:active:not(:disabled){transform:scale(.97)}button:disabled{opacity:.45;cursor:not-allowed}.btn-primary{background:var(--primary);color:#fff;border-color:var(--primary-h)}.btn-primary:hover:not(:disabled){background:var(--primary-h)}.btn-success{background:var(--success);color:#fff;border-color:var(--success-h)}.btn-success:hover:not(:disabled){background:var(--success-h)}.btn-warn{background:var(--warn);color:#fff;border-color:var(--warn-h)}.btn-warn:hover:not(:disabled){background:var(--warn-h)}.btn-danger{background:var(--danger);color:#fff;border-color:var(--danger-h)}.btn-danger:hover:not(:disabled){background:var(--danger-h)}.btn-ghost{background:var(--surface);color:var(--text-2);border-color:var(--border);box-shadow:var(--shadow-sm)}.btn-ghost:hover:not(:disabled){background:var(--bg);border-color:var(--border-2)}.btn-sm{padding:5px 11px;font-size:12px}.btn-full{width:100%}.form-group{margin-bottom:13px}.form-group label{display:block;font-size:11px;font-weight:600;color:var(--muted);margin-bottom:5px;text-transform:uppercase;letter-spacing:.5px}input,select,.form-input{width:100%;background:var(--surface);border:1px solid var(--border);border-radius:var(--r-sm);color:var(--text);padding:8px 11px;font-size:13px;font-family:inherit;transition:border-color .15s,box-shadow .15s}input:focus,select:focus,.form-input:focus{outline:none;border-color:var(--primary);box-shadow:0 0 0 3px var(--primary-100)}input::placeholder{color:var(--placeholder)}input[readonly]{background:var(--surface-2);color:var(--muted);cursor:default}.resp-box{margin-top:10px;padding:12px 14px;border-radius:var(--r-sm);font-size:12px;font-family:Consolas,Cascadia Code,monospace;background:var(--surface-2);border:1px solid var(--border);white-space:pre-wrap;word-break:break-all;max-height:280px;overflow-y:auto;line-height:1.6;color:var(--text-2)}.resp-box.ok{border-color:var(--success-border);color:var(--success);background:var(--success-50)}.resp-box.err{border-color:var(--danger-border);color:var(--danger);background:var(--danger-50)}.callout{padding:12px 15px;border-radius:var(--r-sm);font-size:13px;line-height:1.65;margin-bottom:14px;border-left:3px solid}.callout-info{background:var(--info-50);border-color:var(--info);color:#0c4a6e}.callout-success{background:var(--success-50);border-color:var(--success);color:#14532d}.callout-warn{background:var(--warn-50);border-color:var(--warn);color:#78350f}.callout-danger{background:var(--danger-50);border-color:var(--danger);color:#7f1d1d}.badge{display:inline-flex;align-items:center;padding:2px 9px;border-radius:4px;font-size:11px;font-weight:700;letter-spacing:.4px;text-transform:uppercase}.badge-success{background:var(--success-100);color:var(--success);border:1px solid var(--success-border)}.badge-warn{background:var(--warn-100);color:var(--warn);border:1px solid var(--warn-border)}.badge-danger{background:var(--danger-100);color:var(--danger);border:1px solid var(--danger-border)}.badge-info{background:var(--info-100);color:var(--info);border:1px solid var(--info-border)}.badge-muted{background:var(--surface-2);color:var(--muted);border:1px solid var(--border)}.tag{display:inline-block;padding:1px 7px;border-radius:4px;font-size:11px;background:var(--primary-50);color:var(--primary-text);margin:2px;font-weight:600;border:1px solid var(--primary-100)}.pill{display:inline-flex;align-items:center;gap:4px;padding:3px 9px;border-radius:4px;font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.3px}.pill-ok{background:var(--success-100);color:var(--success);border:1px solid var(--success-border)}.pill-err{background:var(--danger-100);color:var(--danger);border:1px solid var(--danger-border)}.pill-warn{background:var(--warn-100);color:var(--warn);border:1px solid var(--warn-border)}.step-bar{display:flex;gap:8px;margin-bottom:20px;overflow-x:auto}.step-item{flex:1;min-width:120px;background:var(--surface);border:1px solid var(--border);border-radius:var(--r);padding:11px 14px;text-align:center;box-shadow:var(--shadow-sm);transition:border-color .2s}.step-item.active{border-color:var(--primary);background:var(--primary-50)}.step-item.done{border-color:var(--success-border);background:var(--success-50)}.step-num{width:26px;height:26px;border-radius:50%;background:var(--border);color:var(--muted);display:inline-flex;align-items:center;justify-content:center;font-size:12px;font-weight:700;margin-bottom:5px}.step-item.active .step-num{background:var(--primary);color:#fff}.step-item.done .step-num{background:var(--success);color:#fff;font-size:14px}.step-label{font-size:12px;font-weight:700;color:var(--text-2)}.step-sub{font-size:11px;color:var(--muted);margin-top:2px}.compare-grid{display:grid;grid-template-columns:1fr 1fr;gap:12px;margin-bottom:16px}.compare-side{background:var(--surface);border-radius:var(--r);padding:16px;border:1px solid var(--border);box-shadow:var(--shadow-sm)}.compare-side.success{border-top:3px solid var(--success)}.compare-side.danger{border-top:3px solid var(--danger)}.compare-title{font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.5px;margin-bottom:10px}.compare-title.success{color:var(--success)}.compare-title.danger{color:var(--danger)}.context-list{display:flex;flex-direction:column;gap:5px;font-size:13px;margin-bottom:10px}.context-list>div{color:var(--text-2)}.gauge-wrap{text-align:center;padding:10px 0 4px}.gauge-val{font-size:32px;font-weight:800;letter-spacing:-1px;line-height:1;margin-top:2px}.gauge-label{font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.8px;color:var(--muted);margin-top:4px}.level-bar{display:flex;gap:4px;margin-top:8px}.level-seg{flex:1;height:7px;border-radius:4px;background:var(--border);transition:background .4s}.level-seg.seg-0{background:var(--success)}.level-seg.seg-1{background:#84cc16}.level-seg.seg-2{background:var(--warn)}.level-seg.seg-3{background:#f97316}.level-seg.seg-4{background:var(--danger)}.factor-row{margin-bottom:8px}.factor-label{font-size:12px;color:var(--muted);margin-bottom:4px;display:flex;justify-content:space-between}.factor-bar-wrap{height:8px;background:var(--border);border-radius:4px;overflow:hidden}.factor-bar{height:100%;border-radius:4px;transition:width .7s ease}.decision-panel{border-radius:var(--r-sm);overflow:hidden;border:1px solid var(--border);margin-top:8px}.decision-header{padding:11px 14px;font-size:14px;font-weight:800;text-align:center;letter-spacing:.3px}.decision-header.success{background:var(--success-50);color:var(--success);border-bottom:1px solid var(--success-border)}.decision-header.challenge{background:var(--warn-50);color:var(--warn);border-bottom:1px solid var(--warn-border)}.decision-header.blocked{background:var(--danger-50);color:var(--danger);border-bottom:1px solid var(--danger-border)}.decision-body{padding:12px 14px;font-size:13px;background:var(--surface);color:var(--text-2)}.attack-log{background:#1e1b4b;border-radius:var(--r-sm);padding:10px 13px;font-family:Consolas,monospace;font-size:12px;height:190px;overflow-y:auto;margin-top:12px}.attack-line{margin:2px 0;color:#c7d2fe}.attack-detected{color:#fcd34d;font-weight:700}.attack-blocked{color:#f9a8d4;font-weight:700}.anomaly-item{background:var(--danger-50);border:1px solid var(--danger-border);border-radius:var(--r-sm);padding:10px 13px;margin-bottom:8px;display:flex;align-items:flex-start;gap:10px;animation:slideIn .25s ease}.anomaly-type{font-weight:700;font-size:13px;color:var(--danger)}.anomaly-meta{font-size:11px;color:var(--muted);margin-top:3px}.monitor-badge{display:inline-flex;align-items:center;gap:5px;padding:3px 10px;border-radius:4px;font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.4px;transition:all .2s}.monitor-badge.mon-on{background:var(--danger-100);color:var(--danger);border:1px solid var(--danger-border);animation:pulse 1.4s ease-in-out infinite}.monitor-badge.mon-off{background:var(--surface-2);color:var(--muted);border:1px solid var(--border)}.monitor-stats{display:flex;flex-wrap:wrap;gap:8px;padding:10px 14px;background:var(--surface-2);border:1px solid var(--border);border-radius:var(--r-sm);font-size:12px;margin-bottom:10px}.ms-item{display:flex;flex-direction:column;align-items:center;min-width:56px}.ms-val{font-size:20px;font-weight:800;line-height:1;letter-spacing:-.3px}.ms-lbl{font-size:10px;color:var(--muted);text-transform:uppercase;letter-spacing:.4px;margin-top:2px}.monitor-log{background:#0f172a;border-radius:var(--r-sm);padding:10px 13px;font-family:Consolas,monospace;font-size:11.5px;height:140px;overflow-y:auto;line-height:1.7;margin-top:10px}.ml-ok{color:#86efac}.ml-threat{color:#fca5a5;font-weight:700}.ml-warn{color:#fcd34d}.ml-info{color:#93c5fd}.stat-box{background:var(--surface);border:1px solid var(--border);border-radius:var(--r);padding:18px 12px;text-align:center;box-shadow:var(--shadow-sm)}.stat-num{font-size:32px;font-weight:800;line-height:1;letter-spacing:-.5px}.stat-label{font-size:10px;color:var(--muted);margin-top:6px;text-transform:uppercase;letter-spacing:.6px}.trust-label{font-size:11px;font-weight:700;color:var(--muted);text-transform:uppercase;letter-spacing:.6px;margin-top:4px;text-align:center}.behavior-bar-group{margin-bottom:10px}.behavior-bar-header{display:flex;justify-content:space-between;font-size:12px;margin-bottom:4px;color:var(--text-2)}.behavior-bar-track{height:8px;background:var(--border);border-radius:4px;overflow:hidden}.behavior-bar-fill{height:100%;border-radius:4px;transition:width .5s,background .5s}code{background:var(--primary-50);border:1px solid var(--primary-100);border-radius:3px;padding:1px 5px;font-size:11.5px;color:var(--primary-text);font-family:Consolas,monospace}.qr-img{max-width:180px;border:3px solid var(--border);border-radius:var(--r);display:block;margin:10px auto}.side-compare{display:grid;grid-template-columns:1fr 1fr;gap:12px;margin-top:10px}.side-item{border:1px solid var(--border);border-radius:var(--r-sm);padding:14px;background:var(--surface)}.side-title{font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.5px;margin-bottom:8px}.env-row{display:flex;justify-content:space-between;align-items:center;padding:5px 0;border-bottom:1px solid var(--border);font-size:12px}.env-key{font-family:Consolas,monospace;color:var(--text-2)}.grid-2{display:grid;grid-template-columns:1fr 1fr;gap:16px}.grid-3{display:grid;grid-template-columns:repeat(3,1fr);gap:16px}.grid-4{display:grid;grid-template-columns:repeat(4,1fr);gap:12px}.flex{display:flex}.flex-wrap{flex-wrap:wrap}.flex-col{flex-direction:column}.items-center{align-items:center}.items-start{align-items:flex-start}.justify-between{justify-content:space-between}.justify-center{justify-content:center}.gap-1{gap:4px}.gap-2{gap:8px}.gap-3{gap:12px}.gap-4{gap:16px}.flex-1{flex:1}.min-w-0{min-width:0}.mt-1{margin-top:4px}.mt-2{margin-top:8px}.mt-3{margin-top:12px}.mt-4{margin-top:16px}.mb-1{margin-bottom:4px}.mb-2{margin-bottom:8px}.mb-3{margin-bottom:12px}.mb-4{margin-bottom:16px}.ml-auto{margin-left:auto}.ml-4{margin-left:16px}.p-3{padding:12px}.p-4{padding:16px}.text-sm{font-size:12px}.text-xs{font-size:11px}.text-muted{color:var(--muted)}.text-2{color:var(--text-2)}.text-primary{color:var(--primary)}.text-success{color:var(--success)}.text-warn{color:var(--warn)}.text-danger{color:var(--danger)}.text-center{text-align:center}.font-bold{font-weight:700}.font-600{font-weight:600}.font-800{font-weight:800}.w-full{width:100%}.uppercase{text-transform:uppercase}.letter-wide{letter-spacing:.5px}.mono{font-family:Consolas,monospace}.border-t{border-top:1px solid var(--border);padding-top:12px;margin-top:12px}@keyframes slideIn{0%{opacity:0;transform:translateY(-6px)}to{opacity:1;transform:translateY(0)}}@keyframes pulse{0%,to{opacity:1}50%{opacity:.35}}@keyframes fadeIn{0%{opacity:0}to{opacity:1}}::-webkit-scrollbar{width:6px;height:6px}::-webkit-scrollbar-track{background:var(--surface-2)}::-webkit-scrollbar-thumb{background:var(--border-2);border-radius:3px}::-webkit-scrollbar-thumb:hover{background:var(--muted)}@media(max-width:900px){.grid-4,.grid-3{grid-template-columns:1fr 1fr}.compare-grid,.side-compare{grid-template-columns:1fr}}@media(max-width:600px){.grid-2,.grid-3,.grid-4{grid-template-columns:1fr}.container{padding:16px}.topbar{padding:0 16px}}

static/index.html

@@ -1,1570 +1,19 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>AdaptiveAuth - Framework Demo</title>
-<style>
-*,*::before,*::after{box-sizing:border-box;margin:0;padding:0}
-:root{
-  --c-bg:#0d0f14;--c-surface:#13161e;--c-card:#181c26;--c-border:#252a38;
-  --c-text:#dde3ee;--c-muted:#6b7694;--c-primary:#4f6ef7;--c-success:#22c55e;
-  --c-warn:#e8a020;--c-danger:#e04545;--c-info:#3ba8cc;--r:6px
-}
-body{font-family:'Segoe UI',system-ui,-apple-system,sans-serif;background:var(--c-bg);color:var(--c-text);line-height:1.6;min-height:100vh;font-size:14px}
-.badge{display:inline-block;padding:2px 9px;border-radius:3px;font-size:11px;font-weight:700;letter-spacing:.5px;text-transform:uppercase}
