chad/ECS-FullStack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

swapped to a new db locally hosted

Browse Source
This commit is contained in:
Chad Doty
2025-10-06 00:25:29 -04:00
parent 097583ca0a
commit ca23c0ab8c
40 changed files with 2244 additions and 556 deletions
Download Patch File Download Diff File Expand all files Collapse all files

170
checklist.md
View File

@@ -1,126 +1,64 @@
# Project Checklist (tidy & current)
# Project Checklist (tidy & current)
Below are the implemented features and current status as reflected in the repository. Items marked [x] are implemented and wired; unchecked items are pending.
Below are implemented features and pending items, grouped by area.
## Backend
- [x] Basic Express server and project setup
- [x] Discord OAuth2 endpoints
- [x] API endpoints for servers, channels, roles, leave, settings
- [x] Persist encrypted data to `db.json`
## Backend
- [x] Express API: OAuth, server settings, channel/role endpoints, leave
- [x] Invite endpoints (GET/POST/DELETE) and invite-token issuance
- [x] Per-command toggles persistence and management
- [x] Config endpoints for welcome/leave and autorole
## Frontend
- [x] Login page
- [x] Dashboard page
- [x] Backend connectivity for APIs
- [x] UI components using MUI
- [x] Server-specific settings pages
- [x] Persist user data (localStorage + backend)
- [x] Logout
- [x] Responsive UI and improved styling
- [x] Theme switching (light, dark, Discord grey)
- [x] User settings menu
- [x] Commands section in Server Settings (per-command toggles)
- [x] Commands list sorted alphabetically in Server Settings
- [x] Help → renamed to 'Commands List' and moved to dedicated page
- [x] NavBar redesigned (single-hamburger, title 'ECS - EHDCHADSWORTH')
- [x] Invite button on dashboard and server cards (with pre-invite check)
- [x] Invite button on dashboard (single action below the server title) and server cards (with pre-invite check)
- [x] Invite management UI in Server Settings (create/list/delete invites)
## Frontend
- [x] Login, Dashboard, Server Settings pages
- Login redirects to Dashboard after OAuth and user/guilds are persisted in localStorage
- Dashboard is protected: user must be logged in to view (redirects to login otherwise)
- [x] MUI components, responsive layout, mobile fixes
- [x] Theme switching (persist local) and user settings UI
- [x] Invite UI: create form, list, copy, delete with confirmation
- [x] Commands UI (per-command toggles)
- [x] Live Notifications UI (per-server toggle & config)
- Live Notifications accessible from server page via dropdown and dialog
- Dashboard: channel dropdown and watched-user list added
## Invite Management (implemented)
- [x] Backend endpoints: GET/POST/DELETE `/api/servers/:guildId/invites`
- [x] Backend endpoints: GET/POST/DELETE `/api/servers/:guildId/invites` (supports optional `INVITE_API_KEY` or short-lived invite tokens via `/api/servers/:guildId/invite-token`)
- [x] Frontend: invite creation form (channel optional, expiry, max uses, temporary), labels added, mobile-friendly layout
- [x] Frontend: invite list with Copy and Delete actions and metadata
- [x] Frontend: invite list with Copy and Delete actions and metadata (copy/delete fixed UI handlers)
- [x] Discord bot commands: `/create-invite`, `/list-invites` and interaction handlers for copy/delete
- [x] Invites persisted in encrypted `db.json`
## Discord Bot
- [x] discord.js integration (events and commands)
- [x] Slash commands: `/create-invite`, `/list-invites`, `/manage-commands`, `/help`
- [x] Bot used by backend to fetch live guild data and manage invites
- [x] Bot reads/writes per-guild command toggles via backend/Postgres
- [x] Backend immediately notifies bot of toggle changes (pushes updated settings to bot cache) so frontend toggles take effect instantly
- [x] New slash command: `/list-twitchusers` to list watched Twitch usernames for a guild
- [x] Frontend: Confirm dialog and working Delete action for Twitch watched users in Live Notifications
- [x] Live Notifications: bot posts message to configured channel with stream title and link when a watched Twitch user goes live
- [x] Live Notifications: bot posts rich embed to channel when a watched Twitch user goes live (thumbnail, clickable title, bio/description, category/game, viewers, footer with "ehchadservices" and start datetime)
- [x] Live Notifications polling frequency set to 3 seconds for rapid detection (configurable via `TWITCH_POLL_INTERVAL_MS`)
- [x] Frontend: show "Watch Live" button next to watched user when they are live (links to Twitch)
## Security
- [x] Invite DELETE route now requires a short-lived invite token issued by `/api/servers/:guildId/invite-token` and sent in the `x-invite-token` header. The old `INVITE_API_KEY` header is no longer used.
