myxelium/Toju
1
0
Fork 0
Code Issues 14 Pull Requests Actions Packages Projects 2 Releases 36 Wiki Activity

Compare commits

base: myxelium:v1.0.174
Branches Tags
myxelium:main myxelium:docs/scaffold-agent-instruction-tree myxelium:Plugins myxelium:maybe-ddd
myxelium:v1.0.192 myxelium:v1.0.189 myxelium:v1.0.186 myxelium:v1.0.183 myxelium:v1.0.180 myxelium:v1.0.177 myxelium:v1.0.174 myxelium:v1.0.165 myxelium:v1.0.159 myxelium:v1.0.154 myxelium:v1.0.149 myxelium:v1.0.144 myxelium:v1.0.141 myxelium:v1.0.138 myxelium:v1.0.133 myxelium:v1.0.130 myxelium:v1.0.127 myxelium:v1.0.124 myxelium:v1.0.118 myxelium:v1.0.113 myxelium:v1.0.110 myxelium:v1.0.97 myxelium:v1.0.88 myxelium:v1.0.85 myxelium:v1.0.82 myxelium:v1.0.79 myxelium:v1.0.74 myxelium:v1.0.68 myxelium:v1.0.59 myxelium:v1.0.56 myxelium:v1.0.51 myxelium:v1.0.46 myxelium:v1.0.35 myxelium:v1.0.32 myxelium:v1.0.28 myxelium:v1.0.22
...
compare: myxelium:v1.0.186
Branches Tags
myxelium:main myxelium:docs/scaffold-agent-instruction-tree myxelium:Plugins myxelium:maybe-ddd
myxelium:v1.0.192 myxelium:v1.0.189 myxelium:v1.0.186 myxelium:v1.0.183 myxelium:v1.0.180 myxelium:v1.0.177 myxelium:v1.0.174 myxelium:v1.0.165 myxelium:v1.0.159 myxelium:v1.0.154 myxelium:v1.0.149 myxelium:v1.0.144 myxelium:v1.0.141 myxelium:v1.0.138 myxelium:v1.0.133 myxelium:v1.0.130 myxelium:v1.0.127 myxelium:v1.0.124 myxelium:v1.0.118 myxelium:v1.0.113 myxelium:v1.0.110 myxelium:v1.0.97 myxelium:v1.0.88 myxelium:v1.0.85 myxelium:v1.0.82 myxelium:v1.0.79 myxelium:v1.0.74 myxelium:v1.0.68 myxelium:v1.0.59 myxelium:v1.0.56 myxelium:v1.0.51 myxelium:v1.0.46 myxelium:v1.0.35 myxelium:v1.0.32 myxelium:v1.0.28 myxelium:v1.0.22

18 Commits
v1.0.174 ... v1.0.186

Author SHA1 Message Date
Myx
9981aee602 chore: Update dev run
All checks were successful
Queue Release Build / prepare (push) Successful in 20s
Details
Deploy Web Apps / deploy (push) Successful in 9m11s
Details
Queue Release Build / build-windows (push) Successful in 28m8s
Details
Queue Release Build / build-linux (push) Successful in 46m49s
Details
Queue Release Build / build-android (push) Successful in 20m54s
Details
Queue Release Build / finalize (push) Successful in 2m15s
Details
2026-06-11 12:32:15 +02:00
Myx
31962aeb1a fix: restore build and stabilize E2E cross-signal behavior 
Revert the automated member-ordering pass that broke Angular field init
(TS2729) and disable that rule until a safe reorder strategy exists.
Fix modal/confirm dialog i18n defaults via template fallbacks, search all
active endpoints (including offline), register foreign rooms with actor
owner IDs, sync profile display names from avatar summaries, and guard
dm-chat when a private call converts to a group conversation.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-11 12:16:40 +02:00
Myx
79c6f91cd6 chore: enforce lint across codebase and ban "maybe" in identifiers 
Remove member-ordering and complexity eslint-disable comments by reordering
class members and applying targeted fixes. Add metoyou/no-maybe-in-naming,
type-safe WebRTC e2e harness helpers, and resolve remaining lint errors so
npm run lint exits cleanly.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-11 11:08:26 +02:00
Myx
b630bacdc6 test: fix most e2e tests 2026-06-11 10:21:28 +02:00
Myx
1671a04f03 fix: Bug - Emojis should be user bound not client bound 
Bind custom emoji library membership to the signed-in user instead of the
client. CustomEmojiService now tracks saved emoji ids per user id in
localStorage (metoyou_custom_emoji_saved:<userId>) and the picker only shows
the active user's set, seeded on first load from legacy savedByUser rows the
user created. This stops a second account on the same client (or Electron's
shared SQLite database) from inheriting another user's emoji picker, while
keeping synced assets available for message rendering.

Adds unit coverage for per-user scoping and a single-page-load Playwright e2e
that switches users client-side (second user joins the first user's server)
and asserts no library leak.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-11 04:09:06 +02:00
Myx
cb386394d0 fix: Bug - No login screen mobile phone on startup 
Signed-out mobile visitors landing on / or /dashboard were intentionally
kept on a logged-out /dashboard, so they were never greeted with a login
screen on startup. Replace the imperative startup-redirect logic in
App.ngOnInit with a platform-agnostic pure rule
resolveUnauthenticatedStartupRedirect: non-public routes redirect to
/login (with a safe returnUrl), public routes (/login, /register,
/invite/...) are left alone. Mobile is no longer special-cased.

- Unit: auth-navigation.rules.spec.ts
- E2E: e2e/tests/mobile/mobile-login-on-startup.spec.ts (mobile viewport
  set before navigation; /dashboard and / both land on /login)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-11 03:38:16 +02:00
Myx
182828bb1e fix: Bug - Two devices sharing same user says "Shared from your device" 
Gate the "Shared from your device" label and the hidden download
affordance on whether this device actually holds the file bytes, not on
whether the current user uploaded it. uploaderPeerId is the user id, so
the old check claimed ownership on every device of the uploader,
blocking view/download on second devices that only synced metadata.

Also include attachment metadata in the account_sync chat-sync-batch so
sibling devices learn about synced attachments at all.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-11 03:29:47 +02:00
Myx
49b602dbda fix: Bug - No android app icon 2026-06-11 03:03:10 +02:00
Myx
d72a027c9a fix: Bug - Video attachment on android gets sent in the message bubble above with no preview image 2026-06-11 02:44:22 +02:00
Myx
b1b3d93851 fix: Bug - Fresh users have the server list in dashboard completely empty until anything searched 2026-06-11 02:11:31 +02:00
Myx
494a05e606 fix: Bug - Local files should be remembered by client 2026-06-11 01:54:00 +02:00
Myx
5bf4f698df fix: Bug - Attachments gets syncronized corrupt 2026-06-11 00:37:06 +02:00
Myx
d174536272 fix: Chats doesn't sync for multi client users 2026-06-11 00:04:49 +02:00
Myx
d0aff6319d fix: should now sync with other devices
All checks were successful
Queue Release Build / prepare (push) Successful in 25s
Details
Deploy Web Apps / deploy (push) Successful in 7m8s
Details
Queue Release Build / build-windows (push) Successful in 28m10s
Details
Queue Release Build / build-linux (push) Successful in 44m38s
Details
Queue Release Build / build-android (push) Successful in 18m36s
Details
Queue Release Build / finalize (push) Successful in 1m40s
Details
2026-06-09 22:00:39 +02:00
Myx
1274ad9b46 fix: search 2026-06-09 22:00:06 +02:00
Myx
eb51f043ac fix: Major bug cleanup pass 1
All checks were successful
Queue Release Build / prepare (push) Successful in 19s
Details
Deploy Web Apps / deploy (push) Successful in 8m12s
Details
Queue Release Build / build-windows (push) Successful in 27m44s
Details
Queue Release Build / build-linux (push) Successful in 48m1s
Details
Queue Release Build / build-android (push) Successful in 22m7s
Details
Queue Release Build / finalize (push) Successful in 2m42s
Details
2026-06-09 17:59:54 +02:00
Myx
80d7728e66 fix: No longer displays edited on all messages and fix Disconnected from signaling server on multiple clients
All checks were successful
Queue Release Build / prepare (push) Successful in 19s
Details
Deploy Web Apps / deploy (push) Successful in 8m19s
Details
Queue Release Build / build-windows (push) Successful in 27m48s
Details
Queue Release Build / build-linux (push) Successful in 47m35s
Details
Queue Release Build / build-android (push) Successful in 21m15s
Details
Queue Release Build / finalize (push) Successful in 2m30s
Details
2026-06-07 15:05:12 +02:00
Myx
83456c018c fix: Fix multiple bugs with new authentication flow 2026-06-07 15:04:21 +02:00
345 changed files with 14405 additions and 1072 deletions
Expand all files Collapse all files

2
.agents/skills/playwright-e2e/SKILL.md
View File

@@ -195,7 +195,7 @@ export class LoginPage {
| ------------------- | ------------------ | ----------------------- |
| `/login` | `LoginPage` | `LoginComponent` |
| `/register` | `RegisterPage` | `RegisterComponent` |
| `/search` | `ServerSearchPage` | `ServerSearchComponent` |
| `/servers` | `FindServersPage` | `FindServersComponent` |
| `/room/:roomId` | `ChatRoomPage` | `ChatRoomComponent` |
| `/settings` | `SettingsPage` | `SettingsComponent` |
| `/invite/:inviteId` | `InvitePage` | `InviteComponent` |

2
AGENTS.md
View File

@@ -13,6 +13,7 @@ Reference on-demand (when the workflow triggers them — see `agents-docs/AGENT_
- `agents-docs/AGENTS_CONTEXT.md` — contract for updating `CONTEXT.md` / `CONTEXT-MAP.md`
- `agents-docs/AGENTS_ADRS.md` — contract for writing architecture decision records
- `agents-docs/BUG_TRACKER.md` — Obsidian bug inbox location, allowed vault edits, and triage workflow
When working in a subdomain, also read its `CONTEXT.md` first:
@@ -74,6 +75,7 @@ The product client already maintains per-domain READMEs under `toju-app/src/app/
- **Feature docs:** `agents-docs/features/`
- **Architecture decisions:** `agents-docs/adr/`
- **Context map:** `agents-docs/CONTEXT-MAP.md`
- **Obsidian bug tracker:** `agents-docs/BUG_TRACKER.md`
- **Product-client domain:** `toju-app/CONTEXT.md`
- **Desktop-shell domain:** `electron/CONTEXT.md`
- **Server domain:** `server/CONTEXT.md`

90
agents-docs/BUG_TRACKER.md Normal file
View File

@@ -0,0 +1,90 @@
# Obsidian Bug Tracker — Agent Contract
User-maintained bug reports live outside the repo. Read this file when asked to triage, investigate, or work from the bug backlog.
**Overrides** `agents-docs/AGENT_WORKFLOW.md` §8 (Autonomous Bug Fixing) unless the user explicitly asks you to fix a bug in code.
---
## Location
| Item | Path |
|------|------|
| Bug inbox | `/home/ludde/Nextcloud/Obsidian Vault/Log/Bugs/` |
| Attachments | `…/Bugs/attachments/<Bug title>/` |
| Dashboard | `/home/ludde/Nextcloud/Obsidian Vault/Log/Create bug.md` |
| Template | `/home/ludde/Nextcloud/Obsidian Vault/Log/Templates/Bug Report.md` |
---
## Allowed actions on vault files
Unless the user explicitly asks for more:
1. **Change `status`** in a bug note's YAML frontmatter (`Open``Resolved` or `Closed`).
2. **Move files** (e.g. reorganize notes or attachments when instructed).
Do **not** edit other vault fields or sections (`Investigation`, `Resolution`, description, etc.) unless the user asks.
---
## Allowed reads (unrestricted)
To understand and solve bugs you may read freely:
- All bug notes and attachments under `Log/Bugs/`
- The full MetoYou repo (code, tests, logs, docs)
- Runtime output, test results, and debug artifacts
Investigation findings belong in chat or in repo changes — not in the vault — unless the user asks you to update the note.
---
## Bug note format
Each note is Markdown with YAML frontmatter:
```yaml
---
title: Bug - …
type: bug
status: Open # Open | Resolved | Closed
priority: Low | Medium | High | Critical
severity: Low | Medium | High | Critical
environment:
created: YYYY-MM-DD HH:mm
tags: [bug]
---
```
Body sections: **Description**, **Steps to Reproduce**, **Expected Result**, **Actual Result**, **Logs / Screenshots**, **Investigation**, **Resolution**.
The dashboard (`Create bug.md`) uses Dataview; keep `type: bug` and `status` accurate so counts stay correct.
---
## Workflow
1. List open bugs: `Glob` or `ls` on `…/Log/Bugs/*.md`, filter `status: Open`.
2. Read the note and any linked attachments.
3. Investigate in the repo (read-only toward the vault).
4. Report findings to the user.
5. Only when told to fix: implement in repo (TDD, lint, build per `AGENTS.md`).
6. When a bug is done: update vault `status` to `Resolved` or `Closed` (and move files if the user specifies a convention).
---
## Open bugs (snapshot 2026-06-10)
| Title | Priority | Environment |
|-------|----------|-------------|
| Attachments gets syncronized corrupt | Critical | All major clients |
| Chats doesn't sync for multi client users | High | All |
| No android app icon | High | Android |
| No login screen mobile phone on startup | High | Android, Android Browser |
| Fresh users have the server list in dashboard completely empty until anything searched | High | — |
| Video attachment on android gets sent in the message bubble above with no preview image | High | Android |
| Local files should be remembered by client | High | — |
| Emojis should be user bound not client bound | Medium | All |
Re-scan the folder at session start; this table is not auto-updated.