-.badge-success{background:#14532d40;color:var(--c-success);border:1px solid #14532d}.badge-challenge{background:#45200340;color:var(--c-warn);border:1px solid #6b3500}.badge-blocked{background:#7f1d1d40;color:#fca5a5;border:1px solid #7f1d1d}
-.tag{display:inline-block;padding:2px 7px;border-radius:3px;font-size:11px;background:var(--c-border);color:var(--c-muted);margin:2px;font-weight:500}
-.flex{display:flex}.gap-2{gap:8px}.gap-4{gap:16px}.items-center{align-items:center}
-.mt-2{margin-top:8px}.mt-4{margin-top:16px}.mb-2{margin-bottom:8px}.mb-4{margin-bottom:16px}
-
-/* Topbar — flat, no gradient */
-.topbar{background:var(--c-surface);border-bottom:1px solid var(--c-border);padding:0 28px;display:flex;align-items:center;justify-content:space-between;height:52px;position:sticky;top:0;z-index:100}
-.topbar-logo{font-size:17px;font-weight:700;color:var(--c-primary);letter-spacing:-.2px}
-.topbar-logo span{color:var(--c-text);font-weight:400}
-.topbar-status{display:flex;align-items:center;gap:8px;font-size:12px;color:var(--c-muted)}
-.dot{width:7px;height:7px;border-radius:50%;background:var(--c-danger)}.dot.online{background:var(--c-success)}
-
-/* Layout */
-.container{max-width:1260px;margin:0 auto;padding:24px 28px}
-.main-tabs{display:flex;gap:0;border-bottom:1px solid var(--c-border);margin-bottom:24px;overflow-x:auto}
-.main-tabs button{background:none;border:none;border-bottom:2px solid transparent;color:var(--c-muted);padding:10px 20px;font-size:13px;font-weight:600;cursor:pointer;white-space:nowrap;transition:color .15s,border-color .15s}
-.main-tabs button.active{color:var(--c-primary);border-bottom-color:var(--c-primary)}
-.main-tabs button:hover:not(.active){color:var(--c-text)}
-.tab-panel{display:none}.tab-panel.active{display:block}
-
-/* Cards */
-.card{background:var(--c-card);border:1px solid var(--c-border);border-radius:var(--r);padding:18px 20px;margin-bottom:14px}
-.card-header{font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.8px;color:var(--c-muted);margin-bottom:14px;display:flex;align-items:center;gap:8px;padding-bottom:10px;border-bottom:1px solid var(--c-border)}
-
-/* Grids */
-.grid-2{display:grid;grid-template-columns:1fr 1fr;gap:14px}
-.grid-3{display:grid;grid-template-columns:repeat(3,1fr);gap:14px}
-.grid-4{display:grid;grid-template-columns:repeat(4,1fr);gap:10px}
-@media(max-width:900px){.grid-4,.grid-3{grid-template-columns:1fr 1fr}}
-@media(max-width:600px){.grid-2,.grid-3,.grid-4{grid-template-columns:1fr}}
-
-/* Buttons */
-button,.btn{display:inline-flex;align-items:center;justify-content:center;gap:5px;padding:8px 16px;border:1px solid transparent;border-radius:var(--r);font-size:13px;font-weight:600;cursor:pointer;transition:filter .12s,transform .08s;white-space:nowrap}
-button:active{transform:scale(.97)}
-button:disabled{opacity:.4;cursor:not-allowed}
-.btn-primary{background:#2d3fcc;color:#e8ecff;border-color:#3d50df}
-.btn-success{background:#1a6b3a;color:#d1fae5;border-color:#226b45}
-.btn-warn{background:#7a4810;color:#fde7b0;border-color:#8f5515}
-.btn-danger{background:#7a1f1f;color:#fecaca;border-color:#902828}
-.btn-ghost{background:transparent;color:var(--c-text);border-color:var(--c-border)}
-.btn-sm{padding:4px 10px;font-size:12px}
-.btn-full{width:100%}
-button:hover:not(:disabled){filter:brightness(1.12)}
-
-/* Forms */
-.form-group{margin-bottom:13px}
-label{display:block;font-size:11px;font-weight:600;color:var(--c-muted);margin-bottom:4px;text-transform:uppercase;letter-spacing:.5px}
-input,select{width:100%;background:var(--c-surface);border:1px solid var(--c-border);border-radius:var(--r);color:var(--c-text);padding:8px 11px;font-size:13px;transition:border-color .15s}
-input:focus,select:focus{outline:none;border-color:var(--c-primary)}
-input::placeholder{color:var(--c-muted)}
-
-/* Response boxes */
-.resp{margin-top:10px;padding:12px 14px;border-radius:var(--r);font-size:12px;font-family:'Consolas',monospace;background:var(--c-surface);border:1px solid var(--c-border);white-space:pre-wrap;word-break:break-all;display:none;max-height:280px;overflow-y:auto;line-height:1.6}
-.resp.show{display:block}
-
-/* Risk gauge */
-.gauge-wrap{text-align:center;padding:8px 0}
-.gauge-arc{position:relative;width:160px;height:92px;margin:0 auto}
-.gauge-arc svg{overflow:visible}
-.gauge-val{position:absolute;bottom:-4px;left:50%;transform:translateX(-50%);font-size:30px;font-weight:800;letter-spacing:-.5px}
-.gauge-label{margin-top:4px;font-size:12px;font-weight:700;text-transform:uppercase;letter-spacing:.8px;color:var(--c-muted)}
-
-/* Security level bar */
-.level-bar{display:flex;gap:3px;margin-top:8px}
-.level-seg{flex:1;height:6px;border-radius:3px;background:var(--c-border);transition:background .4s}
-.level-seg.active-0{background:#22c55e}.level-seg.active-1{background:#84cc16}.level-seg.active-2{background:#e8a020}.level-seg.active-3{background:#f97316}.level-seg.active-4{background:#e04545}
-
-/* Step progress */
-.steps{display:flex;gap:6px;margin-bottom:18px;overflow-x:auto}
-.step-item{flex:1;min-width:130px;background:var(--c-surface);border:1px solid var(--c-border);border-radius:var(--r);padding:10px 12px;cursor:pointer;transition:border-color .15s;text-align:center}
-.step-item.done{border-color:var(--c-success)}.step-item.active{border-color:var(--c-primary)}
-.step-num{width:26px;height:26px;border-radius:50%;background:var(--c-border);color:var(--c-muted);display:inline-flex;align-items:center;justify-content:center;font-size:12px;font-weight:700;margin-bottom:5px}
-.step-item.done .step-num{background:var(--c-success);color:#fff}.step-item.active .step-num{background:var(--c-primary);color:#fff}
-
-/* Decision panel */
-.decision-panel{background:var(--c-surface);border:1px solid var(--c-border);border-radius:var(--r);overflow:hidden}
-.decision-header{padding:12px 16px;font-size:16px;font-weight:800;text-align:center;letter-spacing:.5px}
-.decision-header.success{background:#0d2e1a;color:var(--c-success);border-bottom:1px solid #1a4d2c}
-.decision-header.challenge{background:#2d1e07;color:var(--c-warn);border-bottom:1px solid #5a3b0e}
-.decision-header.blocked{background:#2a0e0e;color:var(--c-danger);border-bottom:1px solid #5a1e1e}
-.decision-body{padding:14px}
-
-/* Risk factor bars */
-.factor-row{margin-bottom:7px}
-.factor-label{font-size:12px;color:var(--c-muted);margin-bottom:3px}
-.factor-bar-wrap{height:8px;background:var(--c-border);border-radius:3px;overflow:hidden}
-.factor-bar{height:100%;border-radius:3px;transition:width .7s ease}
-
-/* Anomaly feed */
-.anomaly-item{background:#1a0d0d;border:1px solid #3d1818;border-radius:var(--r);padding:10px 13px;margin-bottom:6px;display:flex;align-items:center;gap:10px;animation:slideIn .25s ease}
-@keyframes slideIn{from{opacity:0;transform:translateY(-6px)}to{opacity:1;transform:translateY(0)}}
-.anomaly-type{font-weight:700;font-size:13px;color:var(--c-danger)}.anomaly-meta{font-size:11px;color:var(--c-muted);margin-top:2px}
-
-/* Token bar */
-.token-bar{background:var(--c-surface);border:1px solid var(--c-border);border-radius:var(--r);padding:10px 14px;margin-bottom:18px;display:flex;align-items:center;gap:10px;font-size:12px}
-.token-val{flex:1;font-family:'Consolas',monospace;color:var(--c-info);overflow:hidden;text-overflow:ellipsis;white-space:nowrap;font-size:12px}
-
-/* Stat boxes */
-.stat-box{background:var(--c-surface);border:1px solid var(--c-border);border-radius:var(--r);padding:16px;text-align:center}
-.stat-num{font-size:30px;font-weight:800;line-height:1;letter-spacing:-.5px}
-.stat-label{font-size:10px;color:var(--c-muted);margin-top:5px;text-transform:uppercase;letter-spacing:.6px}
-
-/* Attack log */
-.attack-log{background:#0a0b10;border:1px solid #3d1818;border-radius:var(--r);padding:10px 12px;font-family:'Consolas',monospace;font-size:12px;color:#e04545;height:200px;overflow-y:auto;margin-top:10px}
-.attack-log .line{margin:2px 0}.detected{color:#d4a017;font-weight:700}.att-blocked{color:#fca5a5;font-weight:700}
-
-/* Monitoring */
-@keyframes pulse{0%,100%{opacity:1}50%{opacity:.3}}
-.monitor-pulse{animation:pulse 1.4s ease-in-out infinite}
-.monitor-badge{display:inline-flex;align-items:center;gap:5px;padding:2px 9px;border-radius:3px;font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.4px;transition:all .25s}
-.monitor-badge.mon-on{background:#2a0e0e;color:#f87171;border:1px solid #5a1e1e}
-.monitor-badge.mon-off{background:var(--c-border);color:var(--c-muted);border:1px solid transparent}
-.monitor-log{background:#0a0b10;border:1px solid var(--c-border);border-radius:var(--r);padding:10px 12px;font-family:'Consolas',monospace;font-size:11.5px;height:145px;overflow-y:auto;margin-top:10px;line-height:1.7}
-.monitor-log .ml-ok{color:#22c55e}.monitor-log .ml-threat{color:#e04545;font-weight:700}.monitor-log .ml-warn{color:#e8a020}.monitor-log .ml-info{color:#3ba8cc}
-.monitor-stats{display:flex;flex-wrap:wrap;gap:8px;padding:10px 14px;background:var(--c-surface);border:1px solid var(--c-border);border-radius:var(--r);font-size:12px;margin-bottom:10px}
-.ms-item{display:flex;flex-direction:column;align-items:center;min-width:58px}
-.ms-val{font-size:19px;font-weight:800;line-height:1;letter-spacing:-.3px}
-.ms-lbl{font-size:10px;color:var(--c-muted);text-transform:uppercase;letter-spacing:.4px;margin-top:2px}
-
-/* Compare layout */
-.compare{display:grid;grid-template-columns:1fr 1fr;gap:10px;margin-top:12px}
-.compare-side{border:1px solid var(--c-border);border-radius:var(--r);padding:13px}
-.compare-title{font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.6px;margin-bottom:8px}
-
-/* Callouts */
-.callout{padding:10px 13px;border-radius:var(--r);font-size:13px;line-height:1.6;margin-bottom:13px;border-left:3px solid}
-.callout-info{background:#08192b;border-color:var(--c-info);color:#a5d8f3}
-.callout-warn{background:#1e1400;border-color:var(--c-warn);color:#f5d48a}
-.callout-success{background:#0a1e12;border-color:var(--c-success);color:#a3e6bf}
-.callout-danger{background:#1e0a0a;border-color:var(--c-danger);color:#f5a5a5}
-
-/* Hero — no gradient text */
-.hero{padding:28px 0 20px;border-bottom:1px solid var(--c-border);margin-bottom:24px}
-.hero h1{font-size:22px;font-weight:700;color:var(--c-text);margin-bottom:4px;letter-spacing:-.3px}
-.hero h1 span{color:var(--c-primary)}
-.hero p{color:var(--c-muted);font-size:13px;margin-top:4px}
-
-/* Scrollbars */
-::-webkit-scrollbar{width:5px;height:5px}::-webkit-scrollbar-track{background:var(--c-surface)}::-webkit-scrollbar-thumb{background:var(--c-border);border-radius:3px}
-
-/* Code */
-code{background:#0d1117;border:1px solid var(--c-border);border-radius:3px;padding:1px 6px;font-size:11.5px;color:#60a5fa;font-family:'Consolas',monospace}
-
-/* Email status pills */
-.pill{display:inline-flex;align-items:center;gap:5px;padding:3px 10px;border-radius:3px;font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:.4px}
-.pill-ok{background:#0a1e12;color:var(--c-success);border:1px solid #226b45}
-.pill-err{background:#1e0a0a;color:var(--c-danger);border:1px solid #902828}
-.pill-warn{background:#1e1400;color:var(--c-warn);border:1px solid #8f5515}
-</style>
-</head>
-<body>
-<div class="topbar">
-  <div class="topbar-logo">&#x26A1; AdaptiveAuth</div>
-  <div class="topbar-status">
-    <span class="dot" id="statusDot"></span>
-    <span id="statusText">Checking&hellip;</span>
-    <button class="btn btn-ghost btn-sm" onclick="ping()" style="margin-left:8px;">Refresh</button>
-  </div>
-</div>
-
-<div class="container">
-  <div class="hero">
-    <h1>Adaptive Authentication Framework</h1>
-    <p>Production-ready risk-based auth &mdash; JWT &bull; 2FA &bull; Behavioral Analysis &bull; Anomaly Detection</p>
-  </div>
-
-  <!-- Token bar -->
-  <div class="token-bar">
-    <span style="color:var(--c-muted);font-weight:700;font-size:12px;white-space:nowrap;">JWT TOKEN</span>
-    <span class="token-val" id="tokenPreview">No token &mdash; log in first</span>
-    <button class="btn btn-ghost btn-sm" onclick="copyToken()">Copy</button>
-    <button class="btn btn-danger btn-sm" onclick="clearToken()">Clear</button>
-  </div>
-
-  <!-- Main tabs -->
-  <div class="main-tabs">
-    <button class="active" onclick="switchTab('demo1',this)">&#x1F52C; Scenario 1: Behavior</button>
-    <button onclick="switchTab('demo2',this)">&#x1F6A8; Scenario 2: Attacks</button>
-    <button onclick="switchTab('api',this)">&#x1F527; API Testing</button>
-    <button onclick="switchTab('admin',this)">&#x1F6E1;&#xFE0F; Admin Dashboard</button>
-    <button onclick="switchTab('intel',this)">&#x1F9E0; Intelligence</button>
-  </div>
-
-  <!-- ====== SCENARIO 1 ====== -->
-  <div id="tab-demo1" class="tab-panel active">
-    <div class="callout callout-info">
-      <strong>Scenario 1 &mdash; User Behaviour Anomaly Detection</strong><br>
-      The demo user has <strong>30 days of normal login history</strong> from New York on Windows Chrome (Mon&ndash;Fri, 8AM&ndash;5PM).
