update to MVP

Dockerfile

@@ -9,12 +9,15 @@ RUN pip install --no-cache-dir -r requirements.txt
 
 COPY src/ src/
 COPY migrations/ migrations/
+COPY entrypoint.sh /app/entrypoint.sh
 
 RUN mkdir -p data
+RUN chmod +x /app/entrypoint.sh
 
 EXPOSE 7860
 
+# Use entrypoint script to run migrations before starting Gunicorn
 # Run with single worker to fix OAuth session persistence
 # TODO: Implement server-side session storage (Redis/Memcached) for multi-worker support
 # Increase timeout to 120s to handle slow LLM responses
-CMD ["gunicorn", "-w", "1", "-b", "0.0.0.0:7860", "--timeout", "120", "--graceful-timeout", "120", "src.app:app"]
+ENTRYPOINT ["/app/entrypoint.sh"]

entrypoint.sh

@@ -0,0 +1,96 @@
+#!/bin/bash
+# Webapp entrypoint script - runs database migrations before starting Gunicorn
+
+set -e
+
+echo "[ENTRYPOINT] Running database migrations..."
+
+# Run Python migration script
+python3 <<'PYEOF'
+import sqlite3
+import os
+
+DB_PATH = os.environ.get('DATABASE_PATH', '/app/data/contacts.db')
+MIGRATIONS_DIR = '/app/migrations'
+
+print(f"[MIGRATION] Connecting to database: {DB_PATH}")
+conn = sqlite3.connect(DB_PATH)
+cursor = conn.cursor()
+
+# Step 1: Check if contact_sessions table exists
+cursor.execute("SELECT name FROM sqlite_master WHERE type='table' AND name='contact_sessions'")
+table_exists = cursor.fetchone() is not None
+
+if not table_exists:
+    print("[MIGRATION] Initial database - creating tables from 001_create_tables.sql")
+    
+    try:
+        with open(f'{MIGRATIONS_DIR}/001_create_tables.sql', 'r') as f:
+            schema_sql = f.read()
+        
+        cursor.executescript(schema_sql)
+        conn.commit()
+        print("  ✓ Created user_profiles table")
+        print("  ✓ Created contact_sessions table")
+        print("  ✓ Created indexes")
+    except Exception as e:
+        print(f"  ⚠ Failed to create initial schema: {e}")
+        conn.rollback()
+        raise
+
+# Step 2: Check if normalized_name column exists (producer columns migration)
+cursor.execute("PRAGMA table_info(contact_sessions)")
+columns = [row[1] for row in cursor.fetchall()]
+
+if 'normalized_name' not in columns:
+    print("[MIGRATION] Applying migration: Add producer-related columns")
+    
+    try:
+        cursor.execute("ALTER TABLE contact_sessions ADD COLUMN normalized_name TEXT")
+        print("  ✓ Added normalized_name column")
+    except Exception as e:
+        print(f"  ⚠ normalized_name: {e}")
+    
+    try:
+        cursor.execute("ALTER TABLE contact_sessions ADD COLUMN sequence_number INTEGER DEFAULT 1")
+        print("  ✓ Added sequence_number column")
+    except Exception as e:
+        print(f"  ⚠ sequence_number: {e}")
+    
+    try:
+        cursor.execute("ALTER TABLE contact_sessions ADD COLUMN producer_id TEXT")
+        print("  ✓ Added producer_id column")
+    except Exception as e:
+        print(f"  ⚠ producer_id: {e}")
+    
+    try:
+        cursor.execute("CREATE INDEX IF NOT EXISTS idx_contact_sessions_producer ON contact_sessions(user_id, normalized_name)")
+        print("  ✓ Created index idx_contact_sessions_producer")
+    except Exception as e:
+        print(f"  ⚠ index: {e}")
+    
+    try:
+        cursor.execute("""
+            UPDATE contact_sessions
+            SET 
+                normalized_name = LOWER(TRIM(contact_name)),
+                sequence_number = 1,
+                producer_id = user_id || '_' || LOWER(TRIM(contact_name)) || '_1'
+            WHERE normalized_name IS NULL
+        """)
+        print(f"  ✓ Backfilled {cursor.rowcount} existing rows")
+    except Exception as e:
+        print(f"  ⚠ backfill: {e}")
+    
+    conn.commit()
+    print("[MIGRATION] Migration complete")
+else:
+    print("[MIGRATION] Schema already up-to-date (normalized_name column exists)")
+
+conn.close()
+PYEOF
+
+echo "[ENTRYPOINT] Starting Gunicorn..."
+
+# Start Gunicorn with the provided arguments
+exec gunicorn -w 1 -b 0.0.0.0:7860 --timeout 120 --graceful-timeout 120 src.app:app

