- Add Cloudflare Turnstile verification to login flow
- Add API_BASE_URL and APP_BASE_URL to config for environment flexibility
- Redesign verification and password reset emails with modern HTML templates
- Use config URLs instead of hardcoded domains in auth handlers
- Remove sensitive logging from OTK operations for security
- Delete unused deployment and draft inspection scripts
- Add TURNSTILE_SITE_KEY to Flutter run
- Create organized migration folder structure:
- database/ - Core schema changes and migrations
- tests/ - Test scripts and verification queries
- directus/ - Directus CMS configuration scripts
- fixes/ - Database fixes and patches
- archive/ - Historical and deprecated scripts
- Move 60+ SQL files from root to appropriate folders
- Add comprehensive README with usage guidelines
- Consolidate old migrations_archive into new archive folder
- Maintain clear separation of concerns for different script types
Benefits:
- Cleaner project root directory
- Easier to find specific types of SQL scripts
- Better organization for maintenance and development
- Clear documentation for migration procedures
- Proper separation of production vs development scripts
- Change TURNSTILE_SECRET_KEY to TURNSTILE_SECRET to match server .env
- Update config loading to use correct environment variable
- Update .env.example for consistency
- Add Cloudflare Turnstile verification to registration flow
- Require terms of service and privacy policy acceptance
- Add email newsletter and contact preference options
- Update User model with email preference fields
- Create database migration for email preferences
- Add Turnstile service with Cloudflare API integration
- Update registration request structure with new required fields
- Add Turnstile secret key configuration
- Include development bypass for testing
Registration now requires:
- Turnstile token verification
- Terms of service acceptance
- Privacy policy acceptance
- Optional email newsletter/contact preferences
- Replace immediate bans with content deletion + account marking
- Hard violations: immediate content deletion, account warning/suspension
- Soft violations: content hidden pending moderation/appeal
- Add content deletion tracking and account status changes
- Implement progressive account status (active warning suspended banned)
- Track content deletions, warnings, and suspensions in violation history
- Update violation thresholds to be more lenient (3 hard = banned, 8 total = banned)
- Add content deletion reason and account status change tracking
This creates a more nuanced approach where users get multiple chances
before being banned, with clear content removal for serious violations.
- Add database schema for violations, appeals, and ban management
- Create violation tiers (hard vs soft violations)
- Implement automatic violation detection and user ban logic
- Add appeal service with monthly limits and deadlines
- Create appeal handler for user and admin interfaces
- Add API routes for violation management and appeals
- Update moderation service to auto-create violations
- Support evidence uploads and appeal context
- Track violation history and patterns for ban decisions
This creates a complete user-facing appeal system where:
- Hard violations (hate speech, slurs) = no appeal
- Soft violations (gray areas) = appealable with limits
- Too many violations = automatic ban
- Users can track violation history in settings
- Admins can review appeals in Directus
- Add AI moderation to comments (was missing protection)
- Enhance post moderation to analyze images, videos, thumbnails
- Add FlagComment method for comment flagging
- Extract media URLs for comprehensive content analysis
- Update moderation config and models
- Add OpenAI and Google Vision API integration
- Fix database connection to use localhost
This ensures all text, image, and video content is protected by AI moderation.
- Create SecureChatLoaderScreen for linking to conversations by ID
- Add /secure-chat/:id route to AppRoutes
- Update NotificationService to use AppRoutes.router for all navigation
- Fix Follow and Post navigation routes in NotificationService
- Decouple notification handling from manual Navigator pushes
Features:
- Create FollowersFollowingScreen with tabs for followers/following lists
- Make follower/following counts tappable on profile to navigate to connections
- Create comprehensive PrivacySettingsScreen with sections for:
- Account privacy (private account toggle)
- Post visibility defaults
- Interaction controls (who can message/comment)
- Discovery settings (search visibility)
- Circle (close friends) management placeholder
- Data export and blocked users
- Update ProfilePrivacySettings model with additional fields
- Connect to new backend API endpoints
Backend Infrastructure:
- Add circle_members table and is_in_circle() SQL function
- Implement GetFollowers/GetFollowing with pagination and trust scores
- Add complete circle management (add/remove/list members)
- Create comprehensive data export for GDPR compliance
API Endpoints:
- GET /users/:id/followers - List user's followers
- GET /users/:id/following - List users they follow
- POST /users/circle/:id - Add to close friends circle
- DELETE /users/circle/:id - Remove from circle
- GET /users/circle/members - List circle members
- GET /users/me/export - Export all user data as JSON
Note: Circle visibility enforcement in feed queries needs manual completion in post_repository.go GetFeed(), GetPostsByAuthor(), and GetPostByID() methods.
- Remove appreciate button functionality (redundant with reactions)
- Create SmartReactionButton that shows:
- Plus icon when no reactions exist
- Top reaction + count when reactions exist
- User's reaction + count when user has reacted
- Update ReactionPicker to show existing reactions first with counts
- Add visual indicators for selected reactions and counts
- Maintain full reaction functionality in single button
- Improve UX by consolidating reaction interactions
- Create ReactionPicker component with 24 common emoji options
- Show emoji grid in dialog with proper styling
- Update PostActions to show picker instead of default heart
- Add _showReactionPicker method with showDialog
- Update ReactionStrip onAdd callback to use picker
- Maintain full reaction functionality with user choice
- Add proper styling with borders and shadows to picker
- Add logic to sort reactions by count and take top 3
- Maintain full ReactionStrip functionality (toggle, add, tooltips)
- Only limit display to top 3 most popular reactions
- Keep all reaction state management and API calls
- Preserve visual design and interactions
- Add button still available for adding new reactions
- Remove InkWell wrapper from entire card
- Add separate InkWell for PostHeader area only
- Add separate InkWell for PostBody and PostMedia areas
- Only user name/avatar area navigates to profile
- Post content areas navigate to post detail (onTap)
- PostMenu remains separate and unaffected
- Add AppRoutes import for profile navigation
- Maintain proper visual feedback with borderRadius
- Change border color from brightNavy to navyBlue with 0.3 opacity (lighter)
- Reduce border width from 2px to 1.5px for subtler appearance
- Lighten shadow opacity from 0.18 to 0.12 for softer effect
- Reduce shadow blur from 24 to 20 and offset from 8 to 6
- Add 16px bottom margin between cards for proper spacing
- Maintain overall card design while making it more subtle