-      We show how the framework reacts when the <em>same password</em> is used from a completely different context.
-    </div>
-
-    <div class="steps">
-      <div class="step-item" id="s1step0"><div class="step-num">0</div><div style="font-size:12px;font-weight:700;">Setup</div><div style="font-size:11px;color:var(--c-muted);">Create demo user</div></div>
-      <div class="step-item" id="s1step1"><div class="step-num">1</div><div style="font-size:12px;font-weight:700;">Normal Login</div><div style="font-size:11px;color:var(--c-muted);">Known context</div></div>
-      <div class="step-item" id="s1step2"><div class="step-num">2</div><div style="font-size:12px;font-weight:700;">Suspicious Login</div><div style="font-size:11px;color:var(--c-muted);">Unknown context</div></div>
-      <div class="step-item" id="s1step3"><div class="step-num">3</div><div style="font-size:12px;font-weight:700;">Verify Challenge</div><div style="font-size:11px;color:var(--c-muted);">Step-up auth</div></div>
-    </div>
-
-    <div class="card">
-      <div class="card-header"><span>&#x2699;&#xFE0F;</span> Step 0 &ndash; Setup Demo Environment</div>
-      <p style="font-size:13px;color:var(--c-muted);margin-bottom:14px;">Creates the demo user with a realistic 30-day behavioral profile (15 logins from a trusted IP, device, and time window).</p>
-      <div style="display:flex;gap:10px;flex-wrap:wrap;">
-        <button class="btn btn-primary" onclick="setupDemo(false)">&#x1F527; Setup Demo</button>
-        <button class="btn btn-warn" onclick="setupDemo(true)">&#x1F504; Reset &amp; Re-setup</button>
-        <button class="btn btn-ghost" onclick="checkDemoState()">&#x1F4CA; Check State</button>
-      </div>
-      <div id="setupResp" class="resp"></div>
-    </div>
-
-    <div class="compare">
-      <div class="compare-side">
-        <div class="compare-title" style="color:var(--c-success);">&#x2705; Normal Context</div>
-        <div style="font-size:13px;">
-          <div style="margin:3px 0;"><span class="tag">IP</span> 203.0.113.10 (known)</div>
-          <div style="margin:3px 0;"><span class="tag">Location</span> New York, US</div>
-          <div style="margin:3px 0;"><span class="tag">Device</span> Windows Chrome</div>
-          <div style="margin:3px 0;"><span class="tag">Time</span> Business hours</div>
-          <div style="margin:3px 0;"><span class="tag">History</span> 15 logins seen</div>
-        </div>
-        <button class="btn btn-success btn-full mt-4" onclick="doNormalLogin()">&#x25B6; Run Normal Login</button>
-        <div id="normalLoginResp" class="resp"></div>
-      </div>
-      <div class="compare-side">
-        <div class="compare-title" style="color:var(--c-danger);">&#x1F6A9; Suspicious Context</div>
-        <div style="font-size:13px;">
-          <div style="margin:3px 0;"><span class="tag">IP</span> 198.51.100.55 (new!)</div>
-          <div style="margin:3px 0;"><span class="tag">Location</span> Moscow, Russia</div>
-          <div style="margin:3px 0;"><span class="tag">Device</span> iPhone Safari (new!)</div>
-          <div style="margin:3px 0;"><span class="tag">Time</span> Same password</div>
-          <div style="margin:3px 0;"><span class="tag">History</span> 0 logins from here</div>
-        </div>
-        <button class="btn btn-danger btn-full mt-4" onclick="doSuspiciousLogin()">&#x25B6; Run Suspicious Login</button>
-        <div id="suspLoginResp" class="resp"></div>
-      </div>
-    </div>
-
-    <div class="card" id="riskVizCard" style="display:none;">
-      <div class="card-header"><span>&#x1F4CA;</span> Risk Assessment Result</div>
-      <div class="grid-2">
-        <div>
-          <div class="gauge-wrap">
-            <div class="gauge-arc">
-              <svg width="160" height="90" viewBox="0 0 160 90">
-                <path d="M 10,80 A 70,70 0 0,1 150,80" fill="none" stroke="#2e3347" stroke-width="12" stroke-linecap="round"/>
-                <path id="gaugeArc" d="M 10,80 A 70,70 0 0,1 150,80" fill="none" stroke="#6366f1" stroke-width="12" stroke-linecap="round" stroke-dasharray="220" stroke-dashoffset="220" style="transition:stroke-dashoffset .8s ease,stroke .5s;"/>
-              </svg>
-              <div class="gauge-val" id="gaugeNum" style="color:var(--c-primary);">0</div>
-            </div>
-            <div class="gauge-label" id="gaugeLabel">Risk Score</div>
-          </div>
-        </div>
-        <div>
-          <div style="font-size:12px;color:var(--c-muted);margin-bottom:4px;">Security Level</div>
-          <div class="level-bar" id="levelBar">
-            <div class="level-seg" id="lseg0"></div><div class="level-seg" id="lseg1"></div><div class="level-seg" id="lseg2"></div><div class="level-seg" id="lseg3"></div><div class="level-seg" id="lseg4"></div>
-          </div>
-          <div style="display:flex;justify-content:space-between;font-size:10px;color:var(--c-muted);margin-top:3px;"><span>0 Trusted</span><span>4 Blocked</span></div>
-          <div style="margin-top:12px;" id="decisionBox"></div>
-        </div>
-      </div>
-      <div style="margin-top:16px;">
-        <div style="font-size:12px;color:var(--c-muted);font-weight:700;text-transform:uppercase;letter-spacing:.5px;margin-bottom:8px;">Risk Factor Breakdown</div>
-        <div id="factorBars"></div>
-      </div>
-      <div id="triggeredRules" style="margin-top:12px;"></div>
-    </div>
-
-    <div class="card" id="challengeCard" style="display:none;">
-      <div class="card-header"><span>&#x1F510;</span> Step 3 &ndash; Complete Step-up Challenge</div>
-      <div class="callout callout-warn">
-        The framework triggered a challenge because of the suspicious context.
-        In a live deployment this sends a real email. In the demo, use code <strong>000000</strong>.
-      </div>
-      <div style="display:grid;grid-template-columns:1fr 1fr;gap:12px;">
-        <div>
-          <div class="form-group"><label>Challenge ID</label><input id="challengeId" type="text" placeholder="Auto-filled from step 2" readonly></div>
-          <div class="form-group"><label>Verification Code</label><input id="challengeCode" type="text" placeholder="Enter code (000000 for demo)"></div>
-          <button class="btn btn-primary btn-full" onclick="doCompleteChallenge()">&#x2705; Verify &amp; Complete Login</button>
-        </div>
-        <div style="font-size:13px;color:var(--c-muted);">
-          <p><strong>Why was this required?</strong></p>
-          <ul style="margin-top:8px;padding-left:18px;line-height:2;">
-            <li>Unknown IP address</li><li>New device fingerprint</li><li>Geographic location changed</li><li>Security Level &ge; 2 &rarr; challenge required</li>
-          </ul>
-        </div>
-      </div>
-      <div id="challengeResp" class="resp"></div>
-    </div>
-  </div><!-- /demo1 -->
-
-  <!-- ====== SCENARIO 2 ====== -->
-  <div id="tab-demo2" class="tab-panel">
-    <div class="callout callout-danger">
-      <strong>Scenario 2 &mdash; Attack &amp; Anomaly Detection</strong><br>
-      We simulate a brute-force attack from an attacker IP, watch the <code>AnomalyDetector</code> fire in real time,
-      then show how a <em>legitimate user</em> is treated vs the <em>attacker with the correct password</em>.
-    </div>
-
-    <div class="steps">
-      <div class="step-item" id="s2step1"><div class="step-num">1</div><div style="font-size:12px;font-weight:700;">Brute Force</div><div style="font-size:11px;color:var(--c-muted);">Inject failed logins</div></div>
-      <div class="step-item" id="s2step2"><div class="step-num">2</div><div style="font-size:12px;font-weight:700;">Legit User</div><div style="font-size:11px;color:var(--c-muted);">Normal login during attack</div></div>
-      <div class="step-item" id="s2step3"><div class="step-num">3</div><div style="font-size:12px;font-weight:700;">Attacker Unmasked</div><div style="font-size:11px;color:var(--c-muted);">Correct password, still blocked</div></div>
-    </div>
-
-    <div class="grid-2">
-      <div>
-        <div class="card">
-          <div class="card-header"><span>&#x1F4A3;</span> Step 1 &ndash; Simulate Brute Force Attack</div>
-          <p style="font-size:13px;color:var(--c-muted);margin-bottom:12px;">Injects failed login attempts from attacker IP <code>192.0.2.100</code> (Beijing, China), then triggers the AnomalyDetector.</p>
-          <div class="form-group"><label>Number of attempts</label><input id="attackAttempts" type="number" value="12" min="5" max="25"></div>
-          <button class="btn btn-danger btn-full" onclick="doSimulateAttack()">&#x1F4A5; Launch Attack Simulation</button>
-          <div class="attack-log" id="attackLog" style="display:none;"></div>
-          <div id="attackResp" class="resp"></div>
-        </div>
-        <div class="card">
-          <div class="card-header" style="justify-content:space-between;">
-            <span>&#x1F6A8; Live Anomaly Feed &amp; Monitoring</span>
-            <span id="monitorBadge" class="monitor-badge mon-off">&#x23F8; Idle</span>
-          </div>
-          <!-- Controls -->
-          <div style="display:flex;gap:8px;flex-wrap:wrap;margin-bottom:12px;align-items:center;">
-            <button id="monitorBtn" class="btn btn-success btn-sm" onclick="toggleMonitoring()">&#x25B6; Start Monitoring</button>
-            <button class="btn btn-ghost btn-sm" onclick="refreshAnomalies()">&#x1F504; Refresh Feed</button>
-            <button class="btn btn-danger btn-sm" onclick="clearAnomalies()">&#x1F5D1; Clear</button>
-            <span style="font-size:11px;color:var(--c-muted);">Runs a full scan cycle every 2 s when active</span>
-          </div>
-          <!-- Stats strip (shown while monitoring active) -->
-          <div class="monitor-stats" id="monitorStats" style="display:none;">
-            <div class="ms-item"><div class="ms-val" id="msThreatVal" style="color:var(--c-danger);">—</div><div class="ms-lbl">Threat</div></div>
-            <div class="ms-item"><div class="ms-val" id="msAnomalyVal" style="color:var(--c-warn);">—</div><div class="ms-lbl">Anomalies</div></div>
-            <div class="ms-item"><div class="ms-val" id="msFailedVal" style="color:var(--c-danger);">—</div><div class="ms-lbl">Failed/1h</div></div>
-            <div class="ms-item"><div class="ms-val" id="msSessionVal" style="color:var(--c-info);">—</div><div class="ms-lbl">Sessions</div></div>
-            <div class="ms-item"><div class="ms-val" id="msSuspVal" style="color:var(--c-warn);">—</div><div class="ms-lbl">Suspicious</div></div>
-            <div class="ms-item" style="margin-left:auto;"><div class="ms-val" id="msCycleVal" style="font-size:11px;color:var(--c-muted);">—</div><div class="ms-lbl">Last cycle</div></div>
-          </div>
-          <!-- Monitoring log -->
-          <div class="monitor-log" id="monitorLog" style="display:none;"></div>
-          <!-- Anomaly feed -->
-          <div id="anomalyFeed"><p style="color:var(--c-muted);font-size:13px;">No anomalies yet. Run the attack simulation above.</p></div>
-        </div>
-      </div>
-      <div>
-        <div class="card">
-          <div class="card-header"><span>&#x1F464;</span> Step 2 &ndash; Legitimate User Logs In</div>
-          <p style="font-size:13px;color:var(--c-muted);margin-bottom:12px;">Same account. Logs in from <strong>New York (trusted IP, trusted device)</strong> while the attack is in progress.</p>
-          <button class="btn btn-success btn-full" onclick="doLegitLogin()">&#x25B6; Login as Legitimate User</button>
-          <div id="legitResp" class="resp"></div>
-        </div>
-        <div class="card">
-          <div class="card-header"><span>&#x1F916;</span> Step 3 &ndash; Attacker Uses Correct Password</div>
-          <p style="font-size:13px;color:var(--c-muted);margin-bottom:12px;">The attacker somehow obtained the real password. See what happens.<br><strong>Spoiler:</strong> correct password alone is not enough.</p>
-          <button class="btn btn-warn btn-full" onclick="doAttackerLogin()">&#x1F511; Attacker Login Attempt</button>
-          <div id="attackerLoginResp" class="resp"></div>
-        </div>
-        <div class="card">
-          <div class="card-header"><span>&#x2696;&#xFE0F;</span> Side-by-side Comparison</div>
-          <div id="compareBox" style="font-size:13px;color:var(--c-muted);">Run steps 2 and 3 to see the comparison.</div>
-        </div>
-      </div>
-    </div>
-  </div><!-- /demo2 -->
-
-  <!-- ====== API TESTING ====== -->
-  <div id="tab-api" class="tab-panel">
-    <div class="grid-2">
-      <div class="card">
-        <div class="card-header"><span>&#x1F4DD;</span> Register</div>
-        <div class="form-group"><label>Email</label><input id="regEmail" type="email" placeholder="user@example.com"></div>
-        <div class="form-group"><label>Password</label><input id="regPassword" type="password" placeholder="Min 8 chars, upper, lower, digit"></div>
-        <div class="form-group"><label>Full Name</label><input id="regName" type="text" placeholder="Optional"></div>
-        <button class="btn btn-primary btn-full" onclick="apiRegister()">Register</button>
-        <div id="regResp" class="resp"></div>
-      </div>
-      <div class="card">
-        <div class="card-header"><span>&#x1F511;</span> Login</div>
-        <div class="form-group"><label>Email</label><input id="loginEmail" type="email" placeholder="user@example.com"></div>
-        <div class="form-group"><label>Password</label><input id="loginPassword" type="password" placeholder="Password"></div>
-        <div style="display:flex;gap:8px;">
-          <button class="btn btn-primary" style="flex:1;" onclick="apiLogin()">Login</button>
-          <button class="btn btn-ghost" style="flex:1;" onclick="apiAdaptiveLogin()">Adaptive Login</button>
-        </div>
-        <div id="loginResp" class="resp"></div>
-      </div>
-      <div class="card">
-        <div class="card-header"><span>&#x1F510;</span> Two-Factor Auth (TOTP)</div>
-        <div style="display:flex;flex-wrap:wrap;gap:8px;margin-bottom:10px;">
-          <button class="btn btn-primary btn-sm" onclick="api2faEnable()">Enable 2FA</button>
-          <button class="btn btn-ghost btn-sm" onclick="api2faStatus()">Status</button>
-          <button class="btn btn-danger btn-sm" onclick="api2faDisable()">Disable</button>
-        </div>
-        <div id="qrWrap" style="text-align:center;margin:10px 0;"></div>
-        <div class="form-group"><label>TOTP Code</label><input id="totpCode" type="text" placeholder="6-digit code from authenticator"></div>
-        <button class="btn btn-success btn-full" onclick="api2faVerify()">Verify &amp; Activate</button>
-        <div id="tfaResp" class="resp"></div>
-      </div>
-      <div class="card">
-        <div class="card-header"><span>&#x1F464;</span> My Profile</div>
-        <div style="display:flex;flex-wrap:wrap;gap:8px;margin-bottom:10px;">
-          <button class="btn btn-ghost btn-sm" onclick="apiGetProfile()">Profile</button>
-          <button class="btn btn-ghost btn-sm" onclick="apiGetSecurity()">Security</button>
-          <button class="btn btn-ghost btn-sm" onclick="apiGetDevices()">Devices</button>
-          <button class="btn btn-ghost btn-sm" onclick="apiGetSessions()">Sessions</button>
-          <button class="btn btn-danger btn-sm" onclick="apiRevokeAll()">Revoke All</button>
-        </div>
-        <div id="profileResp" class="resp"></div>
-      </div>
-      <div class="card">
-        <div class="card-header"><span>&#x1F512;</span> Password Management</div>
-        <div class="form-group"><label>Current Password</label><input id="curPwd" type="password"></div>
-        <div class="form-group"><label>New Password</label><input id="newPwd" type="password"></div>
-        <button class="btn btn-warn btn-full" onclick="apiChangePwd()">Change Password</button>
-        <hr style="border-color:var(--c-border);margin:14px 0;">
-        <div class="form-group"><label>Email for Reset Link</label><input id="resetEmail" type="email"></div>
-        <button class="btn btn-ghost btn-full" onclick="apiForgotPwd()">Send Reset Email</button>
-        <div id="pwdResp" class="resp"></div>
-      </div>
-      <div class="card">
-        <div class="card-header"><span>&#x1F6E1;&#xFE0F;</span> Protected Endpoints</div>
-        <p style="font-size:13px;color:var(--c-muted);margin-bottom:12px;">Test JWT-protected routes. Must have a valid token saved.</p>
-        <div style="display:flex;flex-wrap:wrap;gap:8px;">
-          <button class="btn btn-success btn-sm" onclick="apiProtected()">Test /protected</button>
-          <button class="btn btn-warn btn-sm" onclick="apiAdminOnly()">Test /admin-only</button>
-          <button class="btn btn-ghost btn-sm" onclick="apiRiskProfile()">Risk Profile</button>
-          <button class="btn btn-ghost btn-sm" onclick="apiLogout()">Logout</button>
-        </div>
-        <div id="protResp" class="resp"></div>
-      </div>
-    </div>
-  </div><!-- /api -->
-
-  <!-- ====== ADMIN ====== -->
-  <div id="tab-admin" class="tab-panel">
-    <div class="callout callout-warn">
-      Admin endpoints require an admin JWT token. Login with <code>demo.admin@adaptive.demo</code> / <code>Admin@Demo456!</code> first.