migrations/002_add_producer_columns.sql

@@ -0,0 +1,30 @@
+-- Migration: Add producer-related columns to contact_sessions table
+-- Feature: 001-refine-memory-producer-logic
+-- Date: 2025-11-19
+--
+-- These columns support the producer attribution system for memory backend:
+-- - normalized_name: Lowercase, stripped contact name for grouping (e.g., "jane doe")
+-- - sequence_number: Incremental counter per (user_id, normalized_name) pair
+-- - producer_id: Unique identifier = "{user_id}_{normalized_name}_{sequence_number}"
+
+-- Add normalized_name column
+ALTER TABLE contact_sessions ADD COLUMN normalized_name TEXT;
+
+-- Add sequence_number column (defaults to 1 for existing rows)
+ALTER TABLE contact_sessions ADD COLUMN sequence_number INTEGER DEFAULT 1;
+
+-- Add producer_id column
+ALTER TABLE contact_sessions ADD COLUMN producer_id TEXT;
+
+-- Create index for efficient producer lookups
+CREATE INDEX IF NOT EXISTS idx_contact_sessions_producer 
+    ON contact_sessions(user_id, normalized_name);
+
+-- Backfill existing rows with producer data
+-- This ensures existing contacts get proper producer_id values
+UPDATE contact_sessions
+SET 
+    normalized_name = LOWER(TRIM(contact_name)),
+    sequence_number = 1,
+    producer_id = user_id || '_' || LOWER(TRIM(contact_name)) || '_1'
+WHERE normalized_name IS NULL;

src/routes/auth.py

@@ -135,6 +135,7 @@ def callback():
         session["display_name"] = display_name
         session["profile_picture_url"] = profile_picture_url
         session["session_id"] = user_profile.session_id
+        session["profile_session_id"] = user_profile.session_id  # Feature: 001-contact-session-fixes - cache for facts/messages
         session["access_token"] = token.get("access_token")
 
         flash(f"Welcome back, {display_name}!", "success")

src/routes/contacts.py

@@ -129,29 +129,71 @@ def create_contact():
         flash("Description cannot exceed 500 characters.", "danger")
         return redirect(url_for("contacts.list_contacts"))
     
+    # Feature: 001-contact-session-fixes - Two-phase commit for dual-database synchronization
+    import time
+    start_time = time.time()
+    backend_api = backend_client.BackendAPIClient()
+    session_id = None
+    
     try:
-        # Create backend session first to get the session_id
-        backend_api = backend_client.BackendAPIClient()
+        # Phase 1: Create backend session in PostgreSQL
         title = f"Contact: {contact_name}"
+        logger.info(f"[CONTACT_CREATE] Phase 1: Creating backend session for user {user_id}, contact '{contact_name}'")
         backend_response = backend_api.create_session(title=title, user_id=user_id)
         session_id = backend_response.get("session_id")
         
         if not session_id:
             raise ValueError("Backend API did not return a session_id")
         
-        # Create contact session in SQLite with the backend-generated session_id
-        contact = storage_service.create_contact_session_with_id(
-            user_id=user_id,
-            session_id=session_id,
-            contact_name=contact_name,
-            contact_description=contact_description,
-            is_reference=False
-        )
-        
-        flash(f"Contact '{contact_name}' created successfully!", "success")
-        logger.info(f"Created contact {contact.session_id} for user {user_id}")
+        logger.info(f"[BACKEND_API] POST /sessions response: 201, session_id={session_id}")
         