112
agents-docs/LESSONS.md
View File

@@ -25,6 +25,118 @@ Durable rules for AI agents working on this project. Read this file at session s
## Lessons
### Scope per-user UI state by user id, not by the client database [persistence] [multi-user] [custom-emoji]
- **Trigger:** custom emoji "saved library" membership was a single `savedByUser` flag on the shared emoji row plus a long-lived singleton (`CustomEmojiService`) that merged state across logins — so a second account on the same client (and the Electron shared SQLite DB) inherited the first user's picker.
- **Rule:** when state is "per signed-in user" but the asset/row store is shared (Electron `custom_emojis`, or a renderer singleton that survives logout), key the membership by user id in its own store (`localStorage` `metoyou_custom_emoji_saved:<userId>`, mirroring the existing per-user usage ranking) and rebuild it in `loadForUser`; never rely on a global row flag or assume the singleton was reset on logout.
- **Why:** the browser already isolates rows per-user database, so the leak only reproduces in-session (no reload) and on Electron's shared DB — both invisible if you only test reloads; a row-level flag also can't represent two local users saving the same asset.
- **Example:** `CustomEmojiService.resolveSavedIds(userId, emojis)` reads/seeds a per-user id set; e2e `e2e/tests/chat/custom-emoji-user-binding.spec.ts` runs the whole user switch in ONE page load (client-side router nav only) so the singleton-retention leak is actually exercised, and the second user *joins* the first user's server instead of creating one (in-session "create a second server" leaves `sourceId` empty and the submit disabled).
### Don't strand signed-out mobile users on a logged-out dashboard [auth] [mobile] [routing]
- **Trigger:** `App.ngOnInit` special-cased mobile — signed-out visitors landing on `/` or `/dashboard` were kept on `/dashboard` (the "login form has no mobile chrome" rationale), so mobile users got a logged-out dashboard and never saw a login screen on startup.
- **Rule:** decide startup routing for signed-out users with the platform-agnostic pure rule `resolveUnauthenticatedStartupRedirect(currentUrl)` (`auth-navigation.rules.ts`) — non-public routes → `/login` (with safe `returnUrl`), public routes (`/login`, `/register`, `/invite/...`) → stay; do not branch on `isMobile()` here.
- **Why:** the mobile exception directly contradicted the product expectation ("greet signed-out users with the login screen"); the login form already links to register, so there is no dead-end to avoid.
- **Example:** unit `auth-navigation.rules.spec.ts` (`resolveUnauthenticatedStartupRedirect('/dashboard') === { path:'/login', queryParams:{} }`); e2e `e2e/tests/mobile/mobile-login-on-startup.spec.ts` sets a 390×844 viewport **before** navigating (so `ViewportService.isMobile` is true at bootstrap) and asserts `/dashboard` and `/` both land on `/login`.
### "Shared from your device" must gate on local bytes, not uploader user id [attachments] [multi-device]
- **Trigger:** a second device of the same user showed "Shared from your device" and hid the download affordance for a file uploaded from another device — `isUploader(attachment)` returned `uploaderPeerId === currentUserId`, but `uploaderPeerId` is the **user** id (set to `currentUser.id` in `publishAttachments`), so it is true on every device of the uploader, including ones that only synced metadata.
- **Rule:** key the sharing/ownership UI off whether *this device* holds the bytes, not who uploaded it — use `isSharingFromThisDevice(attachment, currentUserId)` (= `isUploaderUser && deviceHasLocalCopy`) from `attachment-sharing.rules.ts`; `deviceHasLocalCopy` = `available` + blob `objectUrl`, or a non-empty `savedPath`/`filePath` (synced metadata strips local paths, so it correctly reads as "no copy").
- **Why:** same-user devices do **not** P2P with each other and sync only via `account_sync` (which strips `filePath`/`savedPath`), so the second device legitimately has no bytes; claiming ownership blocked the only path to view/download. For the regression to even be reachable in e2e, `account_sync`'s `chat-sync-batch` had to start carrying the `attachments` map (it previously dropped attachment metadata entirely) via `pushSavedRoomMessagesViaAccountSync(..., loadAttachmentMetas)`.
- **Example:** unit `attachment-sharing.rules.spec.ts` (`isSharingFromThisDevice({uploaderPeerId:'u1', available:false}, 'u1') === false`); e2e `e2e/tests/chat/multi-device-attachment-sharing.spec.ts` uploads on device A then logs device B in afterward so the `account_sync_peer_online` full-state push delivers the attachment, then asserts device B shows a Request button and **no** "Shared from your device".
### Generate Android brand icons from the source mark; guard against stock Capacitor placeholders [mobile] [android] [assets]
- **Trigger:** the Android app shipped the default Ionic/Capacitor launcher icon (and a white adaptive background) because no brand icon was ever generated into `toju-app/android/app/src/main/res/`.
- **Rule:** regenerate launcher + splash from `images/icon-new-rounded.png` with `npm run cap:assets:android` (`tools/generate-android-app-icons.mjs`, uses `sharp`), set the adaptive background to brand purple `#4A217A` (never `#FFFFFF`), and have the adaptive icon reference `@mipmap/ic_launcher_foreground` PNGs (delete the stock `drawable-v24/ic_launcher_foreground.xml` vector). `cap:sync` is not needed — these live in the native project, not `webDir`.
- **Why:** a native launcher icon can't be asserted through a browser, so the regression proof is a hash guard: `mobile-android-launcher-icon.rules.ts` records the SHA-256 of every stock placeholder and the tests fail if any density still matches one. Pixel checks (purple ring + white-cat centre) confirm the brand mark actually rendered.
- **Example:** `findStockCapacitorResources(hashByFile)` must return `[]`; unit `mobile-android-launcher-icon.rules.spec.ts` + e2e `e2e/tests/mobile/android-app-icon.spec.ts` (deterministic fs/pixel checks, no emulator).
### Bind chat attachments to a pre-allocated message id, never by matching content [attachments] [chat] [mobile]
- **Trigger:** caption-less media (videos/images sent with no text) grouped onto the message bubble above and left an empty message below on Android — `ChatMessagesComponent` dispatched `sendMessage` without an id, then a `setTimeout` re-discovered the message by `entry.content === content` (always `''` for attachment-only sends) and called `publishAttachments` on it.
- **Rule:** pre-allocate the message id in the component (`planChatMessageSend` in `chat-message-send.rules.ts`), dispatch it via `MessagesActions.sendMessage({ id, ... })` (effect uses `id ?? uuidv4()`), and bind attachments to that exact id with `publishAttachments(id, files)` — never re-find the message by content/timing.
- **Why:** empty content is shared by every attachment-only message, so content matching picks the newest match and races the async create-effect; on Android the create latency exceeds the old 100 ms timer, so the file binds to a stale sibling. The race is invisible on fast desktop browsers, so the deterministic regression proof is the unit test that asserts the dispatched action id equals the attachment-binding id, not an e2e timing game (see the "don't bump E2E timeouts for sync flakes" lesson).
- **Example:** `planChatMessageSend(...).attachmentBinding.messageId === plan.action.id` enforced in `chat-message-send.rules.spec.ts`; behavioral guard in `e2e/tests/chat/attachment-only-message-grouping.spec.ts` (proves the id flows component→effect→attachment by requiring each caption-less attachment to render in its own bubble).
### Attachment file persistence must be platform-agnostic, not Electron-only [attachments] [persistence] [mobile]
- **Trigger:** `AttachmentStorageService` talked only to `window.electronAPI`, so `canWriteFiles()` returned `false` on Android (Capacitor) and in the browser — no bytes were ever persisted there, and after restart/logout-login the uploader hit "Your original upload could not be found on this device" / "no peer with this file".
- **Rule:** keep the path/bucket layout in `AttachmentStorageService` but delegate raw IO to a pluggable `AttachmentFileStore` selected by `PlatformService` — Electron disk, Capacitor `Directory.Data` (lazy-loaded, inline media via `convertFileSrc`), and a per-user IndexedDB vfs for the browser with a finite `maxPersistableBytes` cap; gate transfer persistence on `canStreamToDisk()` / `canPersistSize()` so the cap degrades gracefully.
- **Why:** the browser e2e harness can't test native disk, but the browser IndexedDB store is real persistence, so a single-client send → `page.reload()` → reopen-room test proves the whole persist/restore orchestration with no peer connected.
- **Example:** `attachment-file-store.ts` + `{electron,browser,capacitor}-attachment-file-store.ts`; `e2e/tests/chat/local-attachment-persistence.spec.ts` waits for both byte records (vfs) **and** `attachments` records with `savedPath` (summed across all `metoyou`/`metoyou::<user>` DBs, since an empty anonymous-scope DB exists) before reloading.
### Never count duplicate chunks toward transfer progress, and never finalize on byte counters [attachments] [webrtc]
- **Trigger:** P2P attachments arrived corrupt everywhere ("only the first bytes") because concurrent auto-download triggers double-requested a file, the sender streamed it twice, and the receiver counted duplicate chunk deliveries toward `receivedBytes` — inflating it past `size`, which both dropped the remaining chunks (post-Security guard) and passed the `receivedBytes >= size` finalize shortcut over a sparse buffer.
- **Rule:** in chunked transfer receivers, ignore an already-buffered chunk index entirely (no progress update), use dense buffers, and finalize only when every chunk index is present — never use byte totals as an alternative completion signal; dedupe streams on the sender per `(messageId, fileId, peerId)`.
- **Why:** byte counters lie as soon as any duplicate, retry, or concurrent stream exists, and sparse-array `every`/`some` skip holes, so "looks complete" checks silently pass on partial data (same trap as the custom-emoji sparse-array lesson).
- **Example:** `handleFileChunk` / `finalizeTransferIfComplete` in `attachment-transfer.service.ts`; multi-chunk e2e coverage via `expectMessageImageContentSha256` in `e2e/tests/chat/chat-message-features.spec.ts` (single-chunk files cannot catch assembly bugs — test with >64 KiB payloads).
### Don't bump E2E timeouts for sync flakes - gate on presence and read server logs [testing] [realtime]
- **Trigger:** a multi-client chat-sync E2E flaked on "message not visible" and the first instinct was to raise `toBeVisible` timeouts or add waits; the user correctly rejected this ("it's not a timeout issue").
- **Rule:** when a cross-user E2E assertion flakes, first gate the assertion on an observable precondition (peer visible in the members panel), then diff the signaling-server logs of a passing vs failing run (`joined server`, `user_joined`, `user_left`, `Removing dead connection`) before touching any timeout.
- **Why:** the flake was a server race — `identify` + `join_server` arriving in one TCP segment were processed concurrently, the join was dropped as unauthenticated, and room membership silently vanished; no timeout can fix a message that is never broadcast. Fixed by serializing per-connection message handling in `server/src/websocket/handler.ts`.
- **Example:** failing run showed one `joined server` for Ludde then `user_left` on sibling-client close; passing run showed two. `expectServerPeerVisible(page, displayName)` in `e2e/helpers/multi-device-session.ts` is the presence gate.
### When renaming an Angular route, sweep every navigate/url-match/doc reference [routing]
- **Trigger:** the find-servers route was renamed `/search``/servers` in `app.routes.ts`, but `servers-rail.component.ts` still called `router.navigate(['/search'])` (leave-server) and matched `startsWith('/search')` for the user-bar visibility signal, throwing `NG04002: 'search'` on leave and never showing the user-bar on the discovery page.
- **Rule:** after changing a `path:` in `app.routes.ts`, grep the whole repo for the old literal (`/search`) across `*.ts`/`*.html` (router calls, `startsWith`/url-match signals) and docs (`docs-site`, `.agents/skills/playwright-e2e/SKILL.md` route tables, domain READMEs) and update them all in the same change.
- **Why:** `router.navigate` to a non-existent path raises `NG04002` and aborts navigation, and stale `startsWith` matches silently break route-derived UI state — neither is caught by the build (string literals) and there was no `servers-rail` spec to catch it.
- **Example:** fixed `isOnServers`/`router.navigate(['/servers'])` in `servers-rail.component.{ts,html}`; canonical post-leave/discovery route is `/servers` (`FindServersComponent`), matching `DashboardComponent`'s `router.navigate(['/servers'])`.
### Server discovery must fan out across all endpoints and self-heal on 404 — never hardcode a host capability blocklist [server-directory]
- **Trigger:** the dashboard "Popular Servers" and `/servers` discovery view were empty for fresh users until they typed a search. The first fix added a static `DISCOVERY_UNSUPPORTED_HOSTS` blocklist (`signal.toju.app` / `signal-sweden.toju.app`) that short-circuited discovery to `[]`; the production hosts later shipped the `/featured` + `/trending` routes (verified `curl` → 200 with servers), so the stale blocklist kept blocking exactly the default endpoints a fresh account has while ungated search still surfaced them.
- **Rule:** discovery (`getFeaturedServers`/`getTrendingServers`) must fan out across `getSearchableEndpoints()` with `forkJoin` + `deduplicateById` (mirroring all-endpoint search), and detect capability *at runtime* — on a `404` from `/api/servers/{featured,trending}`, fall back per-endpoint to the public `GET /api/servers` listing (`fetchPublicServerListForDiscovery`) instead of returning `[]`. Do not maintain a hardcoded list of hosts that "don't support" a route; it goes stale silently and the build can't catch it.
- **Why:** legacy servers resolve `/featured` as `/servers/:id` and answer 404, so a 404→fallback keeps the default view populated everywhere without a blocklist; the empty-query view renders discovery sections (not search results), so any divergence between discovery and search makes it look broken while search works.
- **Example:** `fetchDiscoveryFromEndpoint` + `fetchPublicServerListForDiscovery` in `server-directory-api.service.ts`; `e2e/tests/servers/server-discovery-default.spec.ts` proves a fresh account sees Popular Servers without searching AND that route-intercepting `/featured`+`/trending` to 404 still populates it via the fallback.
### Server registration needs `ownerPublicKey: oderId || id`, and must not be fire-and-forget [server-directory] [rooms]
- **Trigger:** creating a server appeared to work (the creator landed in the room view) but the server didn't exist on the backend — invite-link creation and search both 404'd. `createRoom$` sent `ownerPublicKey: currentUser.oderId` with no fallback; on restored sessions `oderId` can be falsy (identify still works because it falls back to `id`), so `POST /api/servers` returned `400 Missing required fields`, and the `.subscribe()` swallowed the error while `createRoomSuccess` fired regardless.
- **Rule:** resolve owner identity as `oderId || id` everywhere it's required (the server rejects an empty `ownerPublicKey`), and give `registerServer().subscribe()` an `error` handler so a failed registration is never silent.
- **Why:** verified against the live server — authed POST with a truthy `ownerPublicKey` → 201; authed POST with an empty one → 400; the swallowed 400 is exactly what produces a "ghost" room the creator can enter but no one can find.
- **Example:** `buildServerRegistrationPayload(room, currentUser, normalizedPassword)` in `toju-app/src/app/store/rooms/server-registration.rules.ts`, used by `RoomsEffects.createRoom$`.
### Identify must fall back to the legacy session token, not only the new credential store [realtime] [authentication]
- **Trigger:** the multi-signal-server auth refactor changed `resolveCredentialForSignalUrl` to read *only* `SignalServerCredentialStoreService`; sessions restored from disk (and logins where `user.homeSignalServerUrl` is unset) have an empty credential store, so `identify` was skipped on every signal server ("Skipping identify because no session token is available") and users appeared alone — no presence, no peers, sent messages visible only to themselves. E2E never caught it because every e2e flow does a *fresh* register/login that writes the credential store directly.
- **Rule:** when resolving the identify credential for a signal URL, prefer the per-signal credential but fall back to the legacy `AuthTokenStoreService` token reconstructed with the current home user's `id`/`displayName`; never gate `identify` solely on the new credential store.
- **Why:** `persistSessionToken` always writes the legacy `metoyou.authTokens` store on login, but the per-signal credential store is only populated on fresh login (with a `loginResponse`) or successful migration/provisioning — so on reload it can be empty while a valid session still exists.
- **Example:** `resolveSignalIdentity(credential, legacyTokenEntry, homeUser)` in `signal-server-credential-resolution.rules.ts`, wired through `SignalServerAuthService.resolveCredentialForSignalUrl` (which now passes `this.authTokenStore.getTokenEntry(httpUrl)` and a `homeUser` carrying `id`). Test cross-user behavior via a *session-restore* path, not just fresh login.
### Keep the per-signal-URL identify credential resolvable from the store [realtime] [authentication]
- **Trigger:** after the multi-signal-server auth refactor, `SignalingManager.getLastIdentify` was switched to `getIdentifyCredentialsForSignalUrl`, which only read an in-memory cache populated *after* `identify()` ran; a freshly (re)connected socket then emitted `join_server` before any identify and users silently never appeared in the presence roster (almost all multi-user e2e tests timed out waiting for the peer's `room-user-card`).
- **Rule:** `getIdentifyCredentialsForSignalUrl` must fall back to resolving the credential from the credential store so a new socket's `onopen` re-identifies before it re-joins; never restrict it to only the in-memory identify cache.
- **Why:** the server drops `join_server`/`view_server` on any unauthenticated connection, so an identify-less join is lost with no error and recovery only happens on a later reconnect (often beyond the 20s test timeout).
- **Example:** server log showed `join_server authed=false ... display=User` dropped, then `User identified: Alice` on a different connection but no `Alice joined server`; fixed in `signaling-transport-handler.ts` by resolving via `dependencies.resolveCredential(signalUrl)` when the cache is empty.
### Store clientInstanceId in sessionStorage not localStorage [realtime] [multi-device]
- **Trigger:** same user logged in on two tabs, browsers, or synced profiles sees alternating "Disconnected from signaling server" and no cross-device chat/voice sync.
- **Rule:** persist `metoyou.clientInstanceId` in `sessionStorage` (one id per tab/window) and clear any legacy `localStorage` copy on first read.
- **Why:** server identify evicts stale sockets with the same `(oderId, connectionScope, clientInstanceId)` tuple; a shared localStorage id makes each client kick the other in a reconnect loop.
- **Example:** `ClientInstanceService.getClientInstanceId()` writes to `sessionStorage`; two tabs get different ids and stay connected simultaneously.
### Revalidate IndexedDB scope without reinitializing on every read [persistence] [performance]
- **Trigger:** `DatabaseService.ensureReady()` called `initialize()` before every delegated read/write to fix user-scope races.
- **Rule:** cache the last validated `metoyou_currentUserId` and only re-run backend initialization when that scope changes or an in-flight initialize completes with a different scope.
- **Why:** per-operation revalidation fans out across ban lookups, room loads, and message reads, causing channel/chat UI to stay blank until repeated server clicks eventually win the race.
- **Example:** `ensureReady()` returns immediately when `isReady()` and `validatedUserScope` still match `getStoredCurrentUserId()`.
### Restore local user scope before protected writes [authentication] [persistence]
- **Trigger:** a logged-in in-memory user can create rooms or messages after `metoyou_currentUserId` was cleared by a late session-expired path.
- **Rule:** before protected local persistence or server-directory actions, restore `metoyou_currentUserId` from the current user and avoid treating a live current user as unauthenticated.
- **Why:** otherwise rooms/messages fall into the anonymous IndexedDB scope, and route checks redirect to login even though NgRx still has the authenticated user.
- **Example:** `MessagesEffects.sendMessage$`, `RoomsEffects.createRoom$`, and server-directory create/join components call `setStoredCurrentUserId(currentUser.id)` before writing or joining.
### Persisted local user state still requires a session token [authentication] [signaling]
- **Trigger:** Users appear logged in from local storage but cannot see peers online or send chat after session-token auth shipped.