-    </div>
-    <div class="card">
-      <div class="card-header"><span>&#x1F511;</span> Quick Admin Login</div>
-      <div style="display:flex;gap:10px;align-items:center;flex-wrap:wrap;">
-        <span style="font-size:13px;">credentials: <code>demo.admin@adaptive.demo</code> / <code>Admin@Demo456!</code></span>
-        <button class="btn btn-primary btn-sm" onclick="quickAdminLogin()">Login as Admin</button>
-      </div>
-      <div id="adminLoginResp" class="resp"></div>
-    </div>
-    <button class="btn btn-ghost" style="margin-bottom:12px;" onclick="loadAdminStats()">&#x1F504; Load Statistics</button>
-    <div class="grid-4 mb-4" id="statsGrid">
-      <div class="stat-box"><div class="stat-num" style="color:var(--c-info);">&mdash;</div><div class="stat-label">Total Users</div></div>
-      <div class="stat-box"><div class="stat-num" style="color:var(--c-success);">&mdash;</div><div class="stat-label">Active Sessions</div></div>
-      <div class="stat-box"><div class="stat-num" style="color:var(--c-danger);">&mdash;</div><div class="stat-label">High Risk Today</div></div>
-      <div class="stat-box"><div class="stat-num" style="color:var(--c-warn);">&mdash;</div><div class="stat-label">Failed Logins</div></div>
-    </div>
-    <div class="card" id="emailStatusCard">
-      <div class="card-header" style="justify-content:space-between;">
-        <span style="display:flex;align-items:center;gap:8px;">&#x2709;&#xFE0F; Email Service Status</span>
-        <button class="btn btn-ghost btn-sm" onclick="checkEmailStatus()">&#x1F504; Refresh</button>
-      </div>
-      <div id="emailStatusBody" style="font-size:13px;color:var(--c-muted);">Click Refresh to check email configuration.</div>
-    </div>
-    <div class="grid-2">
-      <div class="card">
-        <div class="card-header"><span>&#x1F465;</span> User Management</div>
-        <div style="display:flex;gap:8px;flex-wrap:wrap;margin-bottom:10px;">
-          <button class="btn btn-ghost btn-sm" onclick="adminGetUsers()">List Users</button>
-          <button class="btn btn-ghost btn-sm" onclick="adminGetSessions()">List Sessions</button>
-        </div>
-        <div class="form-group"><label>User ID</label><input id="adminUserId" type="number" placeholder="User ID"></div>
-        <div style="display:flex;gap:8px;">
-          <button class="btn btn-success btn-sm" style="flex:1;" onclick="adminUnblock()">Unblock</button>
-          <button class="btn btn-danger btn-sm" style="flex:1;" onclick="adminBlock()">Block</button>
-        </div>
-        <div id="adminUserResp" class="resp"></div>
-      </div>
-      <div class="card">
-        <div class="card-header"><span>&#x26A0;&#xFE0F;</span> Risk Events &amp; Anomalies</div>
-        <div style="display:flex;gap:8px;flex-wrap:wrap;margin-bottom:10px;">
-          <button class="btn btn-warn btn-sm" onclick="adminGetRiskEvents()">Risk Events</button>
-          <button class="btn btn-danger btn-sm" onclick="adminGetAnomalies()">Active Anomalies</button>
-          <button class="btn btn-ghost btn-sm" onclick="adminRiskOverview()">Overview</button>
-        </div>
-        <div id="adminRiskResp" class="resp"></div>
-      </div>
-    </div>
-    <div class="card">
-      <div class="card-header"><span>&#x1F4C8;</span> Risk Statistics</div>
-      <div style="display:flex;gap:8px;margin-bottom:10px;">
-        <button class="btn btn-ghost btn-sm" onclick="adminRiskStatsPeriod('day')">Day</button>
-        <button class="btn btn-ghost btn-sm" onclick="adminRiskStatsPeriod('week')">Week</button>
-        <button class="btn btn-ghost btn-sm" onclick="adminRiskStatsPeriod('month')">Month</button>
-      </div>
-      <div id="statsResp" class="resp"></div>
-    </div>
-  </div><!-- /admin -->
-
-  <!-- ====== INTELLIGENCE ====== -->
-  <div id="tab-intel" class="tab-panel">
-    <div class="callout callout-info">
-      <strong>&#x1F9E0; Session Intelligence &mdash; 8 Advanced Security Features</strong><br>
-      Continuous Verification &bull; Behavioral Intelligence &bull; Dynamic Trust Score &bull;
-      Micro-Challenges &bull; Explainability &bull; AI Anomaly Detection &bull; Impossible Travel &bull; Privacy-First Design.
-    </div>
-
-    <!-- Quick login -->
-    <div class="card" style="margin-bottom:10px;">
-      <div class="card-header"><span>&#x1F511;</span> Session Authentication</div>
-      <div style="display:flex;align-items:center;gap:10px;flex-wrap:wrap;">
-        <span style="font-size:13px;color:var(--c-muted);">Protected features require a JWT token.</span>
-        <button class="btn btn-primary btn-sm" onclick="intelQuickLogin()">&#x26A1; Quick Login (demo user)</button>
-        <div id="intelLoginStatus" style="font-size:12px;"></div>
-      </div>
-    </div>
-
-    <!-- Trust Score + Continuous Verify -->
-    <div class="card">
-      <div class="card-header"><span>&#x1F6E1;&#xFE0F;</span> Dynamic Trust Score &amp; Continuous Verification</div>
-      <div style="display:flex;gap:20px;align-items:flex-start;flex-wrap:wrap;">
-        <div style="text-align:center;min-width:155px;">
-          <svg width="155" height="95" viewBox="-5 -5 165 105">
-            <path d="M 10 80 A 65 65 0 0 1 140 80" stroke="#1e293b" stroke-width="16" fill="none"/>
-            <path id="trustArc" d="M 10 80 A 65 65 0 0 1 140 80" stroke="#22c55e" stroke-width="16" fill="none"
-                  stroke-dasharray="204" stroke-dashoffset="204" stroke-linecap="round"
-                  style="transition:stroke-dashoffset .6s,stroke .6s;"/>
-            <text id="trustNum" x="75" y="77" text-anchor="middle" font-size="28" font-weight="700" fill="#f1f5f9">--</text>
-            <text x="75" y="93" text-anchor="middle" font-size="10" fill="#64748b">/ 100</text>
-          </svg>
-          <div id="trustLabel" style="font-size:11px;font-weight:700;color:var(--c-muted);">LOADING&#8230;</div>
-        </div>
-        <div style="flex:1;min-width:180px;">
-          <div style="display:flex;gap:6px;flex-wrap:wrap;margin-bottom:8px;">
-            <button class="btn btn-ghost btn-sm" onclick="intelGetTrust()">&#x1F504; Refresh</button>
-            <button class="btn btn-ghost btn-sm" onclick="intelContinuousVerify()">&#x2714; Verify Now</button>
-            <button class="btn btn-warn btn-sm" onclick="intelDropTrust()">&#x1F53D; Drop to 25</button>
-          </div>
-          <div id="trustHistoryWrap" style="max-height:130px;overflow-y:auto;font-size:11px;"></div>
-        </div>
-      </div>
-      <div id="trustResp" class="resp"></div>
-    </div>
-
-    <!-- Privacy-First Behavior Monitor -->
-    <div class="card">
-      <div class="card-header"><span>&#x1F512;</span> Privacy-First Behavioral Intelligence</div>
-      <div class="callout callout-info" style="font-size:12px;padding:8px 12px;margin-bottom:10px;">
-        <strong>&#x1F512; Privacy-First:</strong> Keystroke timings, mouse coords and scroll deltas are processed
-        <em>entirely in-browser</em>. Only the aggregated 0&ndash;1 scores are sent to the server.
