Commit graph

40 commits

Author SHA1 Message Date
Patrick Britton bacffc759c feat: proxy OG images to R2 to fix CORS on Flutter Web
- Added S3 client, mediaBucket, imgDomain fields to LinkPreviewService
- Added ProxyImageToR2 method: downloads external OG image, uploads to R2
  with deterministic key (og/<sha256>.ext), replaces ImageURL with R2 path
- Called ProxyImageToR2 in post_handler.go (both sync and async paths)
- Refactored OfficialAccountsService to use shared LinkPreviewService
  instead of creating inline instances
- Reordered main.go init: S3 client setup before LinkPreviewService
2026-02-09 19:34:45 -06:00
Patrick Britton ceeb80df03 feat: admin profile editing and follower/following management for official accounts 2026-02-09 09:37:44 -06:00
Patrick Britton 43199e52bc refactor: remove hardcoded safe domain lists, fetch from backend API instead 2026-02-08 13:57:38 -06:00
Patrick Britton 8b4198e6f0 feat: safe domains management - admin UI, CRUD endpoints, URL safety checker, seeded domains 2026-02-08 13:47:08 -06:00
Patrick Britton e9e140df5e feat: link preview system - OG tag fetching, safe URL validation, full-width thumbnail card 2026-02-08 13:27:13 -06:00
Patrick Britton 2acf76eab2 fix: move official-profiles route to avoid Gin wildcard conflict 2026-02-08 11:49:00 -06:00
Patrick Britton 3d371e965e feat: add ListOfficialProfiles endpoint + profiles grid in admin UI 2026-02-08 11:39:27 -06:00
Patrick Britton 2dae622dea feat: official accounts management - AI post generation, RSS news import (NPR/AP/BMTN), scheduled auto-posting, admin UI 2026-02-08 11:30:44 -06:00
Patrick Britton 6621e323e6 feat: admin create user + import content (posts/quips/beacons) endpoints 2026-02-08 09:43:55 -06:00
Patrick Britton 1f0461b4f4 feat: AI moderation audit log with admin feedback for training - DB migration, service methods, admin endpoints 2026-02-07 16:35:50 -06:00
Patrick Britton ecc02e10cc feat: implement account deactivation, deletion (14-day), and immediate destroy with email confirmation 2026-02-07 11:13:11 -06:00
Patrick Britton 256592379a NSFW content system: blur overlay, user toggle, AI tri-state (clean/nsfw/flag), feed filtering 2026-02-06 20:42:23 -06:00
Patrick Britton 7c52a1a1ed AI moderation config: OpenRouter integration, admin console page, 10s quip limit 2026-02-06 19:48:36 -06:00
Patrick Britton 2fb413c8d2 Admin console: reserved usernames management + claim request review system 2026-02-06 17:13:15 -06:00
Patrick Britton 2ad148f607 Refactor SendPulse into shared service, wire app registration to Sojorn Members list (book 568122) 2026-02-06 15:33:58 -06:00
Patrick Britton 90ff6e223b Wire SendPulse newsletter signup into waitlist endpoint, add subscriber to address book 568090 2026-02-06 14:45:51 -06:00
Patrick Britton b91e42d005 Add coming soon landing page with waitlist signup, add waitlist API endpoint 2026-02-06 14:40:37 -06:00
Patrick Britton 7e721aea21 Admin moderation: ban emails, post removal emails with strikes, appeal flow 2026-02-06 12:14:13 -06:00
Patrick Britton f4701b0d24 Ban enforcement: immediate session kill, IP logging, login/register/middleware checks 2026-02-06 12:09:02 -06:00
Patrick Britton f6c4bb88e0 Add layered content moderation: hard blocklist + strike system + client-side filter 2026-02-06 11:46:30 -06:00
Patrick Britton ec5a0aad8b Fix posts query (like/comment counts), add multi-select with bulk actions to all list pages 2026-02-06 11:06:54 -06:00
Patrick Britton 29772fa1e4 Add R2 storage browser to admin panel 2026-02-06 10:13:35 -06:00
Patrick Britton 14d8ca9ac0 Add invisible Turnstile verification to admin login 2026-02-06 09:40:43 -06:00
Patrick Britton e3d626c040 Add admin login endpoint (no Turnstile), use port 3002 2026-02-06 09:33:52 -06:00
Patrick Britton 896fd51dbc Fix: remove legacy admin appeal routes that conflict with new admin group 2026-02-06 09:29:27 -06:00
Patrick Britton 96616bd81f Add admin panel: backend middleware, handler, routes + Next.js frontend 2026-02-06 09:15:57 -06:00
Patrick Britton 0954c1e2a3 feat: add Turnstile to login, improve email templates, and security cleanup
- Add Cloudflare Turnstile verification to login flow
- Add API_BASE_URL and APP_BASE_URL to config for environment flexibility
- Redesign verification and password reset emails with modern HTML templates
- Use config URLs instead of hardcoded domains in auth handlers
- Remove sensitive logging from OTK operations for security
- Delete unused deployment and draft inspection scripts
- Add TURNSTILE_SITE_KEY to Flutter run
2026-02-06 08:51:34 -06:00
Patrick Britton c6aa867b0c feat: implement comprehensive user appeal system
- Add database schema for violations, appeals, and ban management
- Create violation tiers (hard vs soft violations)
- Implement automatic violation detection and user ban logic
- Add appeal service with monthly limits and deadlines
- Create appeal handler for user and admin interfaces
- Add API routes for violation management and appeals
- Update moderation service to auto-create violations
- Support evidence uploads and appeal context
- Track violation history and patterns for ban decisions