-        return redirect(url_for("contacts.view_contact", session_id=contact.session_id))
+        # Phase 2: Write to SQLite with backend-generated session_id
+        try:
+            logger.info(f"[CONTACT_CREATE] Phase 2: Writing to SQLite, session_id={session_id}")
+            contact = storage_service.create_contact_session_with_id(
+                user_id=user_id,
+                session_id=session_id,
+                contact_name=contact_name,
+                contact_description=contact_description,
+                is_reference=False
+            )
+            logger.info(f"[STORAGE] SQLite write successful: session_id={session_id}")
+            
+            # Success - both databases synchronized
+            elapsed = (time.time() - start_time) * 1000
+            logger.info(f"[PERF] Contact creation took {elapsed:.1f}ms (target <150ms)")
+            flash(f"Contact '{contact_name}' created successfully!", "success")
+            logger.info(f"Created contact {contact.session_id} for user {user_id}")
+            
+            return redirect(url_for("contacts.view_contact", session_id=contact.session_id))
+            
+        except Exception as sqlite_error:
+            # Phase 2 failed - rollback Phase 1
+            logger.error(f"[STORAGE] Failed to write SQLite: {sqlite_error}")
+            logger.info(f"[ROLLBACK] Attempting to delete backend session: {session_id}")
+            
+            try:
+                rollback_success = backend_api.delete_session(session_id, user_id)
+                if rollback_success:
+                    logger.info(f"[ROLLBACK] Deleted backend session: {session_id}")
+                else:
+                    logger.error(f"[ROLLBACK] DELETE /sessions/{session_id} returned unexpected status")
+            except Exception as rollback_error:
+                # Rollback failed - critical error requiring manual cleanup
+                logger.critical(
+                    f"[ROLLBACK] Failed to delete session {session_id}: {rollback_error}",
+                    extra={
+                        "session_id": session_id,
+                        "user_id": user_id,
+                        "timestamp": time.time(),
+                        "error_type": "rollback_failure",
+                        "original_error": str(sqlite_error)
+                    }
+                )
+            
+            # Fail the entire operation
+            flash("Error creating contact. Please try again.", "danger")
+            return redirect(url_for("contacts.list_contacts"))
         
     except ValueError as e:
         # Validation errors or contact limit reached
@@ -160,7 +202,8 @@ def create_contact():
         return redirect(url_for("contacts.list_contacts"))
         
     except Exception as e:
-        logger.error(f"Error creating contact for user {user_id}: {e}")
+        # Backend API call failed (Phase 1) - no rollback needed
+        logger.error(f"[BACKEND_API] Failed to create session: {e}")
         flash("Error creating contact. Please try again.", "danger")
         return redirect(url_for("contacts.list_contacts"))
 
@@ -186,10 +229,11 @@ def view_contact(session_id: str):
             flash("You don't have permission to view this contact.", "danger")
             return redirect(url_for("contacts.list_contacts"))
         
-        # Get messages from backend API
+        # Get messages from backend API, including producer_id for memory search
         backend_api = backend_client.BackendAPIClient()
         try:
-            session_data = backend_api.get_session(session_id)
+            # Pass producer_id to include contact's memories in search
+            session_data = backend_api.get_session(session_id, user_id, producer_id=contact.producer_id)
             messages = session_data.get("messages", [])
             
             # Separate facts and chat messages
@@ -345,6 +389,10 @@ def send_message(session_id: str):
         flash("Message cannot exceed 10,000 characters.", "danger")
         return redirect(url_for("contacts.view_contact", session_id=session_id))
     
+    # Feature: 001-contact-session-fixes - Send messages with profile session reference
+    import time
+    start_time = time.time()
+    
     try:
         # Get contact to verify ownership
         contact = storage_service.get_contact_session(session_id)
@@ -356,50 +404,46 @@ def send_message(session_id: str):
             flash("You don't have permission to message this contact.", "danger")
             return redirect(url_for("contacts.list_contacts"))
         
-        # Get user profile to include as reference
-        user_profile = storage_service.get_user_profile(user_id)
-        profile_session_id = user_profile.session_id if user_profile else f"{user_id}_session"
+        # Get profile session ID from Flask session cache
+        profile_session_id = session.get("profile_session_id")
+        if not profile_session_id:
+            flash("Error: Profile session not found. Please log in again.", "warning")
+            logger.warning(f"[MESSAGE] Missing profile_session_id for user {user_id}")
+            return redirect(url_for("contacts.view_contact", session_id=session_id))
         
         # Send message with profile session as reference
+        logger.info(f"[MESSAGE] Sending chat message: user_id={user_id}, contact={contact.contact_name}, reference={profile_session_id}, content_length={len(content)}")
         backend_api = backend_client.BackendAPIClient()
         response = backend_api.send_message(
             session_id=session_id,
             content=content,
+            user_id=user_id,
             mode="chat",
             sender="user",
-            reference_session_ids=[profile_session_id]
+            reference_session_ids=[profile_session_id]  # Link to profile for AI context
         )
         