- [x] Invite delete UI now shows a confirmation dialog before deleting an invite.
## Database
- [x] Postgres support via `DATABASE_URL` (backend auto-creates `servers`, `invites`, `users`)
- [x] Legacy encrypted `backend/db.json` retained (migration planned)
- [ ] Migration script: import `backend/db.json` into Postgres (planned)
- [x] Schema: live notification settings stored in server settings (via `liveNotifications` JSON)
## Theme & UX
- [x] Theme changes persist immediately (localStorage) and are applied across navigation
- [x] Theme preference priority: local selection > server preference > default (default only used on first visit)
## Security & Behavior
- [x] Invite DELETE requires short-lived HMAC token (`x-invite-token`)
- [x] Frontend confirmation dialog for invite deletion
- [ ] Harden invite-token issuance (require OAuth + admin check)
## Discord Bot
- [x] Bot with event & command handlers
- [x] Slash command registration and runtime enable/disable mechanism
- [x] `/help` and `/manage-commands` (manage persists toggles to backend)
- [x] Invite-related slash commands implemented (`/create-invite`, `/list-invites`)
## Docs & Deployment
- [x] README and CHANGELOG updated with setup steps and Postgres guidance
- Core env vars: `DATABASE_URL`, `DISCORD_CLIENT_ID`, `DISCORD_CLIENT_SECRET`, `DISCORD_BOT_TOKEN`, `INVITE_TOKEN_SECRET`, `ENCRYPTION_KEY`, `HOST`, `PORT`, `CORS_ORIGIN`
- Frontend: set `REACT_APP_API_BASE` to backend URL before build
- Tailscale: bind backend to your tailnet IP (100.x.y.z) and set `DATABASE_URL` to a Postgres reachable over the tailnet
## Features
- [x] Welcome/Leave messages (frontend + backend + bot integration)
- [x] Autorole (frontend + backend + bot integration)
Notes:
- `backend/.env.example` and `frontend/.env.example` are templates — copy to `.env` and fill values.
- Postgres / pgAdmin: create DB & user, set `DATABASE_URL`; backend auto-creates tables on startup.
## Pending / Suggested improvements
- [ ] Consider stronger auth for invite delete (e.g., require user auth or signed requests); currently an optional API key is supported via `INVITE_API_KEY`.
UI tweaks applied:
- Server cards: uniform sizes, image cropping, name clamping
- Mobile spacing and typography adjustments
- Dashboard action buttons repositioned (Invite/Leave under title)
## Deployment notes (VPS / Tailscale)
Quick guidance to run the backend, frontend and bot on a VPS or make the API accessible over a Tailscale network:
- Environment variables you'll want to set (backend `.env`):
- `PORT` (e.g. 3002)
- `HOST` the bind address (e.g. `100.x.y.z` Tailscale IP for the VPS or `0.0.0.0` to bind all interfaces)
- `CORS_ORIGIN` origin allowed for cross-origin requests (e.g. `http://100.x.y.z:3000` or `*` during testing)
- `INVITE_API_KEY` (optional) secret to protect invite DELETE requests
- `DISCORD_CLIENT_ID`, `DISCORD_CLIENT_SECRET`, `DISCORD_BOT_TOKEN`, `ENCRYPTION_KEY` (existing bot secrets)
- Frontend config:
- Build the frontend (`npm run build`) and serve it with a static server (nginx) or host separately.