-      </div>
-      <div style="display:flex;gap:8px;margin-bottom:12px;flex-wrap:wrap;">
-        <button class="btn btn-success btn-sm" id="behaviorCollectBtn" onclick="toggleBehaviorCollector()">&#x25B6; Start Collecting</button>
-        <button class="btn btn-primary btn-sm" onclick="intelSendBehavior()">&#x1F4E4; Send Signals</button>
-        <span id="collectStatus" style="font-size:12px;color:var(--c-muted);align-self:center;"></span>
-      </div>
-      <div style="display:grid;gap:10px;">
-        <div>
-          <div style="display:flex;justify-content:space-between;font-size:12px;margin-bottom:3px;">
-            <span>&#x2328;&#xFE0F; Typing Entropy <span style="color:var(--c-muted);">(1.0&nbsp;= human-like rhythm)</span></span>
-            <span id="teVal">--</span>
-          </div>
-          <div style="height:8px;background:#1e293b;border-radius:4px;overflow:hidden;">
-            <div id="teBar" style="height:100%;width:0%;background:#22c55e;transition:width .5s,background .5s;border-radius:4px;"></div>
-          </div>
-        </div>
-        <div>
-          <div style="display:flex;justify-content:space-between;font-size:12px;margin-bottom:3px;">
-            <span>&#x1F5B1;&#xFE0F; Mouse Linearity <span style="color:var(--c-muted);">(1.0&nbsp;= curved/natural)</span></span>
-            <span id="mlVal">--</span>
-          </div>
-          <div style="height:8px;background:#1e293b;border-radius:4px;overflow:hidden;">
-            <div id="mlBar" style="height:100%;width:0%;background:#22c55e;transition:width .5s,background .5s;border-radius:4px;"></div>
-          </div>
-        </div>
-        <div>
-          <div style="display:flex;justify-content:space-between;font-size:12px;margin-bottom:3px;">
-            <span>&#x1F4DC; Scroll Variance <span style="color:var(--c-muted);">(0.5&nbsp;= organic human rhythm)</span></span>
-            <span id="svVal">--</span>
-          </div>
-          <div style="height:8px;background:#1e293b;border-radius:4px;overflow:hidden;">
-            <div id="svBar" style="height:100%;width:0%;background:#22c55e;transition:width .5s,background .5s;border-radius:4px;"></div>
-          </div>
-        </div>
-      </div>
-      <div id="behaviorResp" class="resp" style="margin-top:10px;"></div>
-    </div>
-
-    <!-- Impossible Travel + AI Anomaly (2-col) -->
-    <div style="display:grid;grid-template-columns:1fr 1fr;gap:14px;margin-bottom:14px;">
-      <!-- Impossible Travel -->
-      <div class="card" style="margin:0;">
-        <div class="card-header"><span>&#x2708;&#xFE0F;</span> Impossible Travel Detector</div>
-        <div style="display:grid;gap:8px;">
-          <div style="display:grid;grid-template-columns:1fr 1fr;gap:6px;">
-            <div>
-              <label style="font-size:11px;color:var(--c-muted);">FROM city</label>
-              <select id="travelFrom" class="form-input" style="margin-top:3px;width:100%;"></select>
-            </div>
-            <div>
-              <label style="font-size:11px;color:var(--c-muted);">TO city</label>
-              <select id="travelTo" class="form-input" style="margin-top:3px;width:100%;"></select>
-            </div>
-          </div>
-          <div>
-            <label style="font-size:11px;color:var(--c-muted);">Time gap (hours)</label>
-            <input id="travelHours" class="form-input" type="number" value="2" min="0.01" step="0.5" style="width:100%;margin-top:3px;">
-          </div>
-          <button class="btn btn-primary btn-sm" onclick="intelCheckTravel()">&#x1F4CF; Calculate Travel Risk</button>
-        </div>
-        <div id="travelResult" style="margin-top:10px;font-size:13px;"></div>
-      </div>
-
-      <!-- AI Anomaly Scorer -->
-      <div class="card" style="margin:0;">
-        <div class="card-header"><span>&#x1F916;</span> AI Anomaly Scorer</div>
-        <div style="display:grid;gap:6px;font-size:12px;">
-          <div style="display:grid;grid-template-columns:1fr auto;gap:6px;align-items:center;">
-            <span>Typing entropy</span>
-            <input id="aiTyping" type="number" class="form-input" value="0.70" min="0" max="1" step="0.05" style="width:72px;text-align:right;padding:3px 6px;">
-          </div>
-          <div style="display:grid;grid-template-columns:1fr auto;gap:6px;align-items:center;">
-            <span>Mouse linearity</span>
-            <input id="aiMouse" type="number" class="form-input" value="0.62" min="0" max="1" step="0.05" style="width:72px;text-align:right;padding:3px 6px;">
-          </div>
-          <div style="display:grid;grid-template-columns:1fr auto;gap:6px;align-items:center;">
-            <span>Scroll variance</span>
-            <input id="aiScroll" type="number" class="form-input" value="0.48" min="0" max="1" step="0.05" style="width:72px;text-align:right;padding:3px 6px;">
-          </div>
-          <div style="display:grid;grid-template-columns:1fr auto;gap:6px;align-items:center;">
-            <span>Hour norm. <span style="color:var(--c-muted);">(0=midnight, 1=noon)</span></span>
-            <input id="aiHour" type="number" class="form-input" value="0.55" min="0" max="1" step="0.05" style="width:72px;text-align:right;padding:3px 6px;">
-          </div>
-          <div style="display:grid;grid-template-columns:1fr auto;gap:6px;align-items:center;">
-            <span>Failed attempts <span style="color:var(--c-muted);">(÷20)</span></span>
-            <input id="aiFailed" type="number" class="form-input" value="0.00" min="0" max="1" step="0.05" style="width:72px;text-align:right;padding:3px 6px;">
-          </div>
-          <button class="btn btn-primary btn-sm" onclick="intelScoreAnomaly()">&#x1F9E0; Score with AI</button>
-        </div>
-        <div id="anomalyResult" style="margin-top:10px;"></div>
-      </div>
-    </div>
-
-    <!-- Micro-Challenges -->
-    <div class="card">
-      <div class="card-header"><span>&#x1F9E9;</span> Low-Friction Micro-Challenges</div>
-      <p style="font-size:13px;color:var(--c-muted);margin-bottom:10px;">
-        Challenges fire <em>only when trust drops below 40</em> &mdash; never interrupts a trusted session.
-      </p>
-      <div style="display:flex;gap:8px;flex-wrap:wrap;margin-bottom:10px;">
-        <button class="btn btn-warn btn-sm" onclick="intelDropTrust()">&#x1F53D; Drop Trust to 25</button>
-        <button class="btn btn-primary btn-sm" onclick="intelGenerateChallenge()">&#x1F9E9; Generate Challenge</button>
-      </div>
-      <div id="challengePanel" style="display:none;" class="callout callout-info">
-        <div style="font-size:16px;font-weight:700;margin-bottom:10px;" id="challengeQuestion">&#8230;</div>
-        <div style="display:flex;gap:8px;align-items:center;">
-          <input id="challengeAnswer" class="form-input" type="text" placeholder="Your answer&#8230;" style="width:160px;">
-          <button class="btn btn-success btn-sm" onclick="intelVerifyChallenge()">&#x2714; Verify</button>
-        </div>
-        <div id="challengeResultMsg" style="font-size:12px;margin-top:8px;"></div>
-      </div>
-      <div id="challengeResp" class="resp"></div>
-    </div>
-
-    <!-- Explainability (demo — no auth) -->
-    <div class="card">
-      <div class="card-header"><span>&#x1F4CA;</span> Explainable Risk Transparency</div>
-      <p style="font-size:13px;color:var(--c-muted);margin-bottom:10px;">
-        Submit factor scores and see exactly which signals contributed and why &mdash; with model weights.
-      </p>
-      <div style="display:grid;grid-template-columns:repeat(3,1fr);gap:8px;margin-bottom:10px;font-size:12px;">
-        <div>
-          <label style="color:var(--c-muted);">&#x1F30D; Location (0&ndash;100)</label>
-          <input id="expLocation" type="number" class="form-input" value="85" min="0" max="100" style="width:100%;margin-top:4px;">
-        </div>
-        <div>
-          <label style="color:var(--c-muted);">&#x1F4BB; Device</label>
-          <input id="expDevice" type="number" class="form-input" value="15" min="0" max="100" style="width:100%;margin-top:4px;">
-        </div>
-        <div>
-          <label style="color:var(--c-muted);">&#x1F550; Time</label>
-          <input id="expTime" type="number" class="form-input" value="10" min="0" max="100" style="width:100%;margin-top:4px;">
-        </div>
-        <div>
-          <label style="color:var(--c-muted);">&#x26A1; Velocity</label>
-          <input id="expVelocity" type="number" class="form-input" value="5" min="0" max="100" style="width:100%;margin-top:4px;">
-        </div>
-        <div>
-          <label style="color:var(--c-muted);">&#x1F9E0; Behavior</label>
-          <input id="expBehavior" type="number" class="form-input" value="20" min="0" max="100" style="width:100%;margin-top:4px;">
-        </div>
-        <div>
-          <label style="color:var(--c-muted);">Security level (0&ndash;4)</label>
-          <input id="expLevel" type="number" class="form-input" value="2" min="0" max="4" style="width:100%;margin-top:4px;">
-        </div>
-      </div>
-      <button class="btn btn-primary btn-sm" onclick="intelExplain()">&#x1F50D; Generate Explanation</button>
-      <div id="explainResult" style="margin-top:12px;"></div>
-    </div>
-
-    <!-- Session Audit Trail (authed) -->
-    <div class="card">
-      <div class="card-header"><span>&#x1F4CB;</span> Session Audit Trail <span style="color:var(--c-muted);font-size:12px;">(requires login)</span></div>
-      <button class="btn btn-ghost btn-sm" onclick="intelSessionExplain()" style="margin-bottom:8px;">&#x1F4C4; Fetch My Session Events</button>
-      <div id="sessionExplainResp" class="resp"></div>
-    </div>
-  </div><!-- /intel -->
-</div><!-- /container -->
-
-<script>
-const API   = location.origin + '/api/v1';
-const AUTH  = API + '/auth';
-const DEMO  = API + '/demo';
-const ADMIN = API + '/admin';
-const USER  = API + '/user';
-const RISK  = API + '/risk';
-
-function getToken()  { return localStorage.getItem('token') || ''; }
-function saveToken(t){ localStorage.setItem('token', t); refreshTokenBar(); }
-function clearToken(){ localStorage.removeItem('token'); refreshTokenBar(); }
-function copyToken() {
-  const t = getToken();
-  if (!t) { alert('No token to copy.'); return; }
-  navigator.clipboard.writeText(t).then(() => alert('Token copied!')).catch(() => alert(t.substring(0, 80) + '...'));
-}
-function refreshTokenBar() {
-  const t = getToken();
-  document.getElementById('tokenPreview').textContent = t ? (t.substring(0, 60) + '...') : 'No token — log in first';
-}
-
-async function req(url, method, body, auth) {
-  if (method === undefined) method = 'GET';
-  if (auth === undefined) auth = true;
-  const headers = { 'Content-Type': 'application/json' };
-  if (auth && getToken()) headers['Authorization'] = 'Bearer ' + getToken();
-  try {
-    const r = await fetch(url, { method: method, headers: headers, body: body ? JSON.stringify(body) : undefined });
-    const data = await r.json().catch(function() { return {}; });
-    return { ok: r.ok, status: r.status, data: data };
-  } catch(e) {
-    return { ok: false, status: 0, data: { detail: e.message } };
-  }
-}
-
-function showResp(id, r, extractToken) {
-  const el = document.getElementById(id);
-  el.classList.add('show');
-  if (extractToken && r.ok) {
-    const t = r.data && (r.data.access_token || (r.data.framework_decision && r.data.framework_decision.access_token));
-    if (t) saveToken(t);
-  }
-  el.style.color = r.ok ? 'var(--c-success)' : 'var(--c-danger)';
-  el.textContent = JSON.stringify(r.data, null, 2);
-}
-
-function setStep(prefix, step, state) {
-  if (!state) state = 'active';
-  for (var i = 0; i <= 4; i++) {
-    var el = document.getElementById(prefix + 'step' + i);
-    if (!el) continue;
-    el.classList.remove('active', 'done');
-    if (i < step) el.classList.add('done');
-    else if (i === step) el.classList.add(state);
-  }
-}
-
-async function ping() {
-  const dot = document.getElementById('statusDot');
-  const text = document.getElementById('statusText');
-  dot.className = 'dot'; text.textContent = 'Checking...';
-  try {
-    const r = await fetch(location.origin + '/health');
-    if (r.ok) { dot.className = 'dot online'; text.textContent = 'Server online'; }
-    else { dot.className = 'dot'; text.textContent = 'Server error (' + r.status + ')'; }
-  } catch(e) {
-    dot.className = 'dot'; text.textContent = 'Server offline';
-  }
-}
-
-function switchTab(id, btn) {
-  document.querySelectorAll('.tab-panel').forEach(function(p) { p.classList.remove('active'); });
-  document.querySelectorAll('.main-tabs button').forEach(function(b) { b.classList.remove('active'); });
-  document.getElementById('tab-' + id).classList.add('active');
-  btn.classList.add('active');
-  if (id === 'demo2') refreshAnomalies();
-  if (id === 'admin') { loadAdminStats(); checkEmailStatus(); }
-  if (id === 'intel') intelInitTab();
-}
-
-/* ---- SCENARIO 1 ---- */
-async function setupDemo(reset) {
-  setStep('s1', 0, 'active');
-  const r = await req(DEMO + '/setup?reset=' + (reset ? 'true' : 'false'), 'POST', null, false);
-  showResp('setupResp', r);
-  if (r.ok) setStep('s1', 0, 'done');
-}
-
-async function checkDemoState() {
-  const r = await req(DEMO + '/state', 'GET', null, false);
-  showResp('setupResp', r);
-}
-
-async function doNormalLogin() {
-  setStep('s1', 1, 'active');
-  const r = await req(DEMO + '/scenario1/normal-login', 'POST', null, false);
-  showResp('normalLoginResp', r, true);