This creates a complete user-facing appeal system where:
- Hard violations (hate speech, slurs) = no appeal
- Soft violations (gray areas) = appealable with limits
- Too many violations = automatic ban
- Users can track violation history in settings
- Admins can review appeals in Directus
2026-02-05 07:55:45 -06:00
Patrick Britton 9726cb2ad4 feat: implement comprehensive AI moderation for all content types
- Add AI moderation to comments (was missing protection)
- Enhance post moderation to analyze images, videos, thumbnails
- Add FlagComment method for comment flagging
- Extract media URLs for comprehensive content analysis
- Update moderation config and models
- Add OpenAI and Google Vision API integration
- Fix database connection to use localhost

This ensures all text, image, and video content is protected by AI moderation.
2026-02-05 07:47:37 -06:00
Patrick Britton 61165000a9 Implement social graph, circle privacy, and data export system
Backend Infrastructure:
- Add circle_members table and is_in_circle() SQL function
- Implement GetFollowers/GetFollowing with pagination and trust scores
- Add complete circle management (add/remove/list members)
- Create comprehensive data export for GDPR compliance

API Endpoints:
- GET /users/:id/followers - List user's followers
- GET /users/:id/following - List users they follow
- POST /users/circle/:id - Add to close friends circle
- DELETE /users/circle/:id - Remove from circle
- GET /users/circle/members - List circle members
- GET /users/me/export - Export all user data as JSON

Note: Circle visibility enforcement in feed queries needs manual completion in post_repository.go GetFeed(), GetPostsByAuthor(), and GetPostByID() methods.
2026-02-04 16:19:05 -06:00
Patrick Britton 72ae644758 feat: notification system refinements and api route fixes 2026-02-04 10:51:01 -06:00
Patrick Britton 002f960142 Update terminology, fix search feed, and deploy updates 2026-02-03 21:44:08 -06:00
Patrick Britton 403f522a0b fix(cors): allow X-Signature headers for valid web requests 2026-02-03 18:09:50 -06:00
Patrick Britton 78f43494a2 Update saved posts route and handler 2026-02-03 16:52:40 -06:00
Patrick Britton 3b91a48c06 Remove geographic blocking middleware - will implement later 2026-02-01 12:38:04 -06:00
Patrick Britton e436ab40bb Replace complex GeoIP middleware with simple IP-based blocking
- Remove dependency on external GeoIP database
- Block known problematic regions (China, Russia, India, Brazil) by IP ranges
- Block common hosting providers and datacenter IPs used by bots
- Simple, no-setup solution that works immediately
2026-02-01 12:37:39 -06:00
Patrick Britton 5782563236 Add GeoIP middleware to block requests from outside North America
- Add GeoIP middleware that checks country codes
- Block all countries except US, CA, MX, and Central American countries
- Add setup script for GeoIP database
- Gracefully handle missing database (logs warning but continues)
2026-02-01 12:34:26 -06:00
Patrick Britton b76154be3a Fix UUID casting issues in post, notification, and category repositories
- Replace NULLIF with CASE WHEN for proper UUID casting
- Fix missing ::uuid casting in WHERE clauses
- Resolve 'operator does not exist: uuid = text' errors
- Focus on post_repository.go, notification_repository.go, and category_repository.go
2026-01-31 13:55:59 -06:00
Patrick Britton 38653f5854 Sojorn Backend Finalization & Cleanup - Complete Migration from Supabase
##  Phase 1: Critical Feature Completion (Beacon Voting)
- Add VouchBeacon, ReportBeacon, RemoveBeaconVote methods to PostRepository
- Implement beacon voting HTTP handlers with confidence score calculations
- Register new beacon routes: /beacons/:id/vouch, /beacons/:id/report, /beacons/:id/vouch (DELETE)
- Auto-flag beacons at 5+ reports, confidence scoring (0.5 base + 0.1 per vouch)