-        # Check if we got an LLM response and save it as an assistant message
+        # Check if we got an LLM response
         llm_response = response.get("llm_response")
         if llm_response:
             if llm_response.get("error"):
                 error_msg = llm_response["error"].get("message", "Unknown error")
                 flash(f"AI response error: {error_msg}", "warning")
-                logger.warning(f"LLM error for contact {session_id}: {error_msg}")
+                logger.warning(f"[MESSAGE] LLM error for contact {session_id}: {error_msg}")
             elif llm_response.get("content"):
-                # Save the assistant's response as a separate message
-                try:
-                    backend_api.send_message(
-                        session_id=session_id,
-                        content=llm_response["content"],
-                        mode="chat",
-                        sender="assistant",
-                        reference_session_ids=None  # Assistant response doesn't need references
-                    )
-                    flash("Message sent! AI responded.", "success")
-                    logger.info(f"Saved AI response in contact {session_id}")
-                except Exception as e:
-                    logger.error(f"Failed to save AI response: {e}")
-                    flash("Message sent, but failed to save AI response.", "warning")
+                # Backend typically saves assistant response automatically, but log it
+                flash("Message sent! AI responded.", "success")
+                logger.info(f"[MESSAGE] AI response received for contact {session_id}")
             else:
                 flash("Message sent successfully!", "success")
         else:
             flash("Message sent successfully!", "success")
         
         # Update last interaction timestamp
-        storage_service.update_last_interaction(session_id)
+        storage_service.update_contact_last_interaction(session_id)
         
+        elapsed = (time.time() - start_time) * 1000
+        logger.info(f"[PERF] Message send took {elapsed:.1f}ms (target <150ms, excluding AI generation)")
         logger.info(f"Sent message in contact {session_id} for user {user_id}")
         
         return redirect(url_for("contacts.view_contact", session_id=session_id))
@@ -435,6 +479,10 @@ def add_fact(session_id: str):
         flash("Fact cannot exceed 2,000 characters.", "danger")
         return redirect(url_for("contacts.view_contact", session_id=session_id))
     
+    # Feature: 001-contact-session-fixes - Add facts with profile session reference
+    import time
+    start_time = time.time()
+    
     try:
         # Get contact to verify ownership
         contact = storage_service.get_contact_session(session_id)
@@ -446,27 +494,39 @@ def add_fact(session_id: str):
             flash("You don't have permission to add facts to this contact.", "danger")
             return redirect(url_for("contacts.list_contacts"))
         
-        # Send fact with proper attribution (Feature: 001-refine-memory-producer-logic)
-        # Contact facts: producer=contact.producer_id, produced_for=user_id
+        # Get profile session ID from Flask session cache
+        profile_session_id = session.get("profile_session_id")
+        if not profile_session_id:
+            flash("Error: Profile session not found. Please log in again.", "warning")
+            logger.warning(f"[FACT] Missing profile_session_id for user {user_id}")
+            return redirect(url_for("contacts.view_contact", session_id=session_id))
+        
+        # Send fact with proper attribution and profile reference
+        # Contact facts: producer=contact.producer_id, produced_for=user_id, reference=profile_session_id
         producer_id = contact.producer_id or user_id
         logger.info(
-            f"Saving contact fact: user_id={user_id}, contact={contact.contact_name}, "
-            f"producer={producer_id}, produced_for={user_id}, content_length={len(content)}"
+            f"[FACT] Saving contact fact: user_id={user_id}, contact={contact.contact_name}, "
+            f"producer={producer_id}, produced_for={user_id}, reference={profile_session_id}, content_length={len(content)}"
         )
         backend_api = backend_client.BackendAPIClient()
         backend_api.send_message(
             session_id=session_id,
             content=content,
+            user_id=user_id,
             mode="memorize",
-            producer=producer_id,  # Use contact's producer_id if available
-            produced_for=user_id,  # Produced for the user who owns the contact
+            producer=producer_id,
+            produced_for=user_id,
+            reference_session_ids=[profile_session_id]  # Link to profile for AI context
         )
         
         # Update last interaction timestamp
-        storage_service.update_last_interaction(session_id)
+        storage_service.update_contact_last_interaction(session_id)
+        
+        elapsed = (time.time() - start_time) * 1000
+        logger.info(f"[PERF] Fact save took {elapsed:.1f}ms (target <150ms)")
         
         # Fetch updated facts to ensure immediate visibility (T017)
-        session_data = backend_api.get_session(session_id)
+        session_data = backend_api.get_session(session_id, user_id, producer_id=contact.producer_id)
         messages = session_data.get("messages", [])
         facts = [m for m in messages if m.get("mode") == "memorize"]
         chat_messages = [m for m in messages if m.get("mode") == "chat"]
@@ -486,7 +546,7 @@ def add_fact(session_id: str):
         flash(str(e), "danger")
         # Preserve input on error (T016)
         backend_api = backend_client.BackendAPIClient()
-        session_data = backend_api.get_session(session_id)
+        session_data = backend_api.get_session(session_id, user_id, producer_id=contact.producer_id)
         messages = session_data.get("messages", [])
         facts = [m for m in messages if m.get("mode") == "memorize"]
         chat_messages = [m for m in messages if m.get("mode") == "chat"]
@@ -504,7 +564,7 @@ def add_fact(session_id: str):
         # Preserve input on error (T016)
         backend_api = backend_client.BackendAPIClient()
         try:
-            session_data = backend_api.get_session(session_id)
+            session_data = backend_api.get_session(session_id, user_id, producer_id=contact.producer_id)
             messages = session_data.get("messages", [])
             facts = [m for m in messages if m.get("mode") == "memorize"]
             chat_messages = [m for m in messages if m.get("mode") == "chat"]

src/routes/profile.py

@@ -35,7 +35,7 @@ def view_profile():
             return redirect(url_for("auth.logout"))
 