16
agents-docs/adr/0003-multi-client-sessions.md Normal file
View File

@@ -0,0 +1,16 @@
# ADR-0003: Multi-Client Sessions with Connection-Scoped Routing
## Status
Accepted
## Context
Users expect to stay logged in on multiple devices simultaneously (Discord-style). The signaling server already issued multiple session tokens per user, but WebSocket broadcasts deduplicated by `oderId`, which prevented a user's second device from receiving chat, typing, or voice-state updates from their first device. Voice had no per-device identity, so two clients could both attempt to transmit audio.
## Decision
Introduce a stable per-install `clientInstanceId` on the product client. Route server broadcasts by **connection id** (exclude only the sender socket) while keeping presence `user_joined` / `user_left` identity-scoped. Track `voiceActive` per connection; relay RTC to the voice-active socket. Enforce single voice owner per user via `VoiceState.clientInstanceId` and `voice_client_takeover` handoff between connections.
## Consequences
- **Positive:** Chat and presence sync across a user's devices; voice behaves like Discord (one transmitting client, passive viewers, explicit takeover).
- **Positive:** Stale-tab hygiene uses `(oderId, connectionScope, clientInstanceId)` eviction without kicking other devices.
- **Negative:** `findUserByOderId` semantics change — RTC now prefers voice-active connections; callers must not assume one socket per user.
- **Negative:** Clients must include `clientInstanceId` on identify and voice payloads; older builds without it still work but cannot participate in multi-device voice exclusivity reliably.

68
agents-docs/features/authentication.md
View File

@@ -25,7 +25,7 @@ Session-token authentication for the signaling server and product client.
```
- Tokens are opaque 64-character hex strings stored in server SQLite (`session_tokens`).
- Default TTL: 24 hours (`SESSION_TOKEN_TTL_MS` env override supported).
- Default TTL: 10 years (`SESSION_TOKEN_TTL_MS` env override supported on the signaling server).
- Passwords are stored with bcrypt; legacy SHA-256 hashes are upgraded transparently on successful login.
## Protected REST routes
@@ -46,18 +46,80 @@ Require `Authorization: Bearer`:
"token": "<session-token>",
"oderId": "<user-id>",
"displayName": "Alice",
"connectionScope": "ws://host:3001"
"connectionScope": "ws://host:3001",
"clientInstanceId": "<per-install-uuid>"
}
```
- `oderId` must match the token's user id when provided.
- `clientInstanceId` is a stable per-tab UUID generated by the product client (`metoyou.clientInstanceId` in `sessionStorage`). The signaling server uses it to distinguish multiple WebSocket connections for the same user and to route voice ownership.
- Server responds with `auth_error` or `auth_required` when authentication fails.
- **Per-connection message ordering (invariant):** the server processes WebSocket messages for one connection strictly in arrival order (`handleWebSocketMessage` chains them per connection id). `identify` awaits a DB token lookup, and clients send `identify` + `join_server` back-to-back (often one TCP segment); concurrent handling let the join run mid-identify, get rejected as unauthenticated, and silently drop room membership — that connection then missed all `user_joined` / `chat_message` broadcasts (root cause of "chats don't sync for multi-client users").
## Multi-device sessions
- Each login/register issues a **new** session token; prior tokens remain valid until they expire or the client calls `POST /api/users/logout` with that token.
- The same user may keep multiple WebSocket connections open (different devices or browser profiles). Server broadcasts (chat, typing, voice state, status) exclude only the **sending connection**, so other connections for that identity still receive updates.
- Voice/WebRTC is exclusive per user: only one `clientInstanceId` may own active voice at a time. Other connections show passive UI and can send `voice_client_takeover` to move voice to the local device.
- Stale reconnect hygiene: when a client re-identifies with the same `(oderId, connectionScope, clientInstanceId)` tuple, the server closes the older socket for that tuple.
### Account-owned state sync (`account_sync`)
When the same account is logged in on multiple devices, account-owned data is kept in sync through the signaling server:
| Data | Mechanism |
|---|---|
| Server chat messages (live) | `chat_message` signaling relay (connection-scoped broadcast) **plus** `account_sync` `chat-message` / `message-revision` to sibling devices |
| Server chat messages (catch-up) | `account_sync` `chat-sync-batch` pushed when a sibling device comes online (`account_sync_peer_online`); each batch carries its messages' **attachment metadata** (`attachments` map, local paths stripped) so sibling devices learn about synced attachments — they are then requestable/downloadable but never marked "Shared from your device" unless the bytes are local |
| Voice / typing | Existing `voice_state` / `user_typing` relays |
| Saved servers (join/leave) | `account_sync` payload `saved-room-sync` / `saved-room-remove` |
| Profile avatar + card text | `account_sync` `user-avatar-full` + `user-avatar-chunk` |
| Custom emoji library | `account_sync` `custom-emoji-full` + `custom-emoji-chunk` |
| Friends list | `account_sync` `friend-added` / `friend-removed` |
| Server icons, edits, reactions | `account_sync` relay of existing P2P broadcast event types |
Client rules:
- `broadcastMessage()` still fans out over peer data channels; relayable events are **also** wrapped in `account_sync` and sent on the WebSocket.
- The server forwards `account_sync` to every other open connection for the same `oderId` via `notifyOtherConnectionsForOderId`.
- Receivers ignore payloads whose `clientInstanceId` matches the local tab id.
- When a new device identifies, the server notifies existing connections with `account_sync_peer_online`; those devices push a full snapshot (saved rooms, **room message history**, friends, profile, emoji library).
WebSocket envelope:
```json
{
"type": "account_sync",
"clientInstanceId": "<per-tab-uuid>",
"payload": { "type": "saved-room-sync", "room": { "...": "..." } }
}
```
Server response to other connections includes `fromUserId` set to the sender's `oderId`.
## Client storage
The product client stores tokens per signaling-server base URL in `localStorage` (`metoyou.authTokens`). An HTTP interceptor attaches the bearer token to `/api/*` requests targeting that server.
Persisted local user state (`metoyou_currentUserId` + IndexedDB/SQLite profile) is **not** sufficient to use chat or presence. On startup, `loadCurrentUser$` requires a non-expired session token for the user's home/active signaling server (or any stored token as a fallback). Missing or rejected tokens dispatch `SESSION_EXPIRED` and redirect to `/login`. WebSocket `auth_required` / `auth_error` responses trigger the same path.
Per-server credentials (`metoyou.signalServerCredentials`) map each normalized signal-server URL to the authenticated user id, username, display name, session token, expiry, and whether the account was auto-provisioned. The home user profile in SQLite/NgRx remains the device-local identity (`homeSignalServerUrl`); foreign-server credentials are a side map used for REST and WebSocket identify on that URL.
A per-install **provision secret** enables silent account creation on newly added or encountered signal servers. It is generated on home register/login, stored in Electron `safeStorage` when available (sessionStorage fallback on web), and never persisted as the user's visible login password.
### Multi-signal-server auth flows
| Flow | Action | Effect |
|---|---|---|
| Home login/register | `authenticateUser` | Resets local state, stores home credential + provision secret |
| Foreign login/register | `authorizeSignalServer` | Upserts credential for that URL only; home session unchanged |
| Auto-provision | `SignalServerProvisionerService` | Registers or logs in on foreign server using provision secret; on username collision tries suffixed username (`alice-<homeUserIdPrefix>`) and prefixes the display name with `#<homeUserIdPrefix> #<signalServerTag>` so same-name accounts stay distinguishable |
| Create/join on foreign server | `RoomsEffects.createRoom$`, invite/join flows | `ensureCredentialForServerUrl` provisions (or reuses) the per-server session token first; REST/WebSocket calls use the **actor user id** for that signal URL, not the home registration id |
| Foreign auth failure | `signalServerAuthFailed` | Clears that URL's credential and re-provisions when home token is still valid; global logout only when home server rejects auth |
Authorize UI: `/login?mode=authorize&serverId=…&returnUrl=…` (also supported on `/register`). Settings → Network shows per-endpoint `Authorized` / `Needs sign-in` badges.
Persisted local user state (`metoyou_currentUserId` + IndexedDB/SQLite profile) is **not** sufficient to use chat or presence. On startup, `loadCurrentUser$` requires a non-expired session token for the user's home signaling server (or any stored token as a fallback). Missing or rejected **home** tokens dispatch `SESSION_EXPIRED` and redirect to `/login`. Foreign-server `auth_required` / `auth_error` responses clear only that server's credential and attempt re-provision.
Startup routing for signed-out visitors is decided by `resolveUnauthenticatedStartupRedirect(currentUrl)` (`auth-navigation.rules.ts`), called from `App.ngOnInit`: any non-public route is redirected to `/login` (carrying a safe `returnUrl`), while public routes (`/login`, `/register`, `/invite/...`) are left alone. This is **platform-agnostic** — mobile is intentionally not special-cased, so a signed-out mobile user is greeted with the login screen on startup rather than a logged-out `/dashboard`.
## Security considerations

9
agents-docs/features/custom-emoji.md
View File

@@ -19,7 +19,7 @@ Custom emoji lets users upload small image emoji, use them in chat messages and
- **Custom emoji asset**: A user-created image stored as a data URL with id, name, mime, size, hash, creator, timestamps, and optional saved-library membership.
- **Known custom emoji**: A synced asset available for message rendering and forwarding, but not shown in the current user's picker unless saved.
- **Saved custom emoji**: A known asset with `savedByUser` enabled; saved emoji appear in the picker and shortcut ranking.
- **Saved custom emoji**: A known asset the current user added to their library; saved emoji appear in the picker and shortcut ranking. Library membership is **user-bound, not client-bound** — it is tracked per signed-in user (keyed by user id), so a second account on the same device never inherits the first account's library.
- **Emoji shortcut row**: The seven most-used emoji entries for the current user plus an eighth control that opens the full selector.
- **Custom emoji token**: The stable message/reaction representation `:emoji[id](name)`, resolved locally to the synced image asset when rendering.
- **Composer emoji alias**: The readable inline draft representation `:name:`. The composer rewrites known aliases to stable custom emoji tokens only when sending.
@@ -40,6 +40,7 @@ When a peer connects, each side sends a summary of known assets. The receiver re
- Uploads are capped at 1 MB.
- Accepted image types match profile avatars: WebP, GIF, JPG, and JPEG.
- Local shortcut ranking is keyed by the active user and includes Unicode emoji plus saved custom emoji only.
- Saved-library membership is bound to the user, not the client: `CustomEmojiService` tracks the set of saved emoji ids per user id in `localStorage` (`metoyou_custom_emoji_saved:<userId>`, mirroring the per-user usage ranking). The picker shows only emoji in the active user's saved set, so signing in as a different account on the same client never exposes the previous account's library. On first load after this change the set is seeded from legacy `savedByUser` rows the user actually created (`creatorUserId === userId`), so creators keep their library while other local accounts stay empty.
- Message rendering reserves inline emoji space with a transparent placeholder image while a referenced custom emoji asset is not yet available; deferred markdown placeholders rewrite tokens to readable `:name:` aliases so raw `:emoji[id](name)` text never flashes in chat.
- Seen custom emoji are not added to the picker automatically; right-click a rendered custom emoji in chat or on a custom emoji reaction and choose **Add to emoji library** from the app context menu (`NativeContextMenuComponent`).
- Saved custom emoji can be removed from the picker library by right-clicking them inside the emoji picker and choosing **Remove from emoji library**; the asset stays available for rendering messages that already reference it.
@@ -50,9 +51,9 @@ When a peer connects, each side sends a summary of known assets. The receiver re
## Data Access
- Browser runtime stores custom emoji in IndexedDB store `customEmojis`.
- Electron runtime stores custom emoji in SQLite table `custom_emojis`, created by migration `1000000000011-AddCustomEmojis`.
- Renderer access goes through `DatabaseService` methods `saveCustomEmoji`, `getCustomEmojis`, and `deleteCustomEmoji`.
- Browser runtime stores custom emoji image assets in IndexedDB store `customEmojis` (per-user database scope).
- Electron runtime stores custom emoji image assets in SQLite table `custom_emojis`, created by migration `1000000000011-AddCustomEmojis` (a single shared desktop database).
- Renderer access goes through `DatabaseService` methods `saveCustomEmoji`, `getCustomEmojis`, and `deleteCustomEmoji`. These persist the image **assets** only; they are not scoped per user (the Electron table is shared across local accounts). Per-user **library membership** lives separately in `localStorage` (`metoyou_custom_emoji_saved:<userId>`), which is what keeps the picker user-bound even on a shared client database.
## Testing