##  Phase 2: Feed Logic & Post Distribution Integrity
- Verify unified feed logic supports all content types (Standard, Quips, Beacons)
- Ensure proper distribution: Profile Feed + Main/Home Feed for followers
- Beacon Map integration for location-based content
- Video content filtering for Quips feed

##  Phase 3: The Notification System
- Create comprehensive NotificationService with FCM integration
- Add CreateNotification method to NotificationRepository
- Implement smart deep linking: beacon_map, quip_feed, main_feed
- Trigger notifications for beacon interactions and cross-post comments
- Push notification logic with proper content type detection

##  Phase 4: The Great Supabase Purge
- Delete function_proxy.go and remove /functions/:name route
- Remove SupabaseURL, SupabaseKey from config.go
- Remove SupabaseID field from User model
- Clean all Supabase imports and dependencies
- Sanitize codebase of legacy Supabase references

##  Phase 5: Flutter Frontend Integration
- Implement vouchBeacon(), reportBeacon(), removeBeaconVote() in ApiService
- Replace TODO delay in video_comments_sheet.dart with actual publishComment call
- Fix compilation errors (named parameters, orphaned child properties)
- Complete frontend integration with Go API endpoints

##  Additional Improvements
- Fix compilation errors in threaded_comment_widget.dart (orphaned child property)
- Update video_comments_sheet.dart to use proper named parameters
- Comprehensive error handling and validation
- Production-ready notification system with deep linking

##  Migration Status: 100% Complete
- Backend: Fully migrated from Supabase to custom Go/Gin API
- Frontend: Integrated with new Go endpoints
- Notifications: Complete FCM integration with smart routing
- Database: Clean of all Supabase dependencies
- Features: All functionality preserved and enhanced

Ready for VPS deployment and production testing!
2026-01-30 09:24:31 -06:00
Patrick Britton 3c4680bdd7 Initial commit: Complete threaded conversation system with inline replies
**Major Features Added:**
- **Inline Reply System**: Replace compose screen with inline reply boxes
- **Thread Navigation**: Parent/child navigation with jump functionality
- **Chain Flow UI**: Reply counts, expand/collapse animations, visual hierarchy
- **Enhanced Animations**: Smooth transitions, hover effects, micro-interactions

 **Frontend Changes:**
- **ThreadedCommentWidget**: Complete rewrite with animations and navigation
- **ThreadNode Model**: Added parent references and descendant counting
- **ThreadedConversationScreen**: Integrated navigation handlers
- **PostDetailScreen**: Replaced with threaded conversation view
- **ComposeScreen**: Added reply indicators and context
- **PostActions**: Fixed visibility checks for chain buttons

 **Backend Changes:**
- **API Route**: Added /posts/:id/thread endpoint
- **Post Repository**: Include allow_chain and visibility fields in feed
- **Thread Handler**: Support for fetching post chains

 **UI/UX Improvements:**
- **Reply Context**: Clear indication when replying to specific posts
- **Character Counting**: 500 character limit with live counter
- **Visual Hierarchy**: Depth-based indentation and styling
- **Smooth Animations**: SizeTransition, FadeTransition, hover states
- **Chain Navigation**: Parent/child buttons with visual feedback

 **Technical Enhancements:**
- **Animation Controllers**: Proper lifecycle management
- **State Management**: Clean separation of concerns
- **Navigation Callbacks**: Reusable navigation system
- **Error Handling**: Graceful fallbacks and user feedback

This creates a Reddit-style threaded conversation experience with smooth
animations, inline replies, and intuitive navigation between posts in a chain.
2026-01-30 07:40:19 -06:00