         # Get profile facts from backend (mode="memorize")
-        facts = backend_client.get_messages(user_profile.session_id, mode="memorize")
+        facts = backend_client.get_messages(user_profile.session_id, user_id, mode="memorize")
 
         return render_template(
             "profile/view.html",
@@ -83,13 +83,14 @@ def add_fact():
         backend_client.send_message(
             session_id=user_profile.session_id,
             content=fact_content,
+            user_id=user_id,
             mode="memorize",
             producer=user_id,           # User is the producer
             produced_for="prepmate",    # Produced for the prepmate system
         )
 
         # Fetch updated facts to ensure immediate visibility (T010)
-        facts = backend_client.get_messages(user_profile.session_id, mode="memorize")
+        facts = backend_client.get_messages(user_profile.session_id, user_id, mode="memorize")
 
         flash("Fact added successfully.", "success")
         logger.info(f"Profile fact saved successfully for user {user_id}")
@@ -105,7 +106,7 @@ def add_fact():
         flash(f"Error adding fact: {str(e)}", "error")
         # Preserve input on error by passing it to template
         user_profile = get_user_profile(user_id)
-        facts = backend_client.get_messages(user_profile.session_id, mode="memorize") if user_profile else []
+        facts = backend_client.get_messages(user_profile.session_id, user_id, mode="memorize") if user_profile else []
         return render_template(
             "profile/view.html",
             user_profile=user_profile,

src/services/backend_client.py

@@ -9,6 +9,7 @@ from typing import Any, Dict, List, Optional
 
 import requests
 from opentelemetry import trace
+from opentelemetry.trace import Status, StatusCode
 from opentelemetry.trace.propagation.tracecontext import TraceContextTextMapPropagator
 
 from ..models import Message
@@ -28,15 +29,20 @@ class BackendAPIClient:
         self.timeout = int(os.getenv("BACKEND_API_TIMEOUT", "5"))
         self.bearer_token = os.getenv("API_BEARER_TOKEN", "")
 
-    def _get_headers(self) -> Dict[str, str]:
+    def _get_headers(self, user_id: str = None) -> Dict[str, str]:
         """
-        Get HTTP headers including Authorization bearer token and trace context.
+        Get HTTP headers including Authorization bearer token, user ID, and trace context.
+        
+        Args:
+            user_id: Optional user ID to include in X-User-ID header
         
         Automatically injects OpenTelemetry trace context from current span.
         """
         headers = {"Content-Type": "application/json"}
         if self.bearer_token:
             headers["Authorization"] = f"Bearer {self.bearer_token}"
+        if user_id:
+            headers["X-User-ID"] = user_id
         
         # Inject trace context into headers automatically (only if tracing enabled)
         try:
@@ -64,12 +70,14 @@ class BackendAPIClient:
             # Not in Flask request context - ignore
             pass
 
-    def get_session(self, session_id: str) -> Dict[str, Any]:
+    def get_session(self, session_id: str, user_id: str, producer_id: str = None) -> Dict[str, Any]:
         """
         Get full session including all messages (facts + chat messages).
 
         Args:
             session_id: Profile or contact session ID
+            user_id: User ID (required for API authentication)
+            producer_id: Optional producer ID for contact sessions (e.g., "testuser_jane_1")
 
         Returns:
             Session dict with messages array
@@ -78,6 +86,11 @@ class BackendAPIClient:
             BackendAPIError: If API request fails
         """
         url = f"{self.base_url}/sessions/{session_id}"
+        
+        # Add producer_id query parameter if provided
+        params = {}
+        if producer_id:
+            params["producer_id"] = producer_id
 
