Lumora · Lamina OS

Luxury smart mirrors that stay personal without leaking secrets

Led full-stack development of a MagicMirror-based platform with secure QR pairing, Supabase-backed personalization, and OAuth aggregation so commute, calendar, and music data follow the owner from phone to glass in under 30 seconds.

Problem

Status-quo mirrors are hobby builds: static configs, no identity model, and no secure way to surface calendars or music. Luxury buyers expect a mirror that pairs instantly, respects privacy, and adapts across product tiers without touching JSON on-device.

Lumora solves this by issuing mirror UUIDs, hiding OAuth credentials behind the cloud, and giving ops a dashboard to toggle experiences remotely.

Technical Architecture

MagicMirror² handles rendering while Next.js App Router APIs, Supabase, and Firebase Auth orchestrate identity, pairing, and personalization. All OAuth tokens stay in Supabase/Mongo; mirrors only ever present Lumora-issued JWTs.

Next.js App RouterMagicMirror²Supabase Auth & RLSOAuth (Google · Spotify · Outlook)Google Places APITailwind UI system

Data Flow

1.Mirror boots → `mirror-auth` requests UUID + JWT via `/api/issueMirrorToken` and renders a device QR code.
2.User scans QR, authenticates on phone, and `/api/linkMirrorID` binds mirror ↔ user identity in Supabase/Mongo.
3.Loader holds MagicMirror modules until Supabase confirms pairing via `/api/checkSession` polling.
4.JWT-protected modules call `/api/getLocation|getEmail|getSpotifyPlaying|getGoogleCalendarEvents` with mirror UUID headers.
5.Edge Functions/fetchers refresh OAuth tokens server-side, rewrite module configs, and stream commute/weather context back to the device.

Key Decisions

Auth-only boot path so mirrors stay inert until a user proves ownership with QR pairing.
Server-side OAuth custody—hardware only holds Lumora-issued JWTs, never Google/Spotify secrets.
Supabase Row-Level Security enforces which mirrors can reach personalization rows.
Next.js API routes double as the aggregation layer for commute, calendar, and media services.

Core Innovations

QR Pairing Flow
`mirror-auth` renders device-specific QR codes and polls `/api/checkSession` until Supabase signals a successful link—no keyboard required.
Secure Mirror Identity
Every mirror gets a UUID + JWT combo. Modules sign each request, and Supabase RLS gates which rows or OAuth tokens it can touch.
OAuth Aggregation Layer
Edge Functions broker Google/Spotify/Outlook scopes so node helpers only see Lumora JWTs, simplifying renewals and audits.
Personalisation Engine
Dashboard writers update commute routes, location, and service toggles; `/api/getLocation` et al. push those into MagicMirror at runtime.
Modular Runtime
`Loader.loadDeferredModules` injects weather/calendar/music widgets only after auth, allowing product-tier feature flags.

Engineering Challenges

Factory-reset trust chain: solved with UUID storage plus QR confirmation and Supabase-backed polling.
OAuth secrets on hardware: addressed by proxying every integration through JWT-guarded Next.js APIs.
Dynamic module config: runtime rewrites and node-helpers keep upstream MagicMirror modules untouched.
UX continuity: mirror-auth hides itself and broadcasts `USER_AUTHENTICATED_DETAILS` while deferred modules spin up.

Results & Outcomes

Pairing completes after a single QR scan (~10 seconds of polling) with no data leaving the mirror pre-auth.
Weather, calendar, email, and Spotify modules now call JWT-only APIs, keeping OAuth refresh tokens confined to Supabase.
Dashboard JSON manifests let ops toggle which modules appear per hardware SKU without reflashing.
Google Places commute data and market feeds slot into mirrors via backend releases alone.

Hardware & UI Gallery

Frames from the Athena, Apollo, and Lunar collections share the same software core. These renders show how the authenticated runtime blends with luxury interiors while reflecting commute, media, and inbox modules.