Implement Secure Chat Subsystem with Group Messaging and Unified UI#174
Merged
Implement Secure Chat Subsystem with Group Messaging and Unified UI#174
Conversation
Add comprehensive authentication audit logging functionality. - Add `AuthAuditLogResponse` Pydantic schema in backend. - Implement `/api/v1/admin/system/audit-logs` endpoint with filtering and pagination. - Add "Auth Audit Logs" page (`/admin/audit-logs`) to the Admin Dashboard. - Enhance UI with Ant Design components (`Table`, `Tag`, filters). - Add tests for the new audit log endpoint. - Update Admin dashboard navigation to include the new page.
This commit unifies the Admin Dashboard layout, standardizing container widths for better responsiveness and high-density data display. It also fixes a critical IP detection issue in the backend and adds a new Audit Logs feature.
**Frontend:**
- **Layout Standardization:** Updated all 20+ Admin pages to use a consistent `max-w-[95vw] xl:max-w-[1600px]` container, maximizing screen real estate on large monitors.
- **Admin Audit Logs:** Added a new `AdminAuditLogs` page using Ant Design components for high-density log viewing, including advanced filtering and "noisy event" suppression.
- **UI Polish:** Consistent padding (`p-4 sm:p-6`) and table scrolling (`scroll={{ x: 'max-content' }}`) across admin tables.
**Backend:**
- **IP Detection Fix:** Refactored `get_client_ip` in `utils.py` to securely parse `X-Forwarded-For` from right-to-left and prioritize `Fly-Client-IP` correctly, preventing internal IP masking and potential spoofing.
- **Tests:** Added comprehensive unit tests for IP utility functions covering edge cases and spoofing scenarios.
- **Startup:** Updated `uvicorn` startup command to include `--proxy-headers` for correct ASGI header processing.
**Infrastructure:**
- **Nginx:** Updated `prod.conf` to trust IPv6 ranges (`::/0`) for real IP resolution and explicitly forward `Fly-Client-IP` headers to the backend.
**Documentation:**
- Updated project standards and skills to reflect the new Admin UI layout guidelines and secure IP handling practices.
Implement the foundation for the in-app chat subsystem (Phase 1) by adding the database models and the Server-Side Envelope Encryption logic. - Add UserChatRoom, UserChatRoomMember, and UserChatMessage models. - Create encryption_service.py using Fernet to secure message content at rest. - Introduce an LRU cache for Room DEKs to prevent excessive CPU usage during symmetric decryption. - Include unit tests to verify encryption, caching, and error handling. - Add the technical implementation plan document outlining the optimized polling and SQS-based architecture.
Implement the core backend API for the user chat subsystem (Phase 2), including room creation, message sending, editing, and listing. - Create `user_chat` router with endpoints for DMs and group chats. - Define Pydantic schemas for request validation and response models. - Integrate AWS SQS to push lightweight notification events for new messages, offloading heavy processing from the API. - Add comprehensive tests for room creation and message handling using the isolated MySQL test suite. - Update `main.py` to lazy load the new router.
Implement Phase 3 of the chat subsystem, focusing on optimized
message fetching and read receipts.
- Add `GET /api/v1/user-chat/rooms/{room_id}/messages` endpoint
with `after_updated_at` cursor support for efficient polling.
- Implement 304 Not Modified short-circuit using the room's
`last_activity_at` timestamp to bypass heavy database queries
when no new messages exist.
- Enforce restricted history access by ensuring users only receive
messages created after their `joined_at` timestamp.
- Add `PUT /api/v1/user-chat/rooms/{room_id}/read` endpoint to
update the user's `last_read_at` timestamp for unread counts.
- Add integration tests for the short-circuit logic and read markers.
Add Phase 1.5 of the chat subsystem to prevent spam by requiring mutual consent before messaging is allowed. - Create `UserFriendship` SQLAlchemy model with unique pair constraint. - Add Alembic migration `0069_add_user_friendships`. - Create `/api/v1/user-friendships` router with endpoints to send, accept, reject, and list friendship requests. - Update `/api/v1/user-chat/rooms` to strictly enforce that rooms can only be created between users with an `ACCEPTED` friendship status. - Update `main.py` to lazy load the new user friendships router. - Update the technical design document to reflect the friendship system and clarify the SQS offline notification logic.
Add full frontend and backend integration for the new user-to-user chat and buddy request subsystem. - Create Buddies page and components to manage friendship requests. - Add Messages interface with ChatInbox and ChatRoom components. - Integrate buddy and chat actions into the UserProfile page. - Implement global unread chat badge in navigation bars using a new highly efficient `/unread-count` backend endpoint. - Add system notifications for incoming and accepted buddy requests. - Add "System & Social" category to user notification preferences. - Introduce a dedicated ChatbotIcon for the AI Assistant to distinguish it from the new user messaging features.
…vbar Dropdowns Backend: - Add room renaming and leave endpoints in user_chat router. - Optimize room listing by removing decryption; focus on activity timestamps. - Implement dive site thumbnail retrieval and YouTube preview logic. - Fix IP utility to correctly return leftmost IP for internal chains. - Consolidate chat tests into backend/tests/test_user_chat_api.py. Frontend: - Create ChatDropdown and refactor NotificationBell for unified Navbar UI. - Update ChatInbox and ChatDropdown to show last activity and unread counts. - Create NewChatModal for multi-buddy conversation creation. - Create RoomSettings panel for participant viewing and management. - Create LinkPreview component for automatic dive site link previews. - Support @username mentions and link previews in MessageBubble. - Update Messages page with responsive sidebars and deep-linking support.
kargig
force-pushed
the
feature/chat_system
branch
from
32f192a to
e32724e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This pull request implements a comprehensive, secure in-app chat subsystem for Divemap. It supports 1-on-1 Direct Messages and Group Chats, utilizing Server-Side Envelope Encryption to protect message content at rest. The system features a modern, notification-style Navbar dropdown for real-time activity tracking, rich link previews for internal resources, and a robust buddy (friendship) system to prevent spam.
Changes Made
Backend
UserChatRoom,UserChatRoomMember,UserChatMessage, andUserFriendshipmodels with Alembic migrations (0068, 0069).encryption_service.pywith Fernet-based message encryption and an LRU cache for decrypted DEKs to optimize polling performance.after_updated_at) with304 Not Modifiedshort-circuiting for efficient synchronization.Frontend
ChatDropdown.js) for at-a-glance activity tracking on Desktop and Mobile.Messages.jsandChatRoom.jsinto a responsive dual-pane layout.NewChatModal.jsfor multi-buddy conversation creation.RoomSettings.jssidebar for participant viewing and group management.LinkPreview.jsto automatically render rich cards for internal Divemap links (e.g., dive sites) with thumbnails and ratings.@usernamesyntax highlighting in message bubbles.NotificationBell.jsto share the same modern aesthetic as the Chat dropdown.react-queryfor optimized polling and state synchronization.Testing
backend/tests/test_encryption_service.py: Verified encryption/decryption integrity and key wrapping.backend/tests/test_user_chat_api.py: Comprehensive integration tests for room creation, messaging, polling, 304 logic, and group management.ChatInbox,ChatRoom, and the new Navbar dropdowns.Additional Notes
CHAT_MASTER_KEYto be set in the production environment variables.