chelsea/Synculous-2
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix issues #6, #7, #11, #12, #13: med reminders, push notifications, auth persistence, scheduling conflicts

Browse Source 
- Fix TIME object vs string comparison in scheduler preventing adaptive med
  reminders from ever firing (#12, #6)
- Add frequency filtering to midnight schedule creation for every_n_days meds
- Require start_date and interval_days for every_n_days medications
- Add refresh token support (30-day) to API and bot for persistent sessions (#13)
- Add "trusted device" checkbox to frontend login for long-lived sessions (#7)
- Auto-refresh expired tokens in both bot (apiRequest) and frontend (api.ts)
- Restore bot sessions from cache on restart using refresh tokens
- Duration-aware routine scheduling conflict detection (#11)
- Add conflict check when starting routine sessions against medication times
- Add diagnostic logging to notification delivery channels

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
chelsea
2026-02-19 13:05:48 -06:00
parent 6850abf7d2
commit d4adbde3df
10 changed files with 474 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
core/auth.py
View File

@@ -7,6 +7,16 @@ import datetime
import os
REFRESH_TOKEN_SECRET = None
def _get_refresh_secret():
global REFRESH_TOKEN_SECRET
if REFRESH_TOKEN_SECRET is None:
REFRESH_TOKEN_SECRET = os.getenv("JWT_SECRET", "") + "_refresh"
return REFRESH_TOKEN_SECRET
def verifyLoginToken(login_token, username=False, userUUID=False):
if username:
userUUID = users.getUserUUID(username)
@@ -49,6 +59,44 @@ def getLoginToken(username, password):
return False
def createRefreshToken(userUUID):
"""Create a long-lived refresh token (30 days)."""
payload = {
"sub": str(userUUID),
"type": "refresh",
"exp": datetime.datetime.utcnow() + datetime.timedelta(days=30),
}
return jwt.encode(payload, _get_refresh_secret(), algorithm="HS256")
def refreshAccessToken(refresh_token):
"""Validate a refresh token and return a new access token + user_uuid.
Returns (access_token, user_uuid) or (None, None)."""
try:
decoded = jwt.decode(
refresh_token, _get_refresh_secret(), algorithms=["HS256"]
)
if decoded.get("type") != "refresh":
return None, None
user_uuid = decoded.get("sub")
if not user_uuid:
return None, None
# Verify user still exists
user = postgres.select_one("users", {"id": user_uuid})
if not user:
return None, None
# Create new access token
payload = {
"sub": user_uuid,
"name": user.get("first_name", ""),
"exp": datetime.datetime.utcnow() + datetime.timedelta(hours=1),
}
access_token = jwt.encode(payload, os.getenv("JWT_SECRET"), algorithm="HS256")
return access_token, user_uuid
except (ExpiredSignatureError, InvalidTokenError):
return None, None
def unregisterUser(userUUID, password):
pw_hash = getUserpasswordHash(userUUID)
if not pw_hash:

9
core/notifications.py
View File

@@ -18,18 +18,27 @@ logger = logging.getLogger(__name__)
def _sendToEnabledChannels(notif_settings, message, user_uuid=None):
"""Send message to all enabled channels. Returns True if at least one succeeded."""
sent = False
logger.info(f"Sending notification to user {user_uuid}: {message[:80]}")
if notif_settings.get("discord_enabled") and notif_settings.get("discord_user_id"):
if discord.send_dm(notif_settings["discord_user_id"], message):
logger.debug(f"Discord DM sent to {notif_settings['discord_user_id']}")
sent = True
if notif_settings.get("ntfy_enabled") and notif_settings.get("ntfy_topic"):
if ntfy.send(notif_settings["ntfy_topic"], message):
logger.debug(f"ntfy sent to topic {notif_settings['ntfy_topic']}")
sent = True
if notif_settings.get("web_push_enabled") and user_uuid:
if web_push.send_to_user(user_uuid, message):
logger.debug(f"Web push sent for user {user_uuid}")
sent = True
else:
logger.warning(f"Web push failed or no subscriptions for user {user_uuid}")
if not sent:
logger.warning(f"No notification channels succeeded for user {user_uuid}")
return sent