         # Create span for backend call
         tracer = trace.get_tracer(__name__)
@@ -85,10 +98,13 @@ class BackendAPIClient:
             span.set_attribute("http.method", "GET")
             span.set_attribute("http.url", url)
             span.set_attribute("session_id", session_id)
+            span.set_attribute("user_id", user_id)
+            if producer_id:
+                span.set_attribute("producer_id", producer_id)
 
             start_time = time.time()
             try:
-                response = requests.get(url, headers=self._get_headers(), timeout=self.timeout)
+                response = requests.get(url, params=params, headers=self._get_headers(user_id), timeout=self.timeout)
                 response.raise_for_status()
                 
                 span.set_attribute("http.status_code", response.status_code)
@@ -108,6 +124,7 @@ class BackendAPIClient:
         self,
         session_id: str,
         content: str,
+        user_id: str,
         mode: str = "chat",
         sender: Optional[str] = "user",
         reference_session_ids: Optional[List[str]] = None,
@@ -120,6 +137,7 @@ class BackendAPIClient:
         Args:
             session_id: Profile or contact session ID
             content: Message or fact content
+            user_id: User ID (required for API authentication)
             mode: 'chat' for messages, 'memorize' for facts
             sender: 'user' or 'assistant' (only for mode='chat')
             reference_session_ids: Optional list of session IDs to use as context (e.g., user's profile session)
@@ -133,6 +151,11 @@ class BackendAPIClient:
             BackendAPIError: If API request fails
         """
         url = f"{self.base_url}/sessions/{session_id}/messages"
+        
+        # Add reference_id as query parameter if provided
+        params = {}
+        if reference_session_ids and len(reference_session_ids) > 0:
+            params["reference_id"] = reference_session_ids[0]
 
         payload = {"mode": mode, "message": content, "save_to_memory": True}
 
@@ -140,7 +163,7 @@ class BackendAPIClient:
         if mode == "chat" and sender:
             payload["sender"] = sender
         
-        # Add reference session IDs if provided
+        # Add reference session IDs if provided (also in body for backward compatibility)
         if reference_session_ids:
             payload["reference_session_ids"] = reference_session_ids
         
@@ -158,11 +181,22 @@ class BackendAPIClient:
             span.set_attribute("http.method", "POST")
             span.set_attribute("http.url", url)
             span.set_attribute("session_id", session_id)
+            span.set_attribute("user_id", user_id)
             span.set_attribute("mode", mode)
             span.set_attribute("content_length", len(content))
             
+            # Add reference_id to trace if provided (profile session for contact messages)
+            if reference_session_ids and len(reference_session_ids) > 0:
+                span.set_attribute("reference_id", reference_session_ids[0])
+            
+            # Add producer and produced_for to span for memory attribution tracking
+            if producer:
+                span.set_attribute("producer", producer)
+            if produced_for:
+                span.set_attribute("produced_for", produced_for)
+            
             try:
-                response = requests.post(url, json=payload, headers=self._get_headers(), timeout=self.timeout)
+                response = requests.post(url, params=params, json=payload, headers=self._get_headers(user_id), timeout=self.timeout)
                 response.raise_for_status()
                 span.set_attribute("http.status_code", response.status_code)
                 return response.json()
@@ -227,6 +261,63 @@ class BackendAPIClient:
             finally:
                 self._track_latency(start_time)
 
+    def delete_session(self, session_id: str, user_id: str) -> bool:
+        """
+        Delete a session (rollback mechanism for two-phase commit).
+        
+        Feature: 001-contact-session-fixes
+        
+        Args:
+            session_id: Session ID to delete
+            user_id: User ID who owns the session
+            
+        Returns:
+            True if deleted or already gone (204/404), False on error
+            
+        Raises:
+            BackendAPIError: If API request fails with non-recoverable error
+        """
+        url = f"{self.base_url}/sessions/{session_id}"
+        
+        # Create span for backend call with OpenTelemetry
+        tracer = trace.get_tracer(__name__)
+        start_time = time.time()
+        
+        # Add user_id header required by API
+        headers = self._get_headers()
+        headers["X-User-ID"] = user_id
+        
+        with tracer.start_as_current_span("backend.delete_session") as span:
+            span.set_attribute("http.method", "DELETE")
+            span.set_attribute("http.url", url)
+            span.set_attribute("session_id", session_id)
+            span.set_attribute("user_id", user_id)
+            
+            try:
+                response = requests.delete(url, headers=headers, timeout=self.timeout)
+                
+                # 204 = successfully deleted, 404 = already gone (both acceptable for rollback)
+                if response.status_code in (204, 404):
+                    span.set_attribute("http.status_code", response.status_code)
+                    span.set_attribute("rollback_success", True)
+                    return True
+                else:
+                    span.set_attribute("http.status_code", response.status_code)
+                    span.set_attribute("rollback_success", False)
+                    span.add_event("unexpected_status", {"status_code": response.status_code})
+                    return False
+
+            except requests.exceptions.Timeout:
+                span.set_attribute("error", True)
+                span.add_event("timeout", {"timeout": self.timeout})
+                raise BackendAPIError(f"Delete session timed out after {self.timeout}s")
+            except requests.exceptions.RequestException as e:
+                span.set_attribute("error", True)
+                span.add_event("error", {"message": str(e)})
+                raise BackendAPIError(f"Failed to delete session: {str(e)}")
+            finally:
+                self._track_latency(start_time)
+
     def list_sessions(self, user_id: str) -> List[Dict[str, Any]]:
         """
         List all sessions for a user.
@@ -253,7 +344,7 @@ class BackendAPIClient:
             span.set_attribute("user_id", user_id)
             