-  if (r.ok && r.data && r.data.framework_decision && r.data.framework_decision.status === 'success') {
-    setStep('s1', 1, 'done');
-    showRiskViz(r.data.framework_decision, r.data.what_the_framework_checked);
-    document.getElementById('challengeCard').style.display = 'none';
-    document.getElementById('riskVizCard').style.display = 'block';
-  }
-}
-
-async function doSuspiciousLogin() {
-  setStep('s1', 2, 'active');
-  const r = await req(DEMO + '/scenario1/suspicious-login', 'POST', null, false);
-  showResp('suspLoginResp', r);
-  if (r.ok && r.data) {
-    setStep('s1', 2, 'done');
-    var decision = r.data.framework_decision || {};
-    showRiskViz(decision, r.data.anomalies_triggered);
-    if (decision.status === 'challenge_required' && decision.challenge_id) {
-      document.getElementById('challengeId').value = decision.challenge_id;
-      document.getElementById('challengeCard').style.display = 'block';
-      setStep('s1', 3, 'active');
-    } else {
-      document.getElementById('challengeCard').style.display = 'none';
-    }
-    document.getElementById('riskVizCard').style.display = 'block';
-  }
-}
-
-async function doCompleteChallenge() {
-  var id = document.getElementById('challengeId').value.trim();
-  var code = document.getElementById('challengeCode').value.trim();
-  if (!id || !code) { alert('Enter challenge ID and code.'); return; }
-  const r = await req(DEMO + '/scenario1/complete-challenge?challenge_id=' + encodeURIComponent(id) + '&code=' + encodeURIComponent(code), 'POST', null, false);
-  showResp('challengeResp', r, true);
-  if (r.ok && r.data && r.data.result && r.data.result.status === 'success') {
-    setStep('s1', 3, 'done');
-  }
-}
-
-function showRiskViz(decision, notes) {
-  document.getElementById('riskVizCard').style.display = 'block';
-  var score = decision.risk_score || 0;
-  var level = decision.security_level !== undefined ? decision.security_level : 0;
-  var rl = (decision.risk_level || 'low').toLowerCase();
-  var status = decision.status || 'success';
-  var ARC_LEN = 220;
-  var offset = ARC_LEN - (score / 100) * ARC_LEN;
-  var colours = { low: '#22c55e', medium: '#f59e0b', high: '#f97316', critical: '#ef4444' };
-  var colour = colours[rl] || '#6366f1';
-  var arc = document.getElementById('gaugeArc');
-  arc.setAttribute('stroke-dashoffset', offset);
-  arc.setAttribute('stroke', colour);
-  document.getElementById('gaugeNum').textContent = Math.round(score);
-  document.getElementById('gaugeNum').style.color = colour;
-  document.getElementById('gaugeLabel').textContent = rl.toUpperCase() + ' RISK';
-  document.getElementById('gaugeLabel').style.color = colour;
-  var labels = ['active-0','active-1','active-2','active-3','active-4'];
-  for (var i = 0; i < 5; i++) {
-    var seg = document.getElementById('lseg' + i);
-    seg.className = 'level-seg';
-    if (i <= level) seg.classList.add(labels[i]);
-  }
-  var dbox = document.getElementById('decisionBox');
-  var statusLabels = { success: 'ACCESS GRANTED', challenge_required: 'CHALLENGE REQUIRED', blocked: 'BLOCKED' };
-  var statusClass  = { success: 'success', challenge_required: 'challenge', blocked: 'blocked' };
-  var icons = { success: '&#x2705;', challenge_required: '&#x26A0;', blocked: '&#x1F6AB;' };
-  dbox.innerHTML = '<div class="decision-panel"><div class="decision-header ' + (statusClass[status] || 'success') + '">' +
-    (icons[status] || '') + ' ' + (statusLabels[status] || status.toUpperCase()) + '</div>' +
-    '<div class="decision-body" style="font-size:13px;">' +
-    '<div style="margin-bottom:6px;">Security Level: <strong>' + level + '</strong> / 4</div>' +
-    (decision.challenge_type ? '<div>Challenge: <strong>' + decision.challenge_type.toUpperCase() + '</strong></div>' : '') +
-    (decision.message ? '<div style="margin-top:6px;color:var(--c-muted);">' + decision.message + '</div>' : '') +
-    '</div></div>';
-  var factors = decision.risk_factors || {};
-  var factorEl = document.getElementById('factorBars');
-  var fkeys = ['device','location','time','velocity','behavior'];
-  var fnames = { device:'Device', location:'Location', time:'Time Pattern', velocity:'Velocity', behavior:'Behavior' };
-  var fweight = { device:'0.21%', location:'97.68%', time:'0.02%', velocity:'2.08%', behavior:'0.01%' };
-  factorEl.innerHTML = fkeys.map(function(k) {
-    var val = factors[k] || 0;
-    var fc = val > 70 ? '#ef4444' : val > 40 ? '#f59e0b' : '#22c55e';
-    return '<div class="factor-row">' +
-      '<div class="factor-label">' + fnames[k] + ' <span style="float:right;color:var(--c-muted);">' + val.toFixed(1) + ' / 100 &nbsp;(weight: ' + fweight[k] + ')</span></div>' +
-      '<div class="factor-bar-wrap"><div class="factor-bar" style="width:' + val + '%;background:' + fc + ';"></div></div>' +
-      '</div>';
-  }).join('');
-  if (notes && notes.length) {
-    document.getElementById('triggeredRules').innerHTML = '<div style="font-size:12px;color:var(--c-muted);font-weight:700;text-transform:uppercase;letter-spacing:.5px;margin-bottom:6px;">What the Framework Saw</div>' +
-      notes.map(function(n) { return '<div style="font-size:13px;padding:4px 0;border-bottom:1px solid var(--c-border);">' + n + '</div>'; }).join('');
-  } else {
-    document.getElementById('triggeredRules').innerHTML = '';
-  }
-}
-
-/* ---- SCENARIO 2 ---- */
-var legitResult = null;
-var attackerResult = null;
-
-async function doSimulateAttack() {
-  setStep('s2', 1, 'active');
-  var n = parseInt(document.getElementById('attackAttempts').value) || 12;
-  var log = document.getElementById('attackLog');
-  log.style.display = 'block';
-  log.innerHTML = '';
-  for (var i = 1; i <= n; i++) {
-    await new Promise(function(res) { setTimeout(res, 70); });
-    log.innerHTML += '<div class="line">[' + new Date().toLocaleTimeString() + '] ATTEMPT ' + i + '/' + n + ' pw:****' + i + ' &rarr; <span style="color:#f97316;">FAILED</span></div>';
-    log.scrollTop = log.scrollHeight;
-  }
-  const r = await req(DEMO + '/scenario2/simulate-attack?num_attempts=' + n, 'POST', null, false);
-  if (r.ok && r.data) {
-    var cnt = (r.data.anomalies_detected && r.data.anomalies_detected.length) || 0;
-    var aip = (r.data.attack_details && r.data.attack_details.attacker_ip) || '192.0.2.100';
-    log.innerHTML += '<div class="detected">[FRAMEWORK] AnomalyDetector fired: ' + cnt + ' pattern(s) detected.</div>';
-    log.innerHTML += '<div class="att-blocked">[FRAMEWORK] IP ' + aip + ' flagged as CRITICAL. All requests BLOCKED.</div>';
-    setStep('s2', 1, 'done');
-  }
-  showResp('attackResp', r);
-  await refreshAnomalies();
-}
-
-async function doLegitLogin() {
-  setStep('s2', 2, 'active');
-  const r = await req(DEMO + '/scenario2/legitimate-user', 'POST', null, false);
-  legitResult = r.data;
-  showResp('legitResp', r, true);
-  if (r.ok) setStep('s2', 2, 'done');
-  renderCompare();
-}
-
-async function doAttackerLogin() {
-  setStep('s2', 3, 'active');
-  const r = await req(DEMO + '/scenario2/attacker-login-attempt', 'POST', null, false);
-  attackerResult = r.data;
-  showResp('attackerLoginResp', r);
-  if (r.ok) setStep('s2', 3, 'done');
-  renderCompare();
-}
-
-function renderCompare() {
-  if (!legitResult && !attackerResult) return;
-  var ld = (legitResult && legitResult.framework_decision) || {};
-  var ad = (attackerResult && attackerResult.framework_decision) || {};
-  var col = function(s) { return s === 'success' ? 'var(--c-success)' : s === 'challenge_required' ? 'var(--c-warn)' : 'var(--c-danger)'; };
-  var icon = function(s) { return s === 'success' ? '&#x2705;' : s === 'challenge_required' ? '&#x26A0;&#xFE0F;' : '&#x1F6AB;'; };
-  document.getElementById('compareBox').innerHTML = '<div class="compare">' +
-    '<div class="compare-side"><div class="compare-title" style="color:var(--c-success);">Legitimate User</div>' +
-    (legitResult ? '<div style="font-size:22px;text-align:center;margin:8px 0;color:' + col(ld.status) + ';">' + icon(ld.status) + '</div>' +
-      '<div style="text-align:center;font-weight:700;color:' + col(ld.status) + ';">' + (ld.status||'').toUpperCase() + '</div>' +
-      '<div style="font-size:12px;color:var(--c-muted);margin-top:6px;">Risk: ' + (ld.risk_level||'—') + ' | Level: ' + (ld.security_level !== undefined ? ld.security_level : '—') + '</div>' +
-      '<div style="font-size:12px;margin-top:4px;">' + (legitResult.key_insight||'') + '</div>'
-    : '<p style="color:var(--c-muted);">Run step 2</p>') + '</div>' +
-    '<div class="compare-side"><div class="compare-title" style="color:var(--c-danger);">Attacker (correct password)</div>' +
-    (attackerResult ? '<div style="font-size:22px;text-align:center;margin:8px 0;color:' + col(ad.status) + ';">' + icon(ad.status) + '</div>' +
-      '<div style="text-align:center;font-weight:700;color:' + col(ad.status) + ';">' + (ad.status||'').toUpperCase() + '</div>' +
-      '<div style="font-size:12px;color:var(--c-muted);margin-top:6px;">Risk: ' + (ad.risk_level||'—') + ' | Level: ' + (ad.security_level !== undefined ? ad.security_level : '—') + '</div>' +
-      '<div style="font-size:12px;margin-top:4px;">' + (attackerResult.key_insight||'') + '</div>'
-    : '<p style="color:var(--c-muted);">Run step 3</p>') + '</div>' +
-    '</div>';
-}
-
-async function refreshAnomalies() {
-  const r = await req(DEMO + '/scenario2/anomalies', 'GET', null, false);
-  var feed = document.getElementById('anomalyFeed');
-  if (!r.ok || !r.data || !r.data.active_anomalies || !r.data.active_anomalies.length) {
-    feed.innerHTML = '<p style="color:var(--c-muted);font-size:13px;">No active anomalies.</p>';
-    return;
-  }
-  feed.innerHTML = r.data.active_anomalies.map(function(a) {
-    return '<div class="anomaly-item"><div style="font-size:22px;">&#x1F6A8;</div><div style="flex:1;">' +
-      '<div class="anomaly-type">' + a.type + '</div>' +
-      '<div class="anomaly-meta">IP: <code>' + (a.ip||'—') + '</code> &nbsp;|&nbsp; Confidence: <strong>' + (a.confidence||'—') + '</strong>' +
-      ' &nbsp;|&nbsp; <span class="badge badge-blocked">' + (a.severity||'—') + '</span>' +
-      ' &nbsp;|&nbsp; ' + new Date(a.first_detected).toLocaleTimeString() + '</div></div></div>';
-  }).join('');
-}
-
-async function clearAnomalies() {
-  await req(DEMO + '/scenario2/clear-anomalies', 'DELETE', null, false);
-  await refreshAnomalies();
-  monitorLog('info', 'All anomalies cleared.');
-}
-
-/* ---- CONTINUOUS MONITORING ---- */
-var monitorInterval = null;
-var monitorCycleCount = 0;
-
-function toggleMonitoring() {
-  if (monitorInterval) { stopMonitoring(); } else { startMonitoring(); }
-}
-
-function startMonitoring() {
-  var btn = document.getElementById('monitorBtn');
-  var badge = document.getElementById('monitorBadge');
-  document.getElementById('monitorStats').style.display = 'flex';
-  document.getElementById('monitorLog').style.display = 'block';
-  btn.textContent = '\u23F9 Stop Monitoring';
-  btn.className = 'btn btn-danger btn-sm';
-  badge.className = 'monitor-badge mon-on monitor-pulse';
-  badge.innerHTML = '&#x25CF; Live';
-  monitorCycleCount = 0;
-  monitorLog('info', 'Continuous monitoring started. Scanning every 2 s...');
-  runMonitoringCycle();
-  monitorInterval = setInterval(runMonitoringCycle, 2000);
-}
-
-function stopMonitoring() {
-  clearInterval(monitorInterval);
-  monitorInterval = null;
-  var btn = document.getElementById('monitorBtn');
-  var badge = document.getElementById('monitorBadge');
-  btn.textContent = '\u25B6 Start Monitoring';
-  btn.className = 'btn btn-success btn-sm';
-  badge.className = 'monitor-badge mon-off';
-  badge.innerHTML = '&#x23F8; Idle';
-  monitorLog('info', 'Monitoring stopped after ' + monitorCycleCount + ' cycles.');
-}
-
-async function runMonitoringCycle() {
-  monitorCycleCount++;
-  var r = await req(DEMO + '/scenario2/run-monitoring-cycle', 'POST', null, false);
-  if (!r.ok) {
-    monitorLog('warn', 'Cycle ' + monitorCycleCount + ' failed: ' + (r.data && r.data.detail ? r.data.detail : 'server error'));
-    return;
-  }
-  var d = r.data;
-  var cycleTime = new Date(d.cycle_at).toLocaleTimeString();
-
-  // Update stats strip
-  var threatEl = document.getElementById('msThreatVal');
-  var threat = d.threat_level || 'NORMAL';
-  threatEl.textContent = threat;
-  threatEl.style.color = threat === 'NORMAL' ? 'var(--c-success)' : threat === 'CRITICAL' ? 'var(--c-danger)' : 'var(--c-warn)';
-  document.getElementById('msAnomalyVal').textContent = d.scan.total_active_anomalies;
-  document.getElementById('msFailedVal').textContent = d.scan.recent_failed_logins_1h;
-  document.getElementById('msSessionVal').textContent = d.sessions.active;
-  document.getElementById('msSuspVal').textContent = d.sessions.suspicious;
-  document.getElementById('msCycleVal').textContent = cycleTime;
-
-  // Monitoring log line
-  var anomCnt = d.scan.total_active_anomalies;
-  var cls = anomCnt > 0 ? 'ml-threat' : 'ml-ok';
-  var icon = anomCnt > 0 ? '\u26A0' : '\u2713';
-  var bfFlag  = d.scan.brute_force_active         ? ' | BruteForce:ACTIVE'         : '';
-  var csFlag  = d.scan.credential_stuffing_active  ? ' | CredStuffing:ACTIVE'       : '';
-  monitorLog(anomCnt > 0 ? 'threat' : 'ok',
-    '[' + cycleTime + '] #' + monitorCycleCount + ' ' + icon +
-    '  Threat:' + threat +
-    '  Anomalies:' + anomCnt +
-    '  Failed/1h:' + d.scan.recent_failed_logins_1h +
-    bfFlag + csFlag
-  );
-
-  // Also refresh the visual anomaly feed every 3rd cycle
-  if (monitorCycleCount % 3 === 0) { await refreshAnomalies(); }