22
agents-docs/features/mobile-capacitor.md
View File

@@ -58,6 +58,28 @@ Optional `google-services.json` is not injected in CI; push registration in arti
After dependency or plugin changes, run `npm run build:prod && npm run cap:sync` so native projects register `@capacitor/app`, `@capacitor-community/sqlite`, `@capawesome/capacitor-app-update`, push plugins, and `MetoyouMobile`.
## App icon & splash (Android brand assets)
The Capacitor shell must ship the Toju brand mark, not the stock Ionic/Capacitor placeholder. Brand resources are generated from `images/icon-new-rounded.png` (circular cat-on-purple disc) into `toju-app/android/app/src/main/res/`:
```bash
npm run cap:assets:android # → tools/generate-android-app-icons.mjs (uses sharp)
```
This produces, for every density (`mdpi … xxxhdpi`):
- `mipmap-*/ic_launcher.png` + `ic_launcher_round.png` — legacy launcher bitmaps (the brand disc).
- `mipmap-*/ic_launcher_foreground.png` — full-bleed adaptive foreground; the adaptive layers in `mipmap-anydpi-v26/ic_launcher*.xml` reference `@mipmap/ic_launcher_foreground` (the stock `drawable-v24/ic_launcher_foreground.xml` vector is removed).
- `values/ic_launcher_background.xml` — adaptive background colour set to the **brand purple `#4A217A`**, not stock white.
- `drawable*/splash.png` (port + land per density, plus the base) — brand mark centred on a purple field for the launch splash.
Invariants are encoded in `toju-app/src/app/infrastructure/mobile/logic/mobile-android-launcher-icon.rules.ts` (required file set, brand background colour, and the SHA-256 of every stock Capacitor placeholder that must never reappear). Coverage:
- Unit: `mobile-android-launcher-icon.rules.spec.ts` — asserts every density is present, no resource matches a stock placeholder hash, and the adaptive background is the brand purple.
- E2E: `e2e/tests/mobile/android-app-icon.spec.ts` — same contract plus pixel checks (launcher ring is purple, centre is the white cat; splash corner is purple, centre is the cat). Deterministic; no emulator.
Re-run `npm run cap:assets:android` whenever `images/icon-new-rounded.png` changes; `npm run cap:sync` is **not** needed (resources live in the native project, not `webDir`).
## Feature status
| Feature | Status | Notes |

9
dev.sh
View File

@@ -21,13 +21,14 @@ if [ "$SSL" = "true" ]; then
fi
NG_SERVE="cd toju-app && npx ng serve --host=0.0.0.0 --ssl --ssl-cert=../.certs/localhost.crt --ssl-key=../.certs/localhost.key"
WAIT_URL="https://localhost:4200"
HEALTH_URL="https://localhost:3001/api/health"
# Use 127.0.0.1 so wait-on does not hit a stale HTTP listener on localhost (::1).
WAIT_URL="https://127.0.0.1:4200"
HEALTH_URL="https://127.0.0.1:3001/api/health"
export NODE_TLS_REJECT_UNAUTHORIZED=0
else
NG_SERVE="cd toju-app && npx ng serve --host=0.0.0.0"
WAIT_URL="http://localhost:4200"
HEALTH_URL="http://localhost:3001/api/health"
WAIT_URL="http://127.0.0.1:4200"
HEALTH_URL="http://127.0.0.1:3001/api/health"
fi
exec npx concurrently --kill-others \

10
docs-site/docs/developer/dom-structure.md
View File

@@ -10,14 +10,20 @@ This page maps the app routes and important DOM areas. It is useful for plugin a
| Route | Component | Purpose |
| ---------------------------- | ------------------------- | --------------------------------------------------------------------- |
| `/` | Redirect | Redirects to `/search`. |
| `/` | Redirect | Redirects to `/dashboard`. |
| `/login` | `LoginComponent` | User login. |
| `/register` | `RegisterComponent` | User registration. |
| `/invite/:inviteId` | `InviteComponent` | Resolve and accept invite links. |
| `/search` | `ServerSearchComponent` | Search and join servers. |
| `/dashboard` | `DashboardComponent` | Landing dashboard after sign-in. |
| `/people` | `FindPeopleComponent` | Discover and start direct messages with people. |
| `/servers` | `FindServersComponent` | Search, discover, and join servers. |
| `/create-server` | `CreateServerComponent` | Create a new server. |
| `/room/:roomId` | `ChatRoomComponent` | Main server page with text, voice, members, and plugin panels. |
| `/dm` | `DmWorkspaceComponent` | Direct-message workspace. |
| `/dm/:conversationId` | `DmWorkspaceComponent` | A selected direct-message conversation. |
| `/pm` | `DmWorkspaceComponent` | Private-message workspace (alias of the DM workspace). |
| `/pm/:conversationId` | `DmWorkspaceComponent` | A selected private-message conversation. |
| `/call/:callId` | `PrivateCallComponent` | Active private (1:1) call. |
| `/settings` | `SettingsComponent` | App, voice, server, plugin, desktop, theme, local API settings. |
| `/plugin-store` | `PluginStoreComponent` | Browse plugin sources and install/update plugins. |
| `/plugins/:pluginId/:pageId` | `PluginPageHostComponent` | Host for plugin app pages registered with `api.ui.registerAppPage()`. |

2
docs-site/docs/developer/llm-plugin-builder-guide.md
View File

@@ -124,7 +124,7 @@ Important routes:
| Route | Purpose |
| ------------------------------- | ------------------------------------------------------------------- |
| `/search` | Search and join servers. |
| `/servers` | Search, discover, and join servers. |
| `/room/:roomId` | Main server workspace with text, voice, members, and plugin panels. |
| `/dm` and `/dm/:conversationId` | Direct-message workspace. |
| `/settings` | App, voice, server, plugin, desktop, theme, and local API settings. |

3
e2e/fixtures/multi-client.ts
View File

@@ -48,7 +48,8 @@ export const test = base.extend<MultiClientFixture>({
const context = await browser.newContext({
permissions: ['microphone', 'camera'],
baseURL: 'http://localhost:4200'
baseURL: 'http://localhost:4200',
viewport: { width: 1440, height: 900 }
});
await installTestServerEndpoint(context, testServer.port);

20
e2e/helpers/app-menu.ts Normal file
View File

@@ -0,0 +1,20 @@
import { expect, type Page } from '@playwright/test';
export async function openTitleBarMenu(page: Page): Promise<void> {
const menuButton = page.getByRole('button', { name: 'Menu' });
await expect(menuButton).toBeVisible({ timeout: 15_000 });
await menuButton.click();
await expect(page.locator('app-title-bar .absolute.right-0.top-full').first()).toBeVisible({ timeout: 10_000 });
}
export async function openPluginStore(page: Page): Promise<void> {
await openTitleBarMenu(page);
await page.getByRole('button', { name: 'Plugin Store' }).click();
await expect(page).toHaveURL(/\/plugin-store/, { timeout: 20_000 });
}
export async function openSettingsFromMenu(page: Page): Promise<void> {
await openTitleBarMenu(page);
await page.getByRole('button', { name: 'Settings' }).click();
}

31
e2e/helpers/auth-api.ts
View File

@@ -1,6 +1,7 @@
import { type APIRequestContext, type Page } from '@playwright/test';
export const AUTH_TOKENS_STORAGE_KEY = 'metoyou.authTokens';
export const SIGNAL_SERVER_CREDENTIALS_STORAGE_KEY = 'metoyou.signalServerCredentials';
export interface AuthSession {
id: string;
@@ -56,6 +57,36 @@ export async function loginTestUser(
return await response.json() as AuthSession;
}
export async function readSignalServerCredentialFromPage(
page: Page,
serverUrl: string
): Promise<{ userId: string; token: string; username: string } | null> {
return await page.evaluate(({ storageKey, url }) => {
try {
const store = JSON.parse(localStorage.getItem(storageKey) || '{}') as Record<string, {
userId: string;
token: string;
username: string;
expiresAt: number;
}>;
const normalizedUrl = url.trim().replace(/\/+$/, '');
const entry = store[normalizedUrl];
if (!entry || entry.expiresAt <= Date.now()) {
return null;
}
return {
userId: entry.userId,
token: entry.token,
username: entry.username
};
} catch {
return null;
}
}, { storageKey: SIGNAL_SERVER_CREDENTIALS_STORAGE_KEY, url: serverUrl });
}
export async function readAuthTokenFromPage(page: Page, serverUrl: string): Promise<string | null> {
return await page.evaluate(({ storageKey, url }) => {
try {

11
e2e/helpers/dashboard.ts Normal file
View File

@@ -0,0 +1,11 @@
import { expect, type Page } from '@playwright/test';
/** Dashboard omnibox (desktop placeholder copy changed with i18n refresh). */
export function dashboardSearchInput(page: Page) {
return page.getByRole('textbox', { name: 'Search people, servers, and invites' });
}
export async function expectDashboardReady(page: Page, timeout = 30_000): Promise<void> {
await expect(page).toHaveURL(/\/dashboard/, { timeout });
await expect(dashboardSearchInput(page)).toBeVisible({ timeout });
}