             try:
-                response = requests.get(url, params=params, headers=self._get_headers(), timeout=self.timeout)
+                response = requests.get(url, params=params, headers=self._get_headers(user_id), timeout=self.timeout)
                 response.raise_for_status()
                 span.set_attribute("http.status_code", response.status_code)
                 return response.json()
@@ -270,13 +361,14 @@ class BackendAPIClient:
                 self._track_latency(start_time)
 
     def get_messages(
-        self, session_id: str, mode: Optional[str] = None
+        self, session_id: str, user_id: str, mode: Optional[str] = None
     ) -> List[Message]:
         """
         Get messages from a session, optionally filtered by mode.
 
         Args:
             session_id: Session ID
+            user_id: User ID (required for API authentication)
             mode: Optional filter - 'chat' or 'memorize'
 
         Returns:
@@ -285,7 +377,7 @@ class BackendAPIClient:
         Raises:
             BackendAPIError: If API request fails
         """
-        session = self.get_session(session_id)
+        session = self.get_session(session_id, user_id)
         messages_data = session.get("messages", [])
 
         messages = []

src/services/storage_service.py

@@ -429,6 +429,11 @@ def list_contact_sessions(
         rows = cursor.fetchall()
         conn.close()
         
+        # Helper function to safely access optional columns
+        def safe_row_access(row, key):
+            """Safely access optional column, returns None if not present."""
+            return row[key] if key in row.keys() else None
+        
         contacts = [
             ContactSession(
                 session_id=row["session_id"],
@@ -438,9 +443,9 @@ def list_contact_sessions(
                 is_reference=bool(row["is_reference"]),
                 created_at=datetime.fromisoformat(row["created_at"]),
                 last_interaction=datetime.fromisoformat(row["last_interaction"]),
-                normalized_name=row.get("normalized_name"),
-                sequence_number=row.get("sequence_number"),
-                producer_id=row.get("producer_id"),
+                normalized_name=safe_row_access(row, "normalized_name"),
+                sequence_number=safe_row_access(row, "sequence_number"),
+                producer_id=safe_row_access(row, "producer_id"),
             )
             for row in rows
         ]
@@ -472,6 +477,9 @@ def get_contact_session(session_id: str) -> Optional[ContactSession]:
     if not row:
         return None
 
+    # Get column names to safely access optional fields
+    columns = row.keys()
+    
     return ContactSession(
         session_id=row["session_id"],
         user_id=row["user_id"],
@@ -480,9 +488,9 @@ def get_contact_session(session_id: str) -> Optional[ContactSession]:
         is_reference=bool(row["is_reference"]),
         created_at=datetime.fromisoformat(row["created_at"]),
         last_interaction=datetime.fromisoformat(row["last_interaction"]),
-        normalized_name=row.get("normalized_name"),
-        sequence_number=row.get("sequence_number"),
-        producer_id=row.get("producer_id"),
+        normalized_name=row["normalized_name"] if "normalized_name" in columns else None,
+        sequence_number=row["sequence_number"] if "sequence_number" in columns else None,
+        producer_id=row["producer_id"] if "producer_id" in columns else None,
     )
 
 
@@ -560,6 +568,41 @@ def update_contact_session(
     )
 
 
+def update_contact_last_interaction(session_id: str) -> None:
+    """
+    Update last_interaction timestamp for a contact session.
+    
+    Feature: 001-contact-session-fixes
+    
+    Called after adding facts or sending messages to keep the contact
+    sorted by most recent activity in the contact list.
+    
+    Args:
+        session_id: Contact session ID
+        
+    Raises:
+        NotFoundError: If session_id doesn't exist
+    """
+    conn = get_db_connection()
+    cursor = conn.cursor()
+    
+    # Check if session exists
+    cursor.execute("SELECT * FROM contact_sessions WHERE session_id = ?", (session_id,))
+    existing = cursor.fetchone()
+    if not existing:
+        conn.close()
+        raise NotFoundError(f"Contact session {session_id} not found")
+    
+    # Update last_interaction to current time
+    now = datetime.now()
+    cursor.execute(
+        "UPDATE contact_sessions SET last_interaction = ? WHERE session_id = ?",
+        (now, session_id)
+    )
+    conn.commit()
+    conn.close()
+
+
 def delete_contact_session(session_id: str) -> None:
     """
     Delete a contact session from SQLite.