-}
-
-function monitorLog(type, msg) {
-  var log = document.getElementById('monitorLog');
-  if (!log) return;
-  var cls = { ok: 'ml-ok', threat: 'ml-threat', warn: 'ml-warn', info: 'ml-info' }[type] || 'ml-info';
-  var line = document.createElement('div');
-  line.className = cls;
-  line.textContent = msg;
-  log.appendChild(line);
-  log.scrollTop = log.scrollHeight;
-  // Keep log at max 200 lines
-  while (log.childNodes.length > 200) { log.removeChild(log.firstChild); }
-}
-
-/* ---- API TESTING ---- */
-async function apiRegister() {
-  var body = { email: document.getElementById('regEmail').value, password: document.getElementById('regPassword').value };
-  var name = document.getElementById('regName').value;
-  if (name) body.full_name = name;
-  if (!body.email || !body.password) { alert('Email and password required.'); return; }
-  showResp('regResp', await req(AUTH + '/register', 'POST', body, false));
-}
-
-async function apiLogin() {
-  var body = { email: document.getElementById('loginEmail').value, password: document.getElementById('loginPassword').value };
-  if (!body.email || !body.password) { alert('Email and password required.'); return; }
-  showResp('loginResp', await req(AUTH + '/login', 'POST', body, false), true);
-}
-
-async function apiAdaptiveLogin() {
-  var body = { email: document.getElementById('loginEmail').value, password: document.getElementById('loginPassword').value };
-  if (!body.email || !body.password) { alert('Email and password required.'); return; }
-  showResp('loginResp', await req(AUTH + '/adaptive-login', 'POST', body, false), true);
-}
-
-async function api2faEnable() {
-  const r = await req(AUTH + '/enable-2fa', 'POST');
-  if (r.ok && r.data && r.data.qr_code) {
-    document.getElementById('qrWrap').innerHTML = '<img src="' + r.data.qr_code + '" style="max-width:180px;border:2px solid var(--c-border);border-radius:8px;">';
-  }
-  showResp('tfaResp', r);
-}
-
-async function api2faVerify() {
-  var code = document.getElementById('totpCode').value.trim();
-  if (!code) { alert('Enter TOTP code.'); return; }
-  showResp('tfaResp', await req(AUTH + '/verify-2fa', 'POST', { otp: code }));
-}
-
-async function api2faDisable() {
-  var pwd = prompt('Enter your password to disable 2FA:');
-  if (!pwd) return;
-  showResp('tfaResp', await req(AUTH + '/disable-2fa?password=' + encodeURIComponent(pwd), 'POST'));
-}
-
-async function api2faStatus() { showResp('tfaResp', await req(USER + '/security')); }
-
-async function apiGetProfile()  { showResp('profileResp', await req(USER + '/profile')); }
-async function apiGetSecurity() { showResp('profileResp', await req(USER + '/security')); }
-async function apiGetDevices()  { showResp('profileResp', await req(USER + '/devices')); }
-async function apiGetSessions() { showResp('profileResp', await req(USER + '/sessions')); }
-async function apiRevokeAll()   { showResp('profileResp', await req(USER + '/sessions/revoke', 'POST', { session_ids: [], revoke_all: true })); }
-async function apiRiskProfile() { showResp('protResp', await req(USER + '/risk-profile')); }
-
-async function apiChangePwd() {
-  var cur = document.getElementById('curPwd').value;
-  var nw  = document.getElementById('newPwd').value;
-  showResp('pwdResp', await req(USER + '/change-password', 'POST', { current_password: cur, new_password: nw, confirm_password: nw }));
-}
-
-async function apiForgotPwd() {
-  var email = document.getElementById('resetEmail').value;
-  if (!email) { alert('Enter email.'); return; }
-  showResp('pwdResp', await req(AUTH + '/forgot-password', 'POST', { email: email }, false));
-}
-
-async function apiProtected()  { showResp('protResp', await req(API + '/protected')); }
-async function apiAdminOnly()  { showResp('protResp', await req(API + '/admin-only')); }
-async function apiLogout()     { const r = await req(AUTH + '/logout', 'POST'); clearToken(); showResp('protResp', r); }
-
-/* ═══════════════════════════════════════════════════════════
-   SESSION INTELLIGENCE TAB — 8 Advanced Security Features
-   ═══════════════════════════════════════════════════════════ */
-const INTEL = API + '/session-intel';
-
-// ── Behavior collection state ─────────────────────────────
-var _bhCollecting = false;
-var _bhKeyTimes   = [];
-var _bhMousePts   = [];
-var _bhScrollDs   = [];
-var _bhLastKey    = 0;
-var _bhLastMouse  = 0;
-var _currentChallengeId = null;
-
-function toggleBehaviorCollector() {
-  if (_bhCollecting) { stopBehaviorCollector(); } else { startBehaviorCollector(); }
-}
-function startBehaviorCollector() {
-  _bhCollecting = true;
-  _bhKeyTimes = []; _bhMousePts = []; _bhScrollDs = []; _bhLastKey = 0; _bhLastMouse = 0;
-  document.addEventListener('keydown',   _bhOnKey);
-  document.addEventListener('mousemove', _bhOnMouse);
-  document.addEventListener('scroll',    _bhOnScroll, true);
-  var btn = document.getElementById('behaviorCollectBtn');
-  btn.textContent = '\u23F9 Stop Collecting';
-  btn.className = 'btn btn-danger btn-sm';
-  document.getElementById('collectStatus').textContent = 'Collecting\u2026 (type, move mouse, scroll)';
-  _bhRenderBars(0.5, 0.5, 0.5);
-}
-function stopBehaviorCollector() {
-  _bhCollecting = false;
-  document.removeEventListener('keydown',   _bhOnKey);
-  document.removeEventListener('mousemove', _bhOnMouse);
-  document.removeEventListener('scroll',    _bhOnScroll, true);
-  var btn = document.getElementById('behaviorCollectBtn');
-  btn.textContent = '\u25B6 Start Collecting';
-  btn.className = 'btn btn-success btn-sm';
-  var s = _bhComputeScores();
-  _bhRenderBars(s.te, s.ml, s.sv);
-  document.getElementById('collectStatus').textContent =
-    'Done \u2014 Keys:' + _bhKeyTimes.length + '  MousePts:' + _bhMousePts.length + '  Scrolls:' + _bhScrollDs.length;
-}
-function _bhOnKey(e) {
-  var now = performance.now();
-  if (_bhLastKey > 0) _bhKeyTimes.push(now - _bhLastKey);
-  _bhLastKey = now;
-}
-function _bhOnMouse(e) {
-  var now = performance.now();
-  if (now - _bhLastMouse < 50) return;
-  _bhLastMouse = now;
-  _bhMousePts.push([e.clientX, e.clientY]);
-}
-function _bhOnScroll(e) {
-  var delta = e.target && e.target.scrollTop !== undefined ? Math.abs(e.target.scrollTop) : window.scrollY;
-  _bhScrollDs.push(delta);
-}
-function _bhComputeScores() {
-  // 1. Typing entropy — coefficient of variation of inter-key delays
-  var te = 0.5;
-  if (_bhKeyTimes.length >= 3) {
-    var mean = _bhKeyTimes.reduce(function(a,b){return a+b;},0) / _bhKeyTimes.length;
-    var std  = Math.sqrt(_bhKeyTimes.reduce(function(s,v){return s+(v-mean)*(v-mean);},0) / _bhKeyTimes.length);
-    var cv   = std / (mean + 1e-6);
-    te = cv < 0.05 ? 0.10 : cv < 0.20 ? 0.30 + cv*1.5 : cv < 0.90 ? 0.50 + (cv-0.20)*0.7 : Math.max(0.10, 1.0-(cv-0.90)*0.8);
-    te = Math.max(0, Math.min(1, te));
-  }
-  // 2. Mouse linearity — straight/curved path ratio
-  var ml = 0.6;
-  if (_bhMousePts.length >= 3) {
-    var totalD = 0;
-    for (var i=1;i<_bhMousePts.length;i++){
-      var dx=_bhMousePts[i][0]-_bhMousePts[i-1][0], dy=_bhMousePts[i][1]-_bhMousePts[i-1][1];
-      totalD += Math.sqrt(dx*dx+dy*dy);
-    }
-    var dxA=_bhMousePts[_bhMousePts.length-1][0]-_bhMousePts[0][0];
-    var dyA=_bhMousePts[_bhMousePts.length-1][1]-_bhMousePts[0][1];
-    var straightD = Math.sqrt(dxA*dxA+dyA*dyA);
-    var ratio = totalD > 0 ? straightD/totalD : 0;
-    ml = Math.max(0, Math.min(1, 1.0 - Math.abs(ratio-0.6)*1.5));
-  }
-  // 3. Scroll variance — normalised std of scroll deltas
-  var sv = 0.5;
-  if (_bhScrollDs.length >= 2) {
-    var sm = _bhScrollDs.reduce(function(a,b){return a+b;},0)/_bhScrollDs.length;
-    var ss = Math.sqrt(_bhScrollDs.reduce(function(s,v){return s+Math.pow(v-sm,2);},0)/_bhScrollDs.length);
-    sv = Math.min(1, ss/200);
-  }
-  var lr = Math.max(0, 1.0 - (0.40*te + 0.35*ml + 0.25*sv));
-  return { te:te, ml:ml, sv:sv, lr:lr };
-}
-function _bhRenderBars(te, ml, sv) {
-  function bCol(v){ return v>0.7?'#22c55e':v>0.4?'#f59e0b':'#ef4444'; }
-  document.getElementById('teVal').textContent = te.toFixed(2);
-  document.getElementById('mlVal').textContent = ml.toFixed(2);
-  document.getElementById('svVal').textContent = sv.toFixed(2);
-  var teEl = document.getElementById('teBar'); teEl.style.width = (te*100)+'%'; teEl.style.background = bCol(te);
-  var mlEl = document.getElementById('mlBar'); mlEl.style.width = (ml*100)+'%'; mlEl.style.background = bCol(ml);
-  var svEl = document.getElementById('svBar'); svEl.style.width = (sv*100)+'%'; svEl.style.background = bCol(sv);
-}
-
-// ── Trust gauge ───────────────────────────────────────────
-function updateTrustGauge(score, label, color) {
-  var ARC = 204;
-  var offset = ARC - (score/100)*ARC;
-  var arc = document.getElementById('trustArc');
-  arc.setAttribute('stroke-dashoffset', offset);
-  arc.setAttribute('stroke', color || '#22c55e');
-  document.getElementById('trustNum').textContent = Math.round(score);
-  document.getElementById('trustNum').setAttribute('fill', color || '#f1f5f9');
-  document.getElementById('trustLabel').textContent = (label||'trusted').toUpperCase();
-  document.getElementById('trustLabel').style.color = color || 'var(--c-muted)';
-}
-function renderTrustHistory(events) {
-  var wrap = document.getElementById('trustHistoryWrap');
-  if (!events || !events.length) { wrap.innerHTML = '<p style="color:var(--c-muted);">No events yet.</p>'; return; }
-  wrap.innerHTML = '<div style="color:var(--c-muted);font-size:10px;text-transform:uppercase;font-weight:700;margin-bottom:4px;">Recent Trust Events</div>' +
-    events.slice(-20).reverse().map(function(e){
-      var sign = e.delta>=0?'+':'';
-      var col  = e.delta>=0?'var(--c-success)':'var(--c-danger)';
-      return '<div style="display:flex;justify-content:space-between;border-bottom:1px solid var(--c-border);padding:2px 0;font-size:11px;">' +
-        '<span style="color:var(--c-muted);">' + e.event_type + '</span>' +
-        '<span style="color:'+col+';">' + sign + e.delta.toFixed(1) + ' \u2192 ' + e.score.toFixed(0) + '</span></div>';
-    }).join('');
-}
-
-async function intelGetTrust() {
-  if (!getToken()) { alert('Login first.'); return; }
-  var r = await req(INTEL + '/trust-score');
-  showResp('trustResp', r);
-  if (r.ok && r.data) {
-    updateTrustGauge(r.data.trust_score, r.data.label, r.data.color);
-    renderTrustHistory(r.data.history || []);
-  }
-}
-async function intelContinuousVerify() {
-  if (!getToken()) { alert('Login first.'); return; }
-  var r = await req(INTEL + '/continuous-verify', 'POST', {});
-  showResp('trustResp', r);
-  if (r.ok && r.data) updateTrustGauge(r.data.trust_score, r.data.label, r.data.color);
-}
-async function intelDropTrust() {
-  if (!getToken()) { alert('Login first (use Quick Login above).'); return; }
-  var r = await req(INTEL + '/simulate-trust-drop', 'POST', { target_score: 25, reason: 'Manual demo drop' });
-  showResp('trustResp', r);
-  if (r.ok && r.data) {
-    updateTrustGauge(r.data.new_trust, r.data.trust_label, r.data.trust_color);
-    if (r.data.challenge_recommended) {
-      document.getElementById('trustResp').textContent +=
-        '\n\n\u26A0 Trust is now ' + r.data.new_trust.toFixed(0) + '/100 \u2014 scroll to Micro-Challenges and click Generate!';
-    }
-  }
-}
-
-// ── Behavior Signals ──────────────────────────────────────
-async function intelSendBehavior() {
-  if (!getToken()) { alert('Login first.'); return; }
-  var s = _bhComputeScores();
-  _bhRenderBars(s.te, s.ml, s.sv);
-  var r = await req(INTEL + '/behavior-signal', 'POST', {
-    typing_entropy:  s.te,
-    mouse_linearity: s.ml,
-    scroll_variance: s.sv,
-    local_risk_score: s.lr,
-  });
-  showResp('behaviorResp', r);
-  if (r.ok && r.data && r.data.trust) {
-    updateTrustGauge(r.data.trust.score, r.data.trust.label, r.data.trust.color);
-    if (r.data.micro_challenge_recommended) {
-      document.getElementById('behaviorResp').textContent +=
-        '\n\n\u26A0 Trust below 40 \u2014 micro-challenge recommended!';
-    }
-  }
-}
-
-// ── Impossible Travel (public demo) ──────────────────────
-async function intelLoadCities() {
-  var r = await req(INTEL + '/demo/city-list', 'GET', null, false);
-  if (!r.ok || !r.data) return;
-  var cities = r.data.cities || [];
-  ['travelFrom','travelTo'].forEach(function(id){
-    var sel = document.getElementById(id);
-    sel.innerHTML = '';
-    cities.forEach(function(c){
-      var opt = document.createElement('option');
-      opt.value = c.name;
-      opt.textContent = c.name;
-      sel.appendChild(opt);
-    });
-    if (id === 'travelFrom') sel.value = 'New York';
-    if (id === 'travelTo')   sel.value = 'Moscow';
-  });
-}
-async function intelCheckTravel() {
-  var fromCity = document.getElementById('travelFrom').value;
-  var toCity   = document.getElementById('travelTo').value;
-  var hours    = parseFloat(document.getElementById('travelHours').value);
-  var r = await req(INTEL + '/demo/impossible-travel', 'POST',
-    { from_city:fromCity, to_city:toCity, time_gap_hours:hours, from_country:'', to_country:'' }, false);
-  var el = document.getElementById('travelResult');
-  if (!r.ok || !r.data) { el.textContent = 'Error: '+ JSON.stringify(r.data); return; }
-  var d = r.data;
-  var cmap = { impossible:'#ef4444', suspicious:'#f97316', plausible:'#22c55e', same_area:'#22c55e', coords_unknown:'#94a3b8' };
-  var imap = { impossible:'\uD83D\uDEA8', suspicious:'\u26A0\uFE0F', plausible:'\u2705', same_area:'\u2705', coords_unknown:'\u2753' };