312
e2e/helpers/multi-device-session.ts Normal file
View File

@@ -0,0 +1,312 @@
import { expect, type Page } from '@playwright/test';
import { type Client } from '../fixtures/multi-client';
import { LoginPage } from '../pages/login.page';
import { RegisterPage } from '../pages/register.page';
import { ServerSearchPage } from '../pages/server-search.page';
import { ChatRoomPage } from '../pages/chat-room.page';
import { ChatMessagesPage } from '../pages/chat-messages.page';
export const MULTI_DEVICE_PASSWORD = 'TestPass123!';
export const MULTI_DEVICE_VOICE_CHANNEL = 'General';
export interface MultiDeviceCredentials {
username: string;
displayName: string;
password: string;
}
export interface MultiDeviceScenario {
clientA: Client;
clientB: Client;
credentials: MultiDeviceCredentials;
serverName: string;
messagesA: ChatMessagesPage;
messagesB: ChatMessagesPage;
roomA: ChatRoomPage;
roomB: ChatRoomPage;
}
export function uniqueMultiDeviceName(prefix: string): string {
return `${prefix}-${Date.now()}-${Math.floor(Math.random() * 10_000)}`;
}
export async function createMultiDeviceScenario(
createClient: () => Promise<Client>,
options: { suffix?: string; serverDescription?: string } = {}
): Promise<MultiDeviceScenario> {
const suffix = options.suffix ?? uniqueMultiDeviceName('multi-device');
const credentials: MultiDeviceCredentials = {
username: `multi_${suffix}`,
displayName: 'Multi Device User',
password: MULTI_DEVICE_PASSWORD
};
const serverName = `Multi Device Server ${suffix}`;
const clientA = await createClient();
const clientB = await createClient();
await warmClientPage(clientA.page);
await warmClientPage(clientB.page);
const registerPage = new RegisterPage(clientA.page);
await registerPage.goto();
await registerPage.register(credentials.username, credentials.displayName, credentials.password);
await expect(clientA.page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
const searchA = new ServerSearchPage(clientA.page);
await searchA.createServer(serverName, {
description: options.serverDescription ?? 'Multi-device session coverage'
});
await expect(clientA.page).toHaveURL(/\/room\//, { timeout: 15_000 });
await waitForCurrentRoomName(clientA.page, serverName);
const roomA = new ChatRoomPage(clientA.page);
await roomA.ensureVoiceChannelExists(MULTI_DEVICE_VOICE_CHANNEL);
await loginSecondDeviceIntoServer(clientB.page, credentials, serverName);
await waitForCurrentRoomName(clientB.page, serverName);
const messagesA = new ChatMessagesPage(clientA.page);
const messagesB = new ChatMessagesPage(clientB.page);
const roomB = new ChatRoomPage(clientB.page);
await messagesA.waitForReady();
await messagesB.waitForReady();
return {
clientA,
clientB,
credentials,
serverName,
messagesA,
messagesB,
roomA,
roomB
};
}
export async function loginSecondDeviceIntoServer(
page: Page,
credentials: MultiDeviceCredentials,
serverName: string
): Promise<void> {
const loginPage = new LoginPage(page);
await loginPage.goto();
await loginPage.login(credentials.username, credentials.password);
await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
const search = new ServerSearchPage(page);
await search.joinServerFromSearch(serverName);
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
await expect(page.locator('app-rooms-side-panel').first()).toBeVisible({ timeout: 20_000 });
}
export async function expectCrossDeviceMessage(
sender: ChatMessagesPage,
receiver: ChatMessagesPage,
message: string,
timeout = 60_000
): Promise<void> {
await sender.sendMessage(message);
await expectSyncedMessage(receiver, message, timeout);
}
/** Waits until a message sent elsewhere appears in the local chat history. */
export async function expectSyncedMessage(
receiver: ChatMessagesPage,
message: string,
timeout = 90_000
): Promise<void> {
await receiver.waitForReady();
await expect(receiver.getMessageItemByText(message)).toBeVisible({ timeout });
}
export async function expectSyncedMessageWithResync(
page: Page,
receiver: ChatMessagesPage,
message: string,
timeout = 60_000
): Promise<void> {
await receiver.waitForReady();
const alreadyVisible = await receiver.getMessageItemByText(message)
.isVisible()
.catch(() => false);
if (!alreadyVisible) {
await resyncChannelMessages(page);
}
await expect(receiver.getMessageItemByText(message)).toBeVisible({ timeout });
}
export async function resyncChannelMessages(page: Page, channelName = 'general'): Promise<void> {
const channel = page.locator(`button[data-channel-type="text"][data-channel-name="${channelName}"]`).first();
await expect(channel).toBeVisible({ timeout: 10_000 });
await channel.click({ button: 'right' });
await page.getByRole('button', { name: 'Resync Messages' }).click();
}
export async function closeClient(client: Client): Promise<void> {
await client.context.close();
}
export async function registerGuestAndJoinServer(
page: Page,
credentials: MultiDeviceCredentials,
serverName: string
): Promise<void> {
const registerPage = new RegisterPage(page);
await registerPage.goto();
await registerPage.register(credentials.username, credentials.displayName, credentials.password);
await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
const search = new ServerSearchPage(page);
await search.joinServerFromSearch(serverName);
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
await expect(page.locator('app-rooms-side-panel').first()).toBeVisible({ timeout: 20_000 });
}
export async function reopenClientInServer(
createClient: () => Promise<Client>,
credentials: MultiDeviceCredentials,
serverName: string
): Promise<{ client: Client; messages: ChatMessagesPage }> {
const client = await createClient();
await warmClientPage(client.page);
await loginSecondDeviceIntoServer(client.page, credentials, serverName);
const messages = new ChatMessagesPage(client.page);
await messages.waitForReady();
return { client, messages };
}
async function warmClientPage(page: Page): Promise<void> {
await page.goto('/dashboard', { waitUntil: 'domcontentloaded' });
await page.waitForLoadState('networkidle').catch(() => undefined);
}
async function waitForCurrentRoomName(page: Page, roomName: string, timeout = 20_000): Promise<void> {
await page.waitForFunction(
(expectedRoomName) => {
interface RoomShape { name?: string }
interface AngularDebugApi {
getComponent: (element: Element) => Record<string, unknown>;
}
const host = document.querySelector('app-rooms-side-panel');
const debugApi = (window as { ng?: AngularDebugApi }).ng;
if (!host || !debugApi?.getComponent) {
return false;
}
const component = debugApi.getComponent(host);
const currentRoom = (component['currentRoom'] as (() => RoomShape | null) | undefined)?.() ?? null;
return currentRoom?.name === expectedRoomName;
},
roomName,
{ timeout }
);
}
export async function readClientInstanceId(page: Page): Promise<string | null> {
return page.evaluate(() => {
const sessionId = sessionStorage.getItem('metoyou.clientInstanceId')?.trim();
if (sessionId) {
return sessionId;
}
return localStorage.getItem('metoyou.clientInstanceId')?.trim() ?? null;
});
}
export async function logoutFromMenu(page: Page): Promise<void> {
const menuButton = page.getByRole('button', { name: 'Menu' });
const logoutButton = page.getByRole('button', { name: 'Logout' });
await expect(menuButton).toBeVisible({ timeout: 10_000 });
await menuButton.click();
await expect(logoutButton).toBeVisible({ timeout: 10_000 });
await logoutButton.click();
await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
}
export function channelsSidePanel(page: Page) {
return page.locator('app-rooms-side-panel').first();
}
export function membersSidePanel(page: Page) {
return page.locator('app-rooms-side-panel').last();
}
export function serverMemberRow(page: Page, displayName: string) {
return membersSidePanel(page)
.locator('[role="button"], button')
.filter({ has: page.getByText(displayName, { exact: true }) })
.first();
}
/**
* Gates cross-user assertions on real presence: the peer must show up in the
* members panel before chat delivery between the two users can be expected.
*/
export async function expectServerPeerVisible(
page: Page,
displayName: string,
timeout = 45_000
): Promise<void> {
await expect(serverMemberRow(page, displayName)).toBeVisible({ timeout });
}
export function passiveVoiceChannelJoinBadge(page: Page, channelName = MULTI_DEVICE_VOICE_CHANNEL) {
return page
.locator(`button[data-channel-type="voice"][data-channel-name="${channelName}"]`)
.getByText('Join', { exact: true });
}
export async function expectPassiveVoiceOnDevice(
page: Page,
options: { timeout?: number; displayName?: string; channelName?: string } = {}
): Promise<void> {
const timeout = options.timeout ?? 45_000;
const channelName = options.channelName ?? MULTI_DEVICE_VOICE_CHANNEL;
const displayName = options.displayName;
await expect.poll(async () => {
const membersLabel = await membersSidePanel(page)
.getByText('In voice on another device', { exact: false })
.isVisible()
.catch(() => false);
const joinBadge = await passiveVoiceChannelJoinBadge(page, channelName).isVisible()
.catch(() => false);
const grayedVoiceUser = displayName
? await channelsSidePanel(page).locator('.opacity-50')
.filter({ hasText: displayName })
.first()
.isVisible()
.catch(() => false)
: false;
return membersLabel || joinBadge || grayedVoiceUser;
}, { timeout }).toBe(true);
}
export async function expectActiveVoiceOnDevice(page: Page, timeout = 20_000): Promise<void> {
await expect(page.locator('app-voice-controls, app-voice-workspace').first()).toBeVisible({ timeout });
}

19
e2e/helpers/plugin-store.ts Normal file
View File

@@ -0,0 +1,19 @@
import { expect, type Page } from '@playwright/test';
export const E2E_PLUGIN_SOURCE_URL = 'http://localhost:4200/plugins/e2e-plugin-source.json';
export const E2E_PLUGIN_TITLE = 'E2E All API Plugin';
export async function addPluginSource(page: Page, sourceUrl = E2E_PLUGIN_SOURCE_URL): Promise<void> {
const sourceInput = page.getByLabel('Plugin source manifest URL');
await expect(sourceInput).toBeVisible({ timeout: 15_000 });
await sourceInput.click();
await sourceInput.fill(sourceUrl);
await expect(sourceInput).toHaveValue(sourceUrl, { timeout: 5_000 });
const addSourceButton = page.getByRole('button', { name: 'Add Source' });
await expect(addSourceButton).toBeEnabled({ timeout: 10_000 });
await addSourceButton.click();
await expect(page.getByRole('heading', { name: E2E_PLUGIN_TITLE })).toBeVisible({ timeout: 20_000 });
}

112
e2e/helpers/webrtc-helpers.ts
View File

@@ -1,15 +1,30 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
import { type Page } from '@playwright/test';
import { type BrowserContext, type Page } from '@playwright/test';
import type { WebRtcTestHarnessWindow } from './webrtc-test-window.types';
type RtcPeerConnectionArgs = ConstructorParameters<typeof RTCPeerConnection>;
type AudioContextArgs = ConstructorParameters<typeof AudioContext>;
interface ScreenShareMediaStream extends MediaStream {
__isScreenShare?: boolean;
}
function webRtcHarnessWindow(scope: Window = window): WebRtcTestHarnessWindow {
return scope as unknown as WebRtcTestHarnessWindow;
}
/**
* Install RTCPeerConnection monkey-patch on a page BEFORE navigating.
* Tracks all created peer connections and their remote tracks so tests
* can inspect WebRTC state via `page.evaluate()`.
*
* Call immediately after page creation, before any `goto()`.
* Call on the browser context (preferred) or page before any `goto()`.
*/
export async function installWebRTCTracking(page: Page): Promise<void> {
await page.addInitScript(() => {
export async function installWebRTCTracking(target: BrowserContext | Page): Promise<void> {
const addInitScript = 'addInitScript' in target && typeof target.addInitScript === 'function'
? target.addInitScript.bind(target)
: (target as Page).addInitScript.bind(target);
await addInitScript(() => {
const connections: RTCPeerConnection[] = [];
const dataChannels: RTCDataChannel[] = [];
const syntheticMediaResources: {
@@ -17,11 +32,12 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
source?: AudioScheduledSourceNode;
drawIntervalId?: number;
}[] = [];
const harness = webRtcHarnessWindow();
(window as any).__rtcConnections = connections;
(window as any).__rtcDataChannels = dataChannels;
(window as any).__rtcRemoteTracks = [] as { kind: string; id: string; readyState: string }[];
(window as any).__rtcSyntheticMediaResources = syntheticMediaResources;
harness.__rtcConnections = connections;
harness.__rtcDataChannels = dataChannels;
harness.__rtcRemoteTracks = [];
harness.__rtcSyntheticMediaResources = syntheticMediaResources;
const OriginalRTCPeerConnection = window.RTCPeerConnection;
const trackDataChannel = (channel: RTCDataChannel) => {
@@ -32,7 +48,7 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
dataChannels.push(channel);
};
(window as any).RTCPeerConnection = function(this: RTCPeerConnection, ...args: any[]) {
harness.RTCPeerConnection = function(this: RTCPeerConnection, ...args: RtcPeerConnectionArgs) {
const pc: RTCPeerConnection = new OriginalRTCPeerConnection(...args);
const originalCreateDataChannel = pc.createDataChannel.bind(pc);
@@ -46,7 +62,7 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
}) as RTCPeerConnection['createDataChannel'];
pc.addEventListener('connectionstatechange', () => {
(window as any).__lastRtcState = pc.connectionState;
harness.__lastRtcState = pc.connectionState;
});
pc.addEventListener('datachannel', (event: RTCDataChannelEvent) => {
@@ -54,7 +70,7 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
});
pc.addEventListener('track', (event: RTCTrackEvent) => {
(window as any).__rtcRemoteTracks.push({
harness.__rtcRemoteTracks.push({
kind: event.track.kind,
id: event.track.id,
readyState: event.track.readyState
@@ -62,10 +78,10 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
});
return pc;
} as any;
} as typeof RTCPeerConnection;
(window as any).RTCPeerConnection.prototype = OriginalRTCPeerConnection.prototype;
Object.setPrototypeOf((window as any).RTCPeerConnection, OriginalRTCPeerConnection);
harness.RTCPeerConnection.prototype = OriginalRTCPeerConnection.prototype;
Object.setPrototypeOf(harness.RTCPeerConnection, OriginalRTCPeerConnection);
// Patch getDisplayMedia to return a synthetic screen share stream
// (canvas-based video + 880Hz oscillator audio) so the browser
@@ -140,7 +156,7 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
}, { once: true });
// Tag the stream so tests can identify it
(resultStream as any).__isScreenShare = true;
(resultStream as ScreenShareMediaStream).__isScreenShare = true;
return resultStream;
};
@@ -165,11 +181,12 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
export async function installAutoResumeAudioContext(page: Page): Promise<void> {
await page.addInitScript(() => {
const OrigAudioContext = window.AudioContext;
const audioHarness = webRtcHarnessWindow();
(window as any).AudioContext = function(this: AudioContext, ...args: any[]) {
audioHarness.AudioContext = function(this: AudioContext, ...args: AudioContextArgs) {
const ctx: AudioContext = new OrigAudioContext(...args);
// Track all created AudioContexts for test diagnostics
const tracked = ((window as any).__trackedAudioContexts ??= []) as AudioContext[];
const tracked = audioHarness.__trackedAudioContexts ??= [];
tracked.push(ctx);
@@ -185,18 +202,19 @@ export async function installAutoResumeAudioContext(page: Page): Promise<void> {
});
return ctx;
} as any;
} as typeof AudioContext;
(window as any).AudioContext.prototype = OrigAudioContext.prototype;
Object.setPrototypeOf((window as any).AudioContext, OrigAudioContext);
audioHarness.AudioContext.prototype = OrigAudioContext.prototype;
Object.setPrototypeOf(audioHarness.AudioContext, OrigAudioContext);
});
}
export async function waitForPeerConnected(page: Page, timeout = 30_000): Promise<void> {
await page.waitForFunction(
() => (window as any).__rtcConnections?.some(
() => webRtcHarnessWindow().__rtcConnections?.some(
(pc: RTCPeerConnection) => pc.connectionState === 'connected'
) ?? false,
undefined,
{ timeout }
);
}
@@ -206,7 +224,7 @@ export async function waitForPeerConnected(page: Page, timeout = 30_000): Promis
*/
export async function isPeerStillConnected(page: Page): Promise<boolean> {
return page.evaluate(
() => (window as any).__rtcConnections?.some(
() => webRtcHarnessWindow().__rtcConnections?.some(
(pc: RTCPeerConnection) => pc.connectionState === 'connected'
) ?? false
);
@@ -215,7 +233,7 @@ export async function isPeerStillConnected(page: Page): Promise<boolean> {
/** Returns the number of tracked peer connections in `connected` state. */
export async function getConnectedPeerCount(page: Page): Promise<number> {
return page.evaluate(
() => ((window as any).__rtcConnections as RTCPeerConnection[] | undefined)?.filter(
() => (webRtcHarnessWindow().__rtcConnections as RTCPeerConnection[] | undefined)?.filter(
(pc) => pc.connectionState === 'connected'
).length ?? 0
);
@@ -224,7 +242,7 @@ export async function getConnectedPeerCount(page: Page): Promise<number> {
/** Wait until the expected number of peer connections are `connected`. */
export async function waitForConnectedPeerCount(page: Page, expectedCount: number, timeout = 45_000): Promise<void> {
await page.waitForFunction(
(count) => ((window as any).__rtcConnections as RTCPeerConnection[] | undefined)?.filter(
(count) => (webRtcHarnessWindow().__rtcConnections as RTCPeerConnection[] | undefined)?.filter(
(pc) => pc.connectionState === 'connected'
).length === count,
expectedCount,
@@ -235,7 +253,7 @@ export async function waitForConnectedPeerCount(page: Page, expectedCount: numbe
/** Returns the number of tracked RTCDataChannels in the open state. */
export async function getOpenDataChannelCount(page: Page): Promise<number> {
return page.evaluate(
() => ((window as any).__rtcDataChannels as RTCDataChannel[] | undefined)?.filter(
() => (webRtcHarnessWindow().__rtcDataChannels as RTCDataChannel[] | undefined)?.filter(
(channel) => channel.readyState === 'open'
).length ?? 0
);
@@ -244,7 +262,7 @@ export async function getOpenDataChannelCount(page: Page): Promise<number> {
/** Wait until the expected number of tracked RTCDataChannels are open. */
export async function waitForOpenDataChannelCount(page: Page, expectedCount: number, timeout = 45_000): Promise<void> {
await page.waitForFunction(
(count) => ((window as any).__rtcDataChannels as RTCDataChannel[] | undefined)?.filter(
(count) => (webRtcHarnessWindow().__rtcDataChannels as RTCDataChannel[] | undefined)?.filter(
(channel) => channel.readyState === 'open'
).length === count,
expectedCount,
@@ -255,7 +273,7 @@ export async function waitForOpenDataChannelCount(page: Page, expectedCount: num
/** Close every currently-open RTCDataChannel and return how many were closed. */
export async function closeOpenDataChannels(page: Page): Promise<number> {
return page.evaluate(() => {
const channels = ((window as any).__rtcDataChannels as RTCDataChannel[] | undefined) ?? [];
const channels = (webRtcHarnessWindow().__rtcDataChannels as RTCDataChannel[] | undefined) ?? [];
let closed = 0;
@@ -275,7 +293,7 @@ export async function closeOpenDataChannels(page: Page): Promise<number> {
/** Dispatch a synthetic data-channel error event on each open channel. */
export async function dispatchDataChannelErrors(page: Page): Promise<number> {
return page.evaluate(() => {
const channels = ((window as any).__rtcDataChannels as RTCDataChannel[] | undefined) ?? [];
const channels = (webRtcHarnessWindow().__rtcDataChannels as RTCDataChannel[] | undefined) ?? [];
let dispatched = 0;
@@ -336,7 +354,7 @@ interface PerPeerAudioStat {
/** Get per-peer audio stats for every tracked RTCPeerConnection. */
export async function getPerPeerAudioStats(page: Page): Promise<PerPeerAudioStat[]> {
return page.evaluate(async () => {
const connections = (window as any).__rtcConnections as RTCPeerConnection[] | undefined;
const connections = webRtcHarnessWindow().__rtcConnections as RTCPeerConnection[] | undefined;
if (!connections?.length) {
return [];
@@ -353,7 +371,7 @@ export async function getPerPeerAudioStats(page: Page): Promise<PerPeerAudioStat
try {
const stats = await pc.getStats();
stats.forEach((report: any) => {
stats.forEach((report: RTCStats) => {
const kind = report.kind ?? report.mediaType;
if (report.type === 'outbound-rtp' && kind === 'audio') {
@@ -454,7 +472,7 @@ export async function getAudioStats(page: Page): Promise<{
inbound: { bytesReceived: number; packetsReceived: number } | null;
}> {
return page.evaluate(async () => {
const connections = (window as any).__rtcConnections as RTCPeerConnection[] | undefined;
const connections = webRtcHarnessWindow().__rtcConnections as RTCPeerConnection[] | undefined;
if (!connections?.length)
return { outbound: null, inbound: null };
@@ -468,8 +486,8 @@ export async function getAudioStats(page: Page): Promise<{
hasInbound: boolean;
};
const hwm: Record<number, HWMEntry> = (window as any).__rtcStatsHWM =
((window as any).__rtcStatsHWM as Record<number, HWMEntry> | undefined) ?? {};
const hwm: Record<number, HWMEntry> = webRtcHarnessWindow().__rtcStatsHWM =
(webRtcHarnessWindow().__rtcStatsHWM as Record<number, HWMEntry> | undefined) ?? {};
for (let idx = 0; idx < connections.length; idx++) {
let stats: RTCStatsReport;
@@ -487,7 +505,7 @@ export async function getAudioStats(page: Page): Promise<{
let hasOut = false;
let hasIn = false;
stats.forEach((report: any) => {
stats.forEach((report: RTCStats) => {
const kind = report.kind ?? report.mediaType;
if (report.type === 'outbound-rtp' && kind === 'audio') {
@@ -578,7 +596,7 @@ export async function getAudioStatsDelta(page: Page, durationMs = 3_000): Promis
export async function waitForAudioStatsPresent(page: Page, timeout = 15_000): Promise<void> {
await page.waitForFunction(
async () => {
const connections = (window as any).__rtcConnections as RTCPeerConnection[] | undefined;
const connections = webRtcHarnessWindow().__rtcConnections as RTCPeerConnection[] | undefined;
if (!connections?.length)
return false;
@@ -595,7 +613,7 @@ export async function waitForAudioStatsPresent(page: Page, timeout = 15_000): Pr
let hasOut = false;
let hasIn = false;
stats.forEach((report: any) => {
stats.forEach((report: RTCStats) => {
const kind = report.kind ?? report.mediaType;
if (report.type === 'outbound-rtp' && kind === 'audio')
@@ -611,6 +629,7 @@ export async function waitForAudioStatsPresent(page: Page, timeout = 15_000): Pr
return false;
},
undefined,
{ timeout }
);
}
@@ -686,7 +705,7 @@ export async function getVideoStats(page: Page): Promise<{
inbound: { bytesReceived: number; packetsReceived: number } | null;
}> {
return page.evaluate(async () => {
const connections = (window as any).__rtcConnections as RTCPeerConnection[] | undefined;
const connections = webRtcHarnessWindow().__rtcConnections as RTCPeerConnection[] | undefined;
if (!connections?.length)
return { outbound: null, inbound: null };
@@ -700,8 +719,8 @@ export async function getVideoStats(page: Page): Promise<{
hasInbound: boolean;
}
const hwm: Record<number, VHWM> = (window as any).__rtcVideoStatsHWM =
((window as any).__rtcVideoStatsHWM as Record<number, VHWM> | undefined) ?? {};
const hwm: Record<number, VHWM> = webRtcHarnessWindow().__rtcVideoStatsHWM =
(webRtcHarnessWindow().__rtcVideoStatsHWM as Record<number, VHWM> | undefined) ?? {};
for (let idx = 0; idx < connections.length; idx++) {
let stats: RTCStatsReport;
@@ -719,7 +738,7 @@ export async function getVideoStats(page: Page): Promise<{
let hasOut = false;
let hasIn = false;
stats.forEach((report: any) => {
stats.forEach((report: RTCStats) => {
const kind = report.kind ?? report.mediaType;
if (report.type === 'outbound-rtp' && kind === 'video') {
@@ -785,7 +804,7 @@ export async function getVideoStats(page: Page): Promise<{
export async function waitForVideoStatsPresent(page: Page, timeout = 15_000): Promise<void> {
await page.waitForFunction(
async () => {
const connections = (window as any).__rtcConnections as RTCPeerConnection[] | undefined;
const connections = webRtcHarnessWindow().__rtcConnections as RTCPeerConnection[] | undefined;
if (!connections?.length)
return false;
@@ -802,7 +821,7 @@ export async function waitForVideoStatsPresent(page: Page, timeout = 15_000): Pr
let hasOut = false;
let hasIn = false;
stats.forEach((report: any) => {
stats.forEach((report: RTCStats) => {
const kind = report.kind ?? report.mediaType;
if (report.type === 'outbound-rtp' && kind === 'video')
@@ -818,6 +837,7 @@ export async function waitForVideoStatsPresent(page: Page, timeout = 15_000): Pr
return false;
},
undefined,
{ timeout }
);
}
@@ -952,7 +972,7 @@ export async function waitForInboundVideoFlow(
*/
export async function dumpRtcDiagnostics(page: Page): Promise<string> {
return page.evaluate(async () => {
const conns = (window as any).__rtcConnections as RTCPeerConnection[] | undefined;
const conns = webRtcHarnessWindow().__rtcConnections as RTCPeerConnection[] | undefined;
if (!conns?.length)
return 'No connections tracked';
@@ -977,7 +997,7 @@ export async function dumpRtcDiagnostics(page: Page): Promise<string> {
try {
const stats = await pc.getStats();
stats.forEach((report: any) => {
stats.forEach((report: RTCStats) => {
if (report.type !== 'outbound-rtp' && report.type !== 'inbound-rtp')
return;
@@ -987,7 +1007,7 @@ export async function dumpRtcDiagnostics(page: Page): Promise<string> {
lines.push(` ${report.type}: kind=${kind}, bytes=${bytes}, packets=${packets}`);
});
} catch (err: any) {
} catch (err: unknown) {
lines.push(` getStats() failed: ${err?.message ?? err}`);
}
}

