elpatron/kapteins-daagbok
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

feat: Web Push für Logbuch-Eigner bei Crew-Sync

Browse Source 
Benachrichtigt Owner optional per VAPID/Web Push, wenn Collaborators
Änderungen synchronisieren — ohne Klartext-Inhalte, mit Opt-in in den
Einstellungen, Custom Service Worker und Deep-Link zum Logbuch.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
elpatron
2026-05-30 11:36:03 +02:00
parent 0e61bc5dad
commit 2428313a22
21 changed files with 1381 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/routes/push.ts
+139
View File
@@ -0,0 +1,139 @@
import { Router } from 'express'
import { prisma } from '../db.js'
const router = Router()
const requireUser = (req: any, res: any, next: any) => {
const userId = req.headers['x-user-id']
if (!userId) {
return res.status(401).json({ error: 'Unauthorized: X-User-Id header missing' })
}
req.userId = userId
next()
}
function isValidHttpsEndpoint(endpoint: unknown): endpoint is string {
if (typeof endpoint !== 'string' || endpoint.length > 2048) return false
try {
const url = new URL(endpoint)
return url.protocol === 'https:'
} catch {
return false
}
}
router.get('/vapid-public-key', (_req, res) => {
const publicKey = process.env.VAPID_PUBLIC_KEY
if (!publicKey) {
return res.status(503).json({ error: 'Push notifications are not configured on this server' })
}
return res.json({ publicKey })
})
router.use(requireUser)
router.get('/prefs', async (req: any, res) => {
try {
const prefs = await prisma.userNotificationPrefs.findUnique({
where: { userId: req.userId }
})
return res.json({
collaboratorChangesEnabled: prefs?.collaboratorChangesEnabled ?? false
})
} catch (error: any) {
console.error('Error reading push prefs:', error)
return res.status(500).json({ error: error.message || 'Internal server error' })
}
})
router.put('/prefs', async (req: any, res) => {
try {
const { collaboratorChangesEnabled } = req.body
if (typeof collaboratorChangesEnabled !== 'boolean') {
return res.status(400).json({ error: 'collaboratorChangesEnabled must be a boolean' })
}
const prefs = await prisma.userNotificationPrefs.upsert({
where: { userId: req.userId },
create: {
userId: req.userId,
collaboratorChangesEnabled,
updatedAt: new Date()
},
update: {
collaboratorChangesEnabled,
updatedAt: new Date()
}
})
return res.json({
collaboratorChangesEnabled: prefs.collaboratorChangesEnabled
})
} catch (error: any) {
console.error('Error updating push prefs:', error)
return res.status(500).json({ error: error.message || 'Internal server error' })
}
})
router.put('/subscription', async (req: any, res) => {
try {
const { endpoint, keys, locale, userAgent } = req.body
if (!isValidHttpsEndpoint(endpoint)) {
return res.status(400).json({ error: 'Invalid push subscription endpoint' })
}
if (!keys?.p256dh || !keys?.auth || typeof keys.p256dh !== 'string' || typeof keys.auth !== 'string') {
return res.status(400).json({ error: 'Invalid subscription keys' })
}
const normalizedLocale =
typeof locale === 'string' && (locale === 'de' || locale === 'en') ? locale : null
await prisma.pushSubscription.upsert({
where: { endpoint },
create: {
userId: req.userId,
endpoint,
p256dh: keys.p256dh,
auth: keys.auth,
locale: normalizedLocale,
userAgent: typeof userAgent === 'string' ? userAgent.slice(0, 512) : null
},
update: {
userId: req.userId,
p256dh: keys.p256dh,
auth: keys.auth,
locale: normalizedLocale,
userAgent: typeof userAgent === 'string' ? userAgent.slice(0, 512) : null,
updatedAt: new Date()
}
})
return res.json({ success: true })
} catch (error: any) {
console.error('Error saving push subscription:', error)
return res.status(500).json({ error: error.message || 'Internal server error' })
}
})
router.delete('/subscription', async (req: any, res) => {
try {
const { endpoint } = req.body
if (!isValidHttpsEndpoint(endpoint)) {
return res.status(400).json({ error: 'Invalid push subscription endpoint' })
}
await prisma.pushSubscription.deleteMany({
where: {
endpoint,
userId: req.userId
}
})
return res.json({ success: true })
} catch (error: any) {
console.error('Error deleting push subscription:', error)
return res.status(500).json({ error: error.message || 'Internal server error' })
}
})
export default router
server/src/routes/sync.ts
+34
View File
@@ -1,5 +1,6 @@
import { Router } from 'express'
import { prisma } from '../db.js'
import { notifyOwnerOfCollaboratorChanges } from '../services/pushNotify.js'
const router = Router()
@@ -24,6 +25,27 @@ router.post('/push', async (req: any, res) => {
}
const results = []
const ownerNotifications = new Map<
string,
{ ownerId: string; logbookId: string; count: number }
>()
const recordCollaboratorChange = (
ownerId: string,
logbookId: string,
isOwner: boolean,
isCollaborator: unknown,
action: string,
type: string
) => {
if (isOwner || !isCollaborator) return
if (action !== 'create' && action !== 'update') return
if (type === 'logbook') return
const key = `${ownerId}:${logbookId}`
const entry = ownerNotifications.get(key) ?? { ownerId, logbookId, count: 0 }
entry.count += 1
ownerNotifications.set(key, entry)
}
for (const item of items) {
const { action, type, payloadId, logbookId, data, updatedAt } = item
@@ -218,6 +240,14 @@ router.post('/push', async (req: any, res) => {
}
}
recordCollaboratorChange(
logbook.userId,
logbookId,
isOwner,
isCollaborator,
action,
type
)
results.push({ payloadId, status: 'success' })
} catch (err: any) {
console.error(`Error processing sync item ${payloadId}:`, err)
@@ -225,6 +255,10 @@ router.post('/push', async (req: any, res) => {
}
}
for (const { ownerId, logbookId, count } of ownerNotifications.values()) {
void notifyOwnerOfCollaboratorChanges(logbookId, ownerId, req.userId, count)
}
return res.json({ results })
} catch (error: any) {
console.error('Error during sync push:', error)