- Configure `REACT_APP_API_BASE` before building to point to your backend (e.g. `http://100.x.y.z:3002`).
Current local dev hosts used in this workspace (update these values in your `.env` files if you change ports):
- Frontend dev server: `http://100.70.209.56:3001` (set in `frontend/.env` as HOST=100.70.209.56 and PORT=3001)
- Backend server: `http://100.70.209.56:3002` (set in `backend/.env` as HOST=100.70.209.56 and PORT=3002)
Discord Developer Portal settings (must match your BACKEND_BASE and FRONTEND_BASE):
- OAuth2 Redirect URI to add: `http://100.70.209.56:3002/auth/discord/callback`
- OAuth2 Allowed Origin (CORS / Application Origin): `http://100.70.209.56:3001`
- Tailscale notes:
- Ensure the VPS has Tailscale installed and is in your Tailnet.
- Use the VPS Tailscale IP (100.x.y.z) as `HOST` or to reach the API from other machines on the tailnet.
- For convenience and security, only expose ports on the Tailscale interface and avoid opening them to the public internet.
- Example systemd service (backend) on VPS (/etc/systemd/system/ecs-backend.service):
- Set `Environment=` entries for your `.env` or point to a `.env` file in the service unit, and run `node index.js` in the `backend` folder.
Where to change host/port and base URLs
- Backend: edit `backend/.env` (or set the environment variables) — key entries:
- `HOST` — bind address (e.g., your Tailscale IP like `100.x.y.z` or `0.0.0.0`)
- `PORT` — port the backend listens on (e.g., `3002`)
- `BACKEND_BASE` — optional fully-qualified base URL (defaults to `http://HOST:PORT`)
- `FRONTEND_BASE` — used for OAuth redirect to frontend (e.g., `http://100.x.y.z:3000`)
- Frontend: set `REACT_APP_API_BASE` in `frontend/.env` before running `npm run build` (or export at runtime for development). Example:
- `REACT_APP_API_BASE=http://100.x.y.z:3002`
I've added `backend/.env.example` and `frontend/.env.example` as templates — copy them to `.env` and fill in values for your environment.
- Example nginx (reverse proxy) snippet if you want to expose via a domain (optional):
- Proxy `https://yourdomain.example` to the backend (or to the frontend build directory) with TLS termination at nginx.
If you'd like, I can:
- Add a small `deploy.md` with exact steps and example `systemd` unit and `nginx` config.
- Update frontend to read a runtime-config file (useful when you don't want to rebuild to change API base).
- [ ] Add unit/integration tests for invite endpoints and ThemeContext behavior
- [ ] Accessibility improvements (ARIA attributes, focus styles) across the settings forms
- [ ] Small UI polish (spacing/visuals) for invite list items and commands list
If you'd like, I can immediately:
- Pin protected commands (e.g., `help`, `manage-commands`) to the top of the Commands list while keeping the rest alphabetical.
- Add ARIA labels and keyboard navigation tweaks for the invite dropdowns.
- Add tests for ThemeContext.
UI tweaks applied:
- Server cards on the Dashboard have been updated to enforce exact identical size per breakpoint (fixed heights), images are cropped uniformly (object-fit: cover) so icons are the same visible area across cards, and long server names are clamped to two lines to prevent layout differences.
- Mobile spacing, paddings, and typography adjusted for better legibility on small screens.
- Mobile fix: Title clamping and CardContent overflow were tightened so cards no longer expand on mobile; images use a background-image approach and white background to keep visible areas identical.
- Dashboard action buttons moved: Invite/Leave action now appears below the server title with a left label 'Invite:' or 'Leave:' and the action button to the right.
- [x] Browser tab now shows `ECS - <Page Name>` (e.g., 'ECS - Dashboard', 'ECS - Server Settings') for each page.
- [x] Browser tab now shows `ECS - <Page Name>` (e.g., 'ECS - Dashboard')
- [x] Dashboard duplicate title fixed; user settings (avatar/themes) restored via NavBar