28
e2e/helpers/webrtc-test-window.types.ts Normal file
View File

@@ -0,0 +1,28 @@
export interface RtcRemoteTrackSnapshot {
kind: string;
id: string;
readyState: string;
}
export interface RtcSyntheticMediaResource {
audioCtx: AudioContext;
source?: AudioScheduledSourceNode;
drawIntervalId?: number;
}
export interface WebRtcTestHarnessWindow extends Window {
__rtcConnections: RTCPeerConnection[];
__rtcDataChannels: RTCDataChannel[];
__rtcRemoteTracks: RtcRemoteTrackSnapshot[];
__rtcSyntheticMediaResources: RtcSyntheticMediaResource[];
__trackedAudioContexts?: AudioContext[];
__rtcStatsHWM?: Record<number, Record<string, number | boolean>>;
__rtcVideoStatsHWM?: Record<number, Record<string, number | boolean>>;
__lastRtcState?: RTCPeerConnectionState;
RTCPeerConnection: typeof RTCPeerConnection;
AudioContext: typeof AudioContext;
}
export function getWebRtcTestHarnessWindow(): WebRtcTestHarnessWindow {
return window as unknown as WebRtcTestHarnessWindow;
}

70
e2e/pages/chat-messages.page.ts
View File

@@ -34,9 +34,22 @@ export class ChatMessagesPage {
}
async sendMessage(content: string): Promise<void> {
await this.waitForReady();
await this.composerInput.fill(content);
await this.sendButton.click();
let lastError: unknown;
for (let attempt = 1; attempt <= 3; attempt += 1) {
try {
await this.waitForReady();
await this.composerInput.fill(content);
await expect(this.composerInput).toHaveValue(content, { timeout: 5_000 });
await expect(this.sendButton).toBeEnabled({ timeout: 5_000 });
await this.sendButton.click();
return;
} catch (error) {
lastError = error;
}
}
throw lastError instanceof Error ? lastError : new Error('Failed to send chat message');
}
async typeDraft(content: string): Promise<void> {
@@ -44,6 +57,13 @@ export class ChatMessagesPage {
await this.composerInput.fill(content);
}
/** Types into the composer in a way that emits input/typing events (not just fill). */
async typeDraftWithTypingEvents(content: string): Promise<void> {
await this.waitForReady();
await this.composerInput.click();
await this.composerInput.pressSequentially(content, { delay: 40 });
}
async clearDraft(): Promise<void> {
await this.waitForReady();
await this.composerInput.fill('');
@@ -74,6 +94,25 @@ export class ChatMessagesPage {
}, files);
}
/** Sends the currently-attached files with no text caption (attachment-only message). */
async sendPendingAttachments(): Promise<void> {
await this.waitForReady();
await expect(this.sendButton).toBeEnabled({ timeout: 10_000 });
await this.sendButton.click();
}
/** The message bubble that contains the rendered image with the given alt text. */
getMessageItemContainingImage(altText: string): Locator {
return this.messageItems.filter({
has: this.page.locator(`img[alt="${altText}"]`)
}).last();
}
/** Resolves the stable data-message-id of the bubble holding the given image. */
async getMessageIdContainingImage(altText: string): Promise<string | null> {
return this.getMessageItemContainingImage(altText).getAttribute('data-message-id');
}
async openGifPicker(): Promise<void> {
await this.waitForReady();
await this.gifButton.click();
@@ -112,6 +151,31 @@ export class ChatMessagesPage {
}).toBe(true);
}
/** SHA-256 of the bytes currently served by the rendered chat image. */
async getMessageImageSha256(altText: string): Promise<string> {
const image = this.getMessageImageByAlt(altText);
return image.evaluate(async (element) => {
const img = element as HTMLImageElement;
const response = await fetch(img.src);
const buffer = await response.arrayBuffer();
const digest = await crypto.subtle.digest('SHA-256', buffer);
return [...new Uint8Array(digest)]
.map((byte) => byte.toString(16).padStart(2, '0'))
.join('');
});
}
/** Asserts the rendered chat image is byte-identical to the sent file. */
async expectMessageImageContentSha256(altText: string, expectedSha256: string): Promise<void> {
await this.expectMessageImageLoaded(altText);
await expect.poll(() => this.getMessageImageSha256(altText), {
timeout: 30_000,
message: `Image ${altText} should be received byte-identical (no truncated/corrupt transfer)`
}).toBe(expectedSha256);
}
getEmbedCardByTitle(title: string): Locator {
return this.page.locator('app-chat-link-embed').filter({
has: this.page.getByText(title, { exact: true })

5
e2e/pages/login.page.ts
View File

@@ -10,15 +10,14 @@ export class LoginPage {
readonly registerLink: Locator;
constructor(private page: Page) {
this.form = page.locator('#login-username').locator('xpath=ancestor::div[contains(@class, "space-y-3")]')
.first();
this.form = page.locator('form').filter({ has: page.locator('#login-username') });
this.usernameInput = page.locator('#login-username');
this.passwordInput = page.locator('#login-password');
this.serverSelect = page.locator('#login-server');
this.submitButton = this.form.getByRole('button', { name: 'Login' });
this.errorText = page.locator('.text-destructive');
this.registerLink = this.form.getByRole('button', { name: 'Register' });
this.registerLink = page.getByRole('button', { name: 'Register' });
}
async goto() {

27
e2e/run-playwright.mjs Normal file
View File

@@ -0,0 +1,27 @@
import { spawn } from 'node:child_process';
import { fileURLToPath } from 'node:url';
const e2eDirectory = fileURLToPath(new URL('.', import.meta.url));
const env = { ...process.env };
const browsersPath = env.PLAYWRIGHT_BROWSERS_PATH;
if (browsersPath?.includes('/cursor-sandbox-cache/')) {
delete env.PLAYWRIGHT_BROWSERS_PATH;
}
const [command = 'test', ...args] = process.argv.slice(2);
const executable = process.platform === 'win32' ? 'npx.cmd' : 'npx';
const child = spawn(executable, ['playwright', command, ...args], {
cwd: e2eDirectory,
env,
stdio: 'inherit'
});
child.on('exit', (code, signal) => {
if (signal) {
process.kill(process.pid, signal);
return;
}
process.exit(code ?? 1);
});