-  var col = cmap[d.verdict]||'#94a3b8', icon = imap[d.verdict]||'\u2753';
-  el.innerHTML = '<div style="background:'+col+'22;border:1px solid '+col+';border-radius:8px;padding:10px;">' +
-    '<div style="font-weight:700;font-size:15px;color:'+col+';margin-bottom:6px;">' + icon + ' ' + (d.verdict||'').toUpperCase().replace('_',' ') + '</div>' +
-    '<div style="font-size:13px;">' + d.message + '</div>' +
-    '<div style="display:grid;grid-template-columns:1fr 1fr 1fr;gap:6px;margin-top:8px;font-size:12px;">' +
-      '<div><strong>' + (d.distance_km||0) + ' km</strong><br><span style="color:var(--c-muted);">Distance</span></div>' +
-      '<div><strong>' + Math.round(d.speed_kmh||0) + ' km/h</strong><br><span style="color:var(--c-muted);">Speed</span></div>' +
-      '<div><strong>' + Math.round(d.time_gap_minutes||0) + ' min</strong><br><span style="color:var(--c-muted);">Gap</span></div>' +
-    '</div>' +
-    (d.trust_delta < 0 ? '<div style="color:#f97316;font-size:12px;margin-top:6px;">\u26A0 Trust impact: ' + d.trust_delta + ' pts</div>' : '') +
-    '</div>';
-}
-
-// ── AI Anomaly Scorer (public demo) ──────────────────────
-async function intelScoreAnomaly() {
-  var r = await req(INTEL + '/demo/anomaly-score', 'POST', {
-    typing_entropy:       parseFloat(document.getElementById('aiTyping').value),
-    mouse_linearity:      parseFloat(document.getElementById('aiMouse').value),
-    scroll_variance:      parseFloat(document.getElementById('aiScroll').value),
-    hour_normalized:      parseFloat(document.getElementById('aiHour').value),
-    failed_attempts_norm: parseFloat(document.getElementById('aiFailed').value),
-  }, false);
-  var el = document.getElementById('anomalyResult');
-  if (!r.ok || !r.data) { el.textContent = JSON.stringify(r.data); return; }
-  var d = r.data;
-  el.innerHTML =
-    '<div style="background:'+d.color+'22;border:1px solid '+d.color+';border-radius:8px;padding:10px;">' +
-    '<div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:8px;">' +
-      '<div style="font-weight:700;font-size:20px;color:'+d.color+';">' + d.anomaly_score.toFixed(1) + ' / 100</div>' +
-      '<div style="font-size:12px;font-weight:700;background:'+d.color+';color:#0f172a;padding:2px 10px;border-radius:4px;">' + d.classification + '</div>' +
-    '</div>' +
-    '<div style="font-size:11px;color:var(--c-muted);margin-bottom:8px;">Confidence: '+(d.confidence*100).toFixed(0)+'% \u00B7 Statistical Isolation Forest</div>' +
-    Object.entries(d.per_feature||{}).map(function(kv){
-      var fn=kv[0], fs=kv[1], fc=fs>60?'#ef4444':fs>30?'#f59e0b':'#22c55e';
-      return '<div style="margin-bottom:5px;"><div style="display:flex;justify-content:space-between;font-size:11px;">' +
-        '<span>'+fn+'</span><span style="color:'+fc+';">'+fs.toFixed(1)+'</span></div>' +
-        '<div style="height:5px;background:#1e293b;border-radius:2px;overflow:hidden;">' +
-        '<div style="height:100%;width:'+fs+'%;background:'+fc+';border-radius:2px;"></div></div></div>';
-    }).join('') + '</div>';
-}
-
-// ── Micro-Challenges ──────────────────────────────────────
-async function intelGenerateChallenge() {
-  if (!getToken()) {
-    // Demo mode without DB persistence
-    var a = Math.floor(Math.random()*9)+2, b = Math.floor(Math.random()*9)+2;
-    _currentChallengeId = 'demo-no-auth';
-    document.getElementById('challengePanel').style.display = 'block';
-    document.getElementById('challengeQuestion').textContent = 'What is ' + a + ' \u00D7 ' + b + ' ?';
-    document.getElementById('challengeAnswer').value = '';
-    document.getElementById('challengeResultMsg').textContent = '(Demo mode \u2014 login to persist trust changes)';
-    return;
-  }
-  var r = await req(INTEL + '/micro-challenge/generate', 'POST', {});
-  showResp('challengeResp', r);
-  if (r.ok && r.data && r.data.challenge) {
-    _currentChallengeId = r.data.challenge.challenge_id;
-    document.getElementById('challengePanel').style.display = 'block';
-    document.getElementById('challengeQuestion').textContent = r.data.challenge.question;
-    document.getElementById('challengeAnswer').value = '';
-    document.getElementById('challengeResultMsg').textContent = '';
-    if (!r.data.challenge_needed) {
-      document.getElementById('challengeResultMsg').textContent =
-        '\u2139\uFE0F Trust is healthy \u2014 showing challenge anyway for demo purposes.';
-    }
-  }
-}
-async function intelVerifyChallenge() {
-  var answer = document.getElementById('challengeAnswer').value.trim();
-  if (!answer) { alert('Enter your answer.'); return; }
-  if (!_currentChallengeId || _currentChallengeId === 'demo-no-auth') {
-    document.getElementById('challengeResultMsg').textContent = '\u2705 Submitted (login to update real trust score).';
-    document.getElementById('challengePanel').style.display = 'none';
-    return;
-  }
-  var r = await req(INTEL + '/micro-challenge/verify', 'POST', { challenge_id:_currentChallengeId, response:answer });
-  showResp('challengeResp', r);
-  if (r.ok && r.data) {
-    document.getElementById('challengeResultMsg').textContent = r.data.reason;
-    if (r.data.correct) {
-      document.getElementById('challengePanel').style.display = 'none';
-      updateTrustGauge(r.data.new_trust, r.data.trust_label, r.data.trust_color);
-    } else {
-      document.getElementById('challengeAnswer').value = '';
-    }
-  }
-}
-
-// ── Explainability (public demo) ─────────────────────────
-async function intelExplain() {
-  var r = await req(INTEL + '/demo/explain', 'POST', {
-    location_score:  parseFloat(document.getElementById('expLocation').value),
-    device_score:    parseFloat(document.getElementById('expDevice').value),
-    time_score:      parseFloat(document.getElementById('expTime').value),
-    velocity_score:  parseFloat(document.getElementById('expVelocity').value),
-    behavior_score:  parseFloat(document.getElementById('expBehavior').value),
-    security_level:  parseInt(document.getElementById('expLevel').value),
-    risk_level:      'medium',
-  }, false);
-  var el = document.getElementById('explainResult');
-  if (!r.ok || !r.data) { el.textContent = JSON.stringify(r.data); return; }
-  var d = r.data;
-  el.innerHTML =
-    '<div style="font-size:12px;color:var(--c-muted);margin-bottom:6px;">' +
-      '\uD83D\uDD0D Audit ID: <code>' + d.audit_id + '</code>&nbsp;&nbsp;|&nbsp;&nbsp;Confidence: ' +
-      (d.confidence*100).toFixed(0) + '%&nbsp;&nbsp;|&nbsp;&nbsp;Action: <em>' + d.action + '</em>' +
-    '</div>' +
-    '<div style="font-size:13px;margin-bottom:10px;padding:8px;background:var(--c-surface);border-radius:6px;">' + d.summary + '</div>' +
-    (d.factors||[]).map(function(f){
-      var col = f.status==='anomalous'?'#ef4444':'#22c55e';
-      var bar = Math.min(100, Math.max(0, Math.abs(f.contribution)*4));
-      return '<div style="margin-bottom:8px;">' +
-        '<div style="display:flex;justify-content:space-between;font-size:12px;">' +
-          '<span>' + f.icon + ' <strong>' + f.factor + '</strong>' +
-          ' <span style="color:var(--c-muted);">w:' + f.model_weight + '</span></span>' +
-          '<span style="color:'+col+';">' + (f.contribution>=0?'+':'') + f.contribution.toFixed(1) + '</span>' +
-        '</div>' +
-        '<div style="height:6px;background:#1e293b;border-radius:3px;overflow:hidden;margin-top:3px;">' +
-          '<div style="height:100%;width:'+bar+'%;background:'+col+';border-radius:3px;"></div></div>' +
-        '<div style="font-size:11px;color:var(--c-muted);">' + f.detail + '</div>' +
-      '</div>';
-    }).join('');
-}
-
-// ── Session Audit Trail (authed) ─────────────────────────
-async function intelSessionExplain() {
-  if (!getToken()) { alert('Login first.'); return; }
-  showResp('sessionExplainResp', await req(INTEL + '/explain'));
-}
-
-// ── Quick Login ───────────────────────────────────────────
-async function intelQuickLogin() {
-  var r = await req(AUTH + '/login', 'POST',
-    { email:'demo.user@adaptive.demo', password:'DemoUser@123!' }, false);
-  var el = document.getElementById('intelLoginStatus');
-  if (r.ok && r.data && r.data.access_token) {
-    saveToken(r.data.access_token);
-    el.textContent = '\u2705 Logged in as demo.user@adaptive.demo';
-    el.style.color = 'var(--c-success)';
-    await intelGetTrust();
-  } else {
-    el.textContent = '\u274C Login failed \u2014 run Setup in Scenario 1 first.';
-    el.style.color = 'var(--c-danger)';
-  }
-}
-
-// ── Tab init ──────────────────────────────────────────────
-async function intelInitTab() {
-  await intelLoadCities();
-  if (getToken()) await intelGetTrust();
-}
-
-/* ═════════════════════════════════════════════════════════ */
-
-/* ---- ADMIN ---- */
-async function quickAdminLogin() {
-  showResp('adminLoginResp', await req(AUTH + '/login', 'POST', { email: 'demo.admin@adaptive.demo', password: 'Admin@Demo456!' }, false), true);
-}
-
-async function checkEmailStatus() {
-  var body = document.getElementById('emailStatusBody');
-  body.textContent = 'Checking…';
-  var r = await req(ADMIN + '/email-status');
-  if (!r.ok || !r.data) {
-    body.innerHTML = '<span style="color:var(--c-danger);">Failed to fetch — are you logged in as admin?</span>';
-    return;
-  }
-  var d = r.data;
-  var configured = d.configured;
-  var statusPill = configured
-    ? '<span class="pill pill-ok">&#x2714; Configured</span>'
-    : '<span class="pill pill-err">&#x2718; Not Configured</span>';
-  var fields = d.fields || {};
-  var rows = Object.entries(fields).map(function(kv) {
-    var k = kv[0], v = kv[1];
-    var pill = v ? '<span class="pill pill-ok">Set</span>' : '<span class="pill pill-err">Missing</span>';
-    return '<div style="display:flex;justify-content:space-between;align-items:center;padding:5px 0;border-bottom:1px solid var(--c-border);font-size:12px;"><span style="font-family:\'Consolas\',monospace;color:var(--c-text);">ADAPTIVEAUTH_' + k + '</span>' + pill + '</div>';
-  }).join('');
-  var instructions = configured ? '' : '<div class="callout callout-warn" style="margin-top:12px;font-size:12px;"><strong>Setup:</strong> Create a <code>.env</code> file in the project root with the missing fields above.<br><br><code>' + (d.setup_instructions||'') + '</code></div>';
-  body.innerHTML = '<div style="margin-bottom:12px;">' + statusPill +
-    (d.mail_port ? ' &nbsp;<span style="font-size:12px;color:var(--c-muted);">Port: ' + d.mail_port + ' &nbsp;STARTTLS: ' + (d.starttls ? 'Yes' : 'No') + '</span>' : '') +
-    '</div>' + rows + instructions;
-}
-
-async function loadAdminStats() {
-  const r = await req(ADMIN + '/statistics');
-  if (!r.ok || !r.data) return;
-  var d = r.data;
-  document.getElementById('statsGrid').innerHTML =
-    '<div class="stat-box"><div class="stat-num" style="color:var(--c-info);">' + (d.total_users !== undefined ? d.total_users : '—') + '</div><div class="stat-label">Total Users</div></div>' +
-    '<div class="stat-box"><div class="stat-num" style="color:var(--c-success);">' + (d.active_sessions !== undefined ? d.active_sessions : '—') + '</div><div class="stat-label">Active Sessions</div></div>' +
-    '<div class="stat-box"><div class="stat-num" style="color:var(--c-danger);">' + (d.high_risk_events_today !== undefined ? d.high_risk_events_today : '—') + '</div><div class="stat-label">High Risk Today</div></div>' +
-    '<div class="stat-box"><div class="stat-num" style="color:var(--c-warn);">' + (d.failed_logins_today !== undefined ? d.failed_logins_today : '—') + '</div><div class="stat-label">Failed Logins</div></div>';
-}
-
-async function adminGetUsers()      { showResp('adminUserResp', await req(ADMIN + '/users')); }
-async function adminGetSessions()   { showResp('adminUserResp', await req(ADMIN + '/sessions')); }
-async function adminBlock()         { var uid = document.getElementById('adminUserId').value; if (!uid) { alert('Enter user ID.'); return; } showResp('adminUserResp', await req(ADMIN + '/users/' + uid + '/block', 'POST')); }
-async function adminUnblock()       { var uid = document.getElementById('adminUserId').value; if (!uid) { alert('Enter user ID.'); return; } showResp('adminUserResp', await req(ADMIN + '/users/' + uid + '/unblock', 'POST')); }
-async function adminGetRiskEvents() { showResp('adminRiskResp', await req(ADMIN + '/risk-events')); }
-async function adminGetAnomalies()  { showResp('adminRiskResp', await req(ADMIN + '/anomalies')); }
-async function adminRiskOverview()  { showResp('adminRiskResp', await req(RISK + '/overview')); }
-async function adminRiskStatsPeriod(p) { showResp('statsResp', await req(ADMIN + '/risk-statistics?period=' + p)); }
-
-window.addEventListener('load', function() {
-  refreshTokenBar();
-  ping();
-  // Background passive refresh (only when monitoring is NOT active)
-  setInterval(function() {
-    if (document.getElementById('tab-demo2').classList.contains('active') && !monitorInterval) {
-      refreshAnomalies();
-    }
-  }, 10000);
-});
-</script>
-</body>
-</html>
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>AdaptiveAuth — Framework Demo</title>
+    <link rel="preconnect" href="https://fonts.googleapis.com" />
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
+    <link
+      href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap"
+      rel="stylesheet"
+    />
+    <script type="module" crossorigin src="/static/assets/index-C4kGMRC-.js"></script>
+    <link rel="stylesheet" crossorigin href="/static/assets/index-DKV7YaMs.css">
+  </head>
+  <body>
+    <div id="root"></div>
+  </body>
+</html>