src/templates/contacts/view.html

@@ -2,6 +2,59 @@
 
 {% block title %}{{ contact.contact_name }} - PrepMate{% endblock %}
 
+{% block head %}
+<!-- Marked.js for Markdown rendering -->
+<script src="https://cdn.jsdelivr.net/npm/[email protected]/marked.min.js"></script>
+<style>
+/* Markdown styling for assistant messages */
+.markdown-content {
+    line-height: 1.6;
+}
+.markdown-content p {
+    margin-bottom: 0.75rem;
+}
+.markdown-content p:last-child {
+    margin-bottom: 0;
+}
+.markdown-content ul, .markdown-content ol {
+    margin-bottom: 0.75rem;
+    padding-left: 1.5rem;
+}
+.markdown-content code {
+    background-color: rgba(0,0,0,0.05);
+    padding: 0.2rem 0.4rem;
+    border-radius: 0.25rem;
+    font-size: 0.9em;
+}
+.markdown-content pre {
+    background-color: rgba(0,0,0,0.05);
+    padding: 0.75rem;
+    border-radius: 0.25rem;
+    overflow-x: auto;
+    margin-bottom: 0.75rem;
+}
+.markdown-content pre code {
+    background-color: transparent;
+    padding: 0;
+}
+.markdown-content blockquote {
+    border-left: 3px solid #dee2e6;
+    padding-left: 1rem;
+    margin-left: 0;
+    color: #6c757d;
+}
+.markdown-content h1, .markdown-content h2, .markdown-content h3,
+.markdown-content h4, .markdown-content h5, .markdown-content h6 {
+    margin-top: 1rem;
+    margin-bottom: 0.5rem;
+    font-weight: 600;
+}
+.markdown-content h1 { font-size: 1.5rem; }
+.markdown-content h2 { font-size: 1.3rem; }
+.markdown-content h3 { font-size: 1.1rem; }
+</style>
+{% endblock %}
+
 {% block content %}
 <div class="container mt-4">
     <!-- Back Button and Header -->
@@ -108,7 +161,7 @@
                                     <!-- Assistant Message (AI response) - Right aligned, gray background -->
                                     <div class="d-flex justify-content-end">
                                         <div class="bg-light border p-3 rounded" style="max-width: 75%;">
-                                            <p class="mb-1 text-dark">{{ message.get('content', message.get('message', '')) }}</p>
+                                            <div class="markdown-content text-dark" data-markdown-content>{{ message.get('content', message.get('message', '')) }}</div>
                                             <small class="text-muted">
                                                 <i class="bi bi-cpu"></i> AI · {{ message.get('created_at', '') }}
                                             </small>
@@ -128,9 +181,13 @@
                         </div>
                         {% endfor %}
                     {% else %}
-                    <div class="empty-state h-100 d-flex flex-column justify-content-center align-items-center">
-                        <i class="bi bi-chat-left-quote" style="font-size: 3rem; color: #6c757d;"></i>
-                        <p class="mt-3 text-muted">No messages yet. Add facts or ask questions to start!</p>
+                    <!-- Feature: 001-contact-session-fixes - Empty state placeholder -->
+                    <div class="h-100 d-flex flex-column justify-content-center align-items-center p-4">
+                        <div class="alert alert-info" role="status" style="max-width: 500px;">
+                            <i class="bi bi-info-circle me-2"></i>
+                            <strong>No facts or messages yet.</strong>
+                            <p class="mb-0 mt-2 small">Add your first fact about {{ contact.contact_name }} using the "Add Fact" button below, or ask a question to start a conversation.</p>
+                        </div>
                     </div>
                     {% endif %}
                 </div>
@@ -335,6 +392,16 @@ if (editContactForm) {
     });
 }
 
+// Render Markdown in assistant messages
+document.addEventListener('DOMContentLoaded', function() {
+    const markdownElements = document.querySelectorAll('[data-markdown-content]');
+    markdownElements.forEach(function(element) {
+        const rawContent = element.textContent;
+        const renderedMarkdown = marked.parse(rawContent);
+        element.innerHTML = renderedMarkdown;
+    });
+});
+
 // Chat functionality
 const messageHistory = document.getElementById('messageHistory');
 const messageContent = document.getElementById('messageContent');