153
e2e/tests/auth/login-return-url.spec.ts Normal file
View File

@@ -0,0 +1,153 @@
import { test, expect } from '../../fixtures/multi-client';
import { LoginPage } from '../../pages/login.page';
import { RegisterPage } from '../../pages/register.page';
interface TestUser {
username: string;
displayName: string;
password: string;
}
test.describe('Login returnUrl handling', () => {
test.describe.configure({ timeout: 120_000 });
test('unwraps nested login returnUrl chains after successful login', async ({ createClient }) => {
const client = await createClient();
const { page } = client;
const suffix = uniqueName('nested-return');
const user: TestUser = {
username: `user_${suffix}`,
displayName: 'Return Url User',
password: 'TestPass123!'
};
await test.step('Create an account', async () => {
const registerPage = new RegisterPage(page);
await registerPage.goto();
await registerPage.register(user.username, user.displayName, user.password);
await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
});
await test.step('Log out and open a deeply nested login returnUrl', async () => {
await logout(page);
const nestedReturnUrl = '/login?returnUrl=%2Flogin%3FreturnUrl%3D%252Fservers';
await page.goto(`/login?returnUrl=${encodeURIComponent(nestedReturnUrl)}`, {
waitUntil: 'domcontentloaded'
});
await expect(page.locator('#login-username')).toBeVisible({ timeout: 15_000 });
});
await test.step('Login lands on the original destination instead of looping on /login', async () => {
const loginPage = new LoginPage(page);
await loginPage.login(user.username, user.password);
await expect(page).toHaveURL(/\/servers/, { timeout: 15_000 });
await expect(page).not.toHaveURL(/returnUrl=.*login/);
});
});
test('redirects unauthenticated /servers visits to login and returns there after login', async ({ createClient }) => {
const client = await createClient();
const { page } = client;
const suffix = uniqueName('servers-return');
const user: TestUser = {
username: `user_${suffix}`,
displayName: 'Servers Return User',
password: 'TestPass123!'
};
await test.step('Create an account and log out', async () => {
const registerPage = new RegisterPage(page);
await registerPage.goto();
await registerPage.register(user.username, user.displayName, user.password);
await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
await logout(page);
});
await test.step('Visiting /servers sends the user to a single-level login returnUrl', async () => {
await page.goto('/servers', { waitUntil: 'domcontentloaded' });
await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
await expect(page).toHaveURL(/returnUrl=%2Fservers/);
await expect(page).not.toHaveURL(/returnUrl=.*login/);
});
await test.step('Logging in returns to /servers', async () => {
const loginPage = new LoginPage(page);
await loginPage.login(user.username, user.password);
await expect(page).toHaveURL(/\/servers/, { timeout: 15_000 });
await expect(page.locator('app-server-browser')).toBeVisible({ timeout: 15_000 });
});
});
test('lets a returning user log back in after an expired session redirect', async ({ createClient }) => {
const client = await createClient();
const { page } = client;
const suffix = uniqueName('expired-session');
const user: TestUser = {
username: `user_${suffix}`,
displayName: 'Expired Session User',
password: 'TestPass123!'
};
await test.step('Create an account', async () => {
const registerPage = new RegisterPage(page);
await registerPage.goto();
await registerPage.register(user.username, user.displayName, user.password);
await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
});
await test.step('Simulate an expired session while keeping the persisted user id', async () => {
await page.evaluate(() => {
const storageKey = 'metoyou.authTokens';
const raw = localStorage.getItem(storageKey);
if (!raw) {
return;
}
const parsed = JSON.parse(raw) as Record<string, { token: string; expiresAt: number }>;
const expiredStore = Object.fromEntries(
Object.entries(parsed).map(([url, entry]) => [url, { ...entry, expiresAt: 0 }])
);
localStorage.setItem(storageKey, JSON.stringify(expiredStore));
});
await page.goto('/servers', { waitUntil: 'domcontentloaded' });
await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
await expect(page).toHaveURL(/returnUrl=%2Fservers/);
await expect(page).not.toHaveURL(/returnUrl=.*login/);
});
await test.step('The user can authenticate again and reach /servers', async () => {
const loginPage = new LoginPage(page);
await loginPage.login(user.username, user.password);
await expect(page).toHaveURL(/\/servers/, { timeout: 15_000 });
await expect(page.locator('app-server-browser')).toBeVisible({ timeout: 15_000 });
});
});
});
async function logout(page: import('@playwright/test').Page): Promise<void> {
const menuButton = page.getByRole('button', { name: 'Menu' });
const logoutButton = page.getByRole('button', { name: 'Logout' });
await expect(menuButton).toBeVisible({ timeout: 10_000 });
await menuButton.click();
await expect(logoutButton).toBeVisible({ timeout: 10_000 });
await logoutButton.click();
await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
}
function uniqueName(prefix: string): string {
return `${prefix}-${Date.now().toString(36)}-${Math.random().toString(36)
.slice(2, 8)}`;
}

94
e2e/tests/auth/multi-device-session.spec.ts Normal file
View File

@@ -0,0 +1,94 @@
import { test, expect } from '../../fixtures/multi-client';
import {
MULTI_DEVICE_VOICE_CHANNEL,
channelsSidePanel,
createMultiDeviceScenario,
expectCrossDeviceMessage,
expectActiveVoiceOnDevice,
expectPassiveVoiceOnDevice,
logoutFromMenu,
membersSidePanel,
passiveVoiceChannelJoinBadge,
readClientInstanceId,
uniqueMultiDeviceName
} from '../../helpers/multi-device-session';
test.describe('Multi-device session', () => {
test.describe.configure({ timeout: 300_000, retries: 1 });
test('covers identity, chat sync, typing exclusion, and voice exclusivity', async ({ createClient }) => {
const scenario = await createMultiDeviceScenario(createClient);
const messageAtoB = `Cross-device A to B ${uniqueMultiDeviceName('msg')}`;
const messageBtoA = `Cross-device B to A ${uniqueMultiDeviceName('msg')}`;
const typingDraft = `Typing draft ${uniqueMultiDeviceName('draft')}`;
await test.step('assigns distinct clientInstanceId per browser context', async () => {
const instanceA = await readClientInstanceId(scenario.clientA.page);
const instanceB = await readClientInstanceId(scenario.clientB.page);
expect(instanceA).toBeTruthy();
expect(instanceB).toBeTruthy();
expect(instanceA).not.toEqual(instanceB);
});
await test.step('syncs chat from device A to device B', async () => {
await expectCrossDeviceMessage(scenario.messagesA, scenario.messagesB, messageAtoB);
});
await test.step('syncs chat from device B to device A', async () => {
await expectCrossDeviceMessage(scenario.messagesB, scenario.messagesA, messageBtoA);
});
await test.step('does not show own typing indicator on the other device for the same user', async () => {
await scenario.messagesA.typeDraftWithTypingEvents(typingDraft);
await expect(
scenario.clientB.page.getByText(`${scenario.credentials.displayName} is typing`, { exact: false })
).toHaveCount(0, { timeout: 5_000 });
});
await test.step('shows passive in-voice UI on the second device when the first joins voice', async () => {
await scenario.roomA.joinVoiceChannel(MULTI_DEVICE_VOICE_CHANNEL);
await expectActiveVoiceOnDevice(scenario.clientA.page);
await expectPassiveVoiceOnDevice(scenario.clientB.page, {
displayName: scenario.credentials.displayName
});
await expect(
membersSidePanel(scenario.clientB.page).getByText('In voice on another device', { exact: false })
).toBeVisible({ timeout: 20_000 });
await expect(
channelsSidePanel(scenario.clientB.page).locator('.opacity-50')
.filter({
hasText: scenario.credentials.displayName
})
.first()
).toBeVisible({ timeout: 20_000 });
});
await test.step('shows Join takeover affordance on passive device voice channel', async () => {
await expect(passiveVoiceChannelJoinBadge(scenario.clientB.page)).toBeVisible({ timeout: 20_000 });
});
await test.step('transfers voice ownership when the passive device takes over', async () => {
await scenario.roomB.joinVoiceChannel(MULTI_DEVICE_VOICE_CHANNEL);
await expectActiveVoiceOnDevice(scenario.clientB.page);
await expectPassiveVoiceOnDevice(scenario.clientA.page, {
displayName: scenario.credentials.displayName
});
});
await test.step('keeps the second device logged in when the first device logs out', async () => {
const message = `Still logged in ${uniqueMultiDeviceName('logout')}`;
await logoutFromMenu(scenario.clientA.page);
await scenario.messagesB.sendMessage(message);
await expect(scenario.messagesB.getMessageItemByText(message)).toBeVisible({ timeout: 20_000 });
await expect(scenario.clientB.page).toHaveURL(/\/room\//, { timeout: 10_000 });
});
});
});

111
e2e/tests/auth/multi-signal-server-auth.spec.ts Normal file
View File

@@ -0,0 +1,111 @@
import { expect } from '@playwright/test';
import { test } from '../../fixtures/multi-client';
import { openSettingsFromMenu } from '../../helpers/app-menu';
import { expectDashboardReady } from '../../helpers/dashboard';
import { installTestServerEndpoints } from '../../helpers/seed-test-endpoint';
import { startTestServer } from '../../helpers/test-server';
import {
readAuthTokenFromPage,
readSignalServerCredentialFromPage,
registerTestUser
} from '../../helpers/auth-api';
import { RegisterPage } from '../../pages/register.page';
const PRIMARY_ENDPOINT_ID = 'e2e-multi-auth-primary';
const USER_PASSWORD = 'TestPass123!';
test.describe('Multi-signal-server authentication', () => {
test.describe.configure({ timeout: 180_000 });
test('auto-provisions a foreign signal server when a new endpoint is added', async ({ createClient, request }) => {
const primaryServer = await startTestServer();
const secondaryServer = await startTestServer();
try {
const client = await createClient();
const suffix = `multi_auth_${Date.now()}`;
const username = `user_${suffix}`;
await installTestServerEndpoints(client.context, [
{
id: PRIMARY_ENDPOINT_ID,
name: 'E2E Primary Signal',
url: primaryServer.url,
isActive: true,
status: 'online'
}
]);
await test.step('Register on the home signal server', async () => {
const register = new RegisterPage(client.page);
await register.goto();
await register.register(username, 'Multi Auth User', USER_PASSWORD);
await expectDashboardReady(client.page);
});
await test.step('Add a second signal server in network settings', async () => {
await openSettingsFromMenu(client.page);
await client.page.getByRole('button', { name: 'Network' }).click();
await client.page.getByPlaceholder('Server name').fill('E2E Secondary Signal');
await client.page.getByPlaceholder('Server URL (e.g., http://localhost:3001)').fill(secondaryServer.url);
await client.page.getByTestId('add-signal-server-button').click();
await expect(client.page.getByText(secondaryServer.url)).toBeVisible({ timeout: 15_000 });
});
await test.step('Wait for auto-provisioned credentials on the secondary server', async () => {
await expect.poll(async () =>
await readSignalServerCredentialFromPage(client.page, secondaryServer.url),
{ timeout: 30_000 }
).not.toBeNull();
const homeToken = await readAuthTokenFromPage(client.page, primaryServer.url);
const secondaryCredential = await readSignalServerCredentialFromPage(client.page, secondaryServer.url);
expect(homeToken).toBeTruthy();
expect(secondaryCredential?.username).toBe(username);
expect(secondaryCredential?.token).toBeTruthy();
});
await test.step('Secondary credential can call authenticated APIs', async () => {
const secondaryCredential = await readSignalServerCredentialFromPage(client.page, secondaryServer.url);
if (!secondaryCredential) {
throw new Error('Expected secondary signal-server credential to be provisioned');
}
const response = await request.post(`${secondaryServer.url}/api/servers`, {
headers: {
Authorization: `Bearer ${secondaryCredential.token}`,
'Content-Type': 'application/json'
},
data: {
name: `Secondary Provisioned Server ${suffix}`,
description: 'Created with auto-provisioned credentials',
ownerId: secondaryCredential.userId,
ownerPublicKey: 'e2e-secondary-owner-key'
}
});
expect(response.ok(), `POST /api/servers failed: ${response.status()} ${await response.text()}`).toBe(true);
});
await test.step('Home registration still works independently on the secondary server', async () => {
const otherUser = await registerTestUser(
request,
secondaryServer.url,
`other_${suffix}`,
USER_PASSWORD,
'Other User'
);
expect(otherUser.username).toBe(`other_${suffix}`);
});
} finally {
await primaryServer.stop();
await secondaryServer.stop();
}
});
});

297
e2e/tests/auth/user-session-data-isolation.spec.ts
View File

@@ -48,14 +48,13 @@ test.describe('User session data isolation', () => {
await test.step('Alice registers and creates local chat history', async () => {
await registerUser(client.page, alice);
await createServerAndSendMessage(client.page, aliceServerName, aliceMessage);
await createServerAndSendMessage(client.page, alice, aliceServerName, aliceMessage);
});
await test.step('Alice sees the same saved room and message after a full restart', async () => {
await restartPersistentClient(client, testServer.port);
await openApp(client.page);
await expect(client.page).not.toHaveURL(/\/login/, { timeout: 15_000 });
await expectSavedRoomAndHistory(client.page, aliceServerName, aliceMessage);
await expectSavedRoomAndHistory(client.page, alice, aliceServerName, aliceMessage);
});
} finally {
await closePersistentClient(client);
@@ -88,11 +87,11 @@ test.describe('User session data isolation', () => {
await test.step('Alice creates persisted local data and verifies it survives a restart', async () => {
await registerUser(client.page, alice);
await createServerAndSendMessage(client.page, aliceServerName, aliceMessage);
await createServerAndSendMessage(client.page, alice, aliceServerName, aliceMessage);
await restartPersistentClient(client, testServer.port);
await openApp(client.page);
await expectSavedRoomAndHistory(client.page, aliceServerName, aliceMessage);
await expectSavedRoomAndHistory(client.page, alice, aliceServerName, aliceMessage);
});
await test.step('Bob starts from a blank slate in the same browser profile', async () => {
@@ -102,11 +101,11 @@ test.describe('User session data isolation', () => {
});
await test.step('Bob gets only his own saved room and history after a restart', async () => {
await createServerAndSendMessage(client.page, bobServerName, bobMessage);
await createServerAndSendMessage(client.page, bob, bobServerName, bobMessage);
await restartPersistentClient(client, testServer.port);
await openApp(client.page);
await expectSavedRoomAndHistory(client.page, bobServerName, bobMessage);
await expectSavedRoomAndHistory(client.page, bob, bobServerName, bobMessage);
await expectSavedRoomHidden(client.page, aliceServerName);
});
@@ -117,7 +116,7 @@ test.describe('User session data isolation', () => {
await expectSavedRoomVisible(client.page, aliceServerName);
await expectSavedRoomHidden(client.page, bobServerName);
await expectSavedRoomAndHistory(client.page, aliceServerName, aliceMessage);
await expectSavedRoomAndHistory(client.page, alice, aliceServerName, aliceMessage);
});
} finally {
await closePersistentClient(client);
@@ -194,32 +193,58 @@ async function logoutUser(page: Page): Promise<void> {
await expect(loginPage.usernameInput).toBeVisible({ timeout: 10_000 });
}
async function createServerAndSendMessage(page: Page, serverName: string, messageText: string): Promise<void> {
async function createServerAndSendMessage(page: Page, user: TestUser, serverName: string, messageText: string): Promise<void> {
const searchPage = new ServerSearchPage(page);
const messagesPage = new ChatMessagesPage(page);
await searchPage.createServer(serverName, {
description: `User session isolation coverage for ${serverName}`
});
await loginIfNeeded(page, user);
await ensureCurrentUserScope(page, user);
await page.goto('/create-server', { waitUntil: 'domcontentloaded' });
if (await waitForLoginForm(page, 5_000)) {
await loginUser(page, user);
await page.goto('/create-server', { waitUntil: 'domcontentloaded' });
}
await expect(searchPage.serverNameInput).toBeVisible({ timeout: 10_000 });
await searchPage.serverNameInput.fill(serverName);
await searchPage.serverDescriptionInput.fill(`User session isolation coverage for ${serverName}`);
await searchPage.createSubmitButton.click();
await expect(page).toHaveURL(/\/room\//, { timeout: 15_000 });
await messagesPage.sendMessage(messageText);
await expect(messagesPage.getMessageItemByText(messageText)).toBeVisible({ timeout: 20_000 });
await expectMessagePersistedInIndexedDb(page, messageText);
}
async function expectSavedRoomAndHistory(page: Page, roomName: string, messageText: string): Promise<void> {
const railRoomButton = getRailSavedRoomButton(page, roomName);
const messagesPage = new ChatMessagesPage(page);
async function expectSavedRoomAndHistory(page: Page, user: TestUser, roomName: string, messageText: string): Promise<void> {
if (await waitForVisibleText(page, messageText, 5_000)) {
return;
}
await expect(railRoomButton).toBeVisible({ timeout: 20_000 });
await page.goto('/servers', { waitUntil: 'domcontentloaded' });
const searchRoomButton = getSearchSavedRoomButton(page, roomName);
if (await new LoginPage(page).usernameInput.isVisible().catch(() => false)) {
await loginUser(page, user);
}
await expect(searchRoomButton).toBeVisible({ timeout: 20_000 });
await searchRoomButton.click();
await expectMessagePersistedInIndexedDb(page, messageText);
const persistedRoomId = await getPersistedRoomIdForMessage(page, messageText);
if (persistedRoomId) {
await openPersistedRoomById(page, user, persistedRoomId);
await expect(page.getByText(messageText, { exact: false })).toBeVisible({ timeout: 20_000 });
return;
}
if (await openSavedRoomFromRail(page, roomName)) {
await expect(page.getByText(messageText, { exact: false })).toBeVisible({ timeout: 20_000 });
return;
}
await joinServerFromSearchAfterLogin(page, user, roomName);
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
await expect(messagesPage.getMessageItemByText(messageText)).toBeVisible({ timeout: 20_000 });
await expect(page.getByText(messageText, { exact: false })).toBeVisible({ timeout: 20_000 });
}
async function expectBlankSlate(page: Page, hiddenRoomNames: string[]): Promise<void> {
@@ -232,14 +257,17 @@ async function expectBlankSlate(page: Page, hiddenRoomNames: string[]): Promise<
}
async function expectSavedRoomVisible(page: Page, roomName: string): Promise<void> {
await expect(getRailSavedRoomButton(page, roomName)).toBeVisible({ timeout: 20_000 });
if (await page.getByText(roomName, { exact: false }).first()
.isVisible()
.catch(() => false)) {
return;
}
await page.goto('/servers', { waitUntil: 'domcontentloaded' });
await expect(getSearchSavedRoomButton(page, roomName)).toBeVisible({ timeout: 20_000 });
}
async function expectSavedRoomHidden(page: Page, roomName: string): Promise<void> {
await expect(getRailSavedRoomButton(page, roomName)).toHaveCount(0);
if (!page.url().includes('/servers')) {
await page.goto('/servers', { waitUntil: 'domcontentloaded' });
}
@@ -247,14 +275,227 @@ async function expectSavedRoomHidden(page: Page, roomName: string): Promise<void
await expect(getSearchSavedRoomButton(page, roomName)).toHaveCount(0);
}
function getRailSavedRoomButton(page: Page, roomName: string) {
return page.locator(`button[title="${roomName}"]`).first();
}
function getSearchSavedRoomButton(page: Page, roomName: string) {
return page.locator('app-server-browser').getByRole('button', { name: roomName, exact: true });
}
async function openSavedRoomFromRail(page: Page, roomName: string): Promise<boolean> {
try {
await expect(page.locator('app-servers-rail')).toBeVisible({ timeout: 10_000 });
const clicked = await page.locator('app-servers-rail button').evaluateAll((buttons, expectedName) => {
const expectedPrefix = expectedName.slice(0, 24);
const button = buttons.find((candidate) => {
const title = (candidate as HTMLButtonElement).title;
return title === expectedName || title.startsWith(expectedPrefix);
}) as HTMLButtonElement | undefined;
button?.click();
return !!button;
}, roomName);
if (!clicked) {
return await openSavedRoomFromDashboard(page, roomName);
}
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
return true;
} catch {
return await openSavedRoomFromDashboard(page, roomName);
}
}
async function openSavedRoomFromDashboard(page: Page, roomName: string): Promise<boolean> {
const roomNamePattern = new RegExp(escapeRegExp(roomName.slice(0, 24)));
const roomButton = page.getByRole('button', { name: roomNamePattern }).first();
try {
await expect(roomButton).toBeVisible({ timeout: 10_000 });
await roomButton.click();
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
return true;
} catch {
return await joinVisibleServerFromDashboard(page, roomNamePattern);
}
}
async function joinVisibleServerFromDashboard(page: Page, roomNamePattern: RegExp): Promise<boolean> {
const serverRow = page.locator('div', { hasText: roomNamePattern }).filter({
has: page.getByRole('button', { name: 'Join' })
})
.last();
const joinButton = serverRow.getByRole('button', { name: 'Join' });
try {
await expect(joinButton).toBeVisible({ timeout: 10_000 });
await joinButton.click();
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
return true;
} catch {
return false;
}
}
async function joinServerFromSearchAfterLogin(page: Page, user: TestUser, roomName: string): Promise<void> {
const searchPage = new ServerSearchPage(page);
await loginIfNeeded(page, user);
await searchPage.goto();
if (!await waitForServerSearch(page, 5_000)) {
await loginUser(page, user);
await searchPage.goto();
}
await expect(searchPage.searchInput).toBeVisible({ timeout: 15_000 });
await searchPage.searchInput.fill(roomName);
const serverCard = page.locator('div[title]', { hasText: roomName }).first();
await expect(serverCard).toBeVisible({ timeout: 15_000 });
await serverCard.dblclick();
}
async function loginIfNeeded(page: Page, user: TestUser): Promise<void> {
const loginPage = new LoginPage(page);
if (page.url().includes('/login')) {
await expect(loginPage.usernameInput).toBeVisible({ timeout: 15_000 });
await loginUser(page, user);
return;
}
if (await loginPage.usernameInput.isVisible().catch(() => false)) {
await loginUser(page, user);
}
}
async function ensureCurrentUserScope(page: Page, user: TestUser): Promise<void> {
if (await hasCurrentUserScope(page)) {
return;
}
await loginUser(page, user);
await expect.poll(() => hasCurrentUserScope(page), { timeout: 10_000 }).toBe(true);
}
async function hasCurrentUserScope(page: Page): Promise<boolean> {
return page.evaluate(() => !!localStorage.getItem('metoyou_currentUserId')?.trim());
}
async function openPersistedRoomById(page: Page, user: TestUser, roomId: string): Promise<void> {
for (let attempt = 1; attempt <= 3; attempt += 1) {
await page.goto(`/room/${roomId}`, { waitUntil: 'domcontentloaded' });
if (await waitForLoginForm(page, 5_000)) {
await loginUser(page, user);
continue;
}
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
if (!await waitForLoginForm(page, 2_000)) {
return;
}
await loginUser(page, user);
}
await page.goto(`/room/${roomId}`, { waitUntil: 'domcontentloaded' });
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
}
async function waitForLoginForm(page: Page, timeout: number): Promise<boolean> {
try {
await expect(new LoginPage(page).usernameInput).toBeVisible({ timeout });
return true;
} catch {
return false;
}
}
async function waitForServerSearch(page: Page, timeout: number): Promise<boolean> {
try {
await expect(new ServerSearchPage(page).searchInput).toBeVisible({ timeout });
return true;
} catch {
return false;
}
}
async function waitForVisibleText(page: Page, text: string, timeout: number): Promise<boolean> {
try {
await expect(page.getByText(text, { exact: false })).toBeVisible({ timeout });
return true;
} catch {
return false;
}
}
async function expectMessagePersistedInIndexedDb(page: Page, messageText: string): Promise<void> {
await expect.poll(
() => getPersistedRoomIdForMessage(page, messageText).then((roomId) => !!roomId),
{ timeout: 10_000 }
).toBe(true);
}
async function getPersistedRoomIdForMessage(page: Page, messageText: string): Promise<string | null> {
return page.evaluate(async (expectedContent) => {
const currentUserId = localStorage.getItem('metoyou_currentUserId')?.trim();
const preferredDatabaseName = `metoyou::${encodeURIComponent(currentUserId || 'anonymous')}`;
const discoveredDatabaseNames = typeof indexedDB.databases === 'function'
? (await indexedDB.databases())
.map((database) => database.name)
.filter((name): name is string => !!name && (name === 'metoyou' || name.startsWith('metoyou::')))
: null;
const databaseNames = discoveredDatabaseNames ?? [preferredDatabaseName];
const remainingDatabaseNames = databaseNames.filter((name) => name !== preferredDatabaseName);
const orderedDatabaseNames = databaseNames.includes(preferredDatabaseName)
? [preferredDatabaseName].concat(remainingDatabaseNames)
: remainingDatabaseNames;
for (const databaseName of orderedDatabaseNames) {
const database = await new Promise<IDBDatabase>((resolve, reject) => {
const request = indexedDB.open(databaseName);
request.onerror = () => reject(request.error);
request.onsuccess = () => resolve(request.result);
});
try {
if (!database.objectStoreNames.contains('messages')) {
continue;
}
const transaction = database.transaction('messages', 'readonly');
const request = transaction.objectStore('messages').getAll();
const roomId = await new Promise<string | null>((resolve, reject) => {
request.onerror = () => reject(request.error);
request.onsuccess = () => {
const match = ((request.result as { content?: string; roomId?: string }[]) ?? [])
.find((message) => message.content === expectedContent);
resolve(match?.roomId ?? null);
};
});
if (roomId) {
return roomId;
}
} finally {
database.close();
}
}
return null;
}, messageText);
}
function escapeRegExp(value: string): string {
return value.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
}
async function retryTransientNavigation<T>(navigate: () => Promise<T>, attempts = 4): Promise<T> {
let lastError: unknown;

125
e2e/tests/chat/attachment-only-message-grouping.spec.ts Normal file
View File

@@ -0,0 +1,125 @@
import {
test,
expect,
type Client
} from '../../fixtures/multi-client';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
import { ChatMessagesPage, type ChatDropFilePayload } from '../../pages/chat-messages.page';
/**
* Regression coverage for: "Video attachment on android gets sent in the
* message bubble above with no preview image."
*
* Root cause was platform-agnostic: caption-less media was bound to a message
* re-discovered by matching `content` (always '' for attachment-only sends),
* which raced the async create-effect and grouped a second attachment onto the
* previous bubble - leaving an empty message behind. The fix pre-allocates the
* message id, dispatches it, and binds attachments to that exact id. This test
* proves each caption-less attachment lands in its own bubble and renders.
*/
test.describe('Attachment-only message grouping', () => {
test.describe.configure({ timeout: 180_000 });
test('each caption-less attachment keeps its own message bubble and preview', async ({ createClient }) => {
const scenario = await createSingleClientChatScenario(createClient);
const serverName = `Attachment Group ${uniqueName('srv')}`;
const introText = `Intro line ${uniqueName('intro')}`;
const firstImageName = `${uniqueName('first')}.svg`;
const secondImageName = `${uniqueName('second')}.svg`;
const firstImage = createSvgFilePayload(firstImageName);
const secondImage = createSvgFilePayload(secondImageName);
await test.step('Create a server and open its room', async () => {
await scenario.search.createServer(serverName, { description: 'Attachment grouping regression server' });
await expect(scenario.client.page).toHaveURL(/\/room\//, { timeout: 15_000 });
await scenario.messages.waitForReady();
});
await test.step('Send a normal text message first', async () => {
await scenario.messages.sendMessage(introText);
await expect(scenario.messages.getMessageItemByText(introText)).toBeVisible({ timeout: 20_000 });
});
await test.step('Send two caption-less attachments back-to-back', async () => {
// Fire them rapidly (no render wait between) to mirror the reported
// rapid-upload repro and stress the message-create vs. attach ordering.
await scenario.messages.attachFiles([firstImage]);
await scenario.messages.sendPendingAttachments();
await scenario.messages.attachFiles([secondImage]);
await scenario.messages.sendPendingAttachments();
await scenario.messages.expectMessageImageLoaded(firstImageName);
await scenario.messages.expectMessageImageLoaded(secondImageName);
});
await test.step('Each attachment lives in its own bubble (no grouping, no blank message)', async () => {
const firstMessageId = await scenario.messages.getMessageIdContainingImage(firstImageName);
const secondMessageId = await scenario.messages.getMessageIdContainingImage(secondImageName);
expect(firstMessageId).toBeTruthy();
expect(secondMessageId).toBeTruthy();
// The bug grouped both onto one bubble; distinct ids prove they did not.
expect(firstMessageId).not.toBe(secondMessageId);
// Exactly two bubbles carry an image, and neither carries both.
await expect(scenario.messages.messageItems.filter({ has: scenario.client.page.locator('img[alt$=".svg"]') }))
.toHaveCount(2, { timeout: 20_000 });
await expect(scenario.messages.getMessageItemContainingImage(firstImageName).locator('img[alt$=".svg"]'))
.toHaveCount(1);
await expect(scenario.messages.getMessageItemContainingImage(secondImageName).locator('img[alt$=".svg"]'))
.toHaveCount(1);
});
});
});
interface SingleClientChatScenario {
client: Client;
messages: ChatMessagesPage;
search: ServerSearchPage;
}
async function createSingleClientChatScenario(createClient: () => Promise<Client>): Promise<SingleClientChatScenario> {
const suffix = uniqueName('solo');
const client = await createClient();
const credentials = {
username: `solo_${suffix}`,
displayName: 'Solo',
password: 'TestPass123!'
};
const registerPage = new RegisterPage(client.page);
await registerPage.goto();
await registerPage.register(credentials.username, credentials.displayName, credentials.password);
await expect(client.page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
return {
client,
messages: new ChatMessagesPage(client.page),
search: new ServerSearchPage(client.page)
};
}
function createSvgFilePayload(name: string): ChatDropFilePayload {
const markup = [
'<svg xmlns="http://www.w3.org/2000/svg" width="160" height="120" viewBox="0 0 160 120">',
'<rect width="160" height="120" rx="18" fill="#0f172a" />',
'<circle cx="38" cy="36" r="18" fill="#38bdf8" />',
`<text x="24" y="104" fill="#e2e8f0" font-size="12" font-family="Arial, sans-serif">${name}</text>`,
'</svg>'
].join('');
return {
name,
mimeType: 'image/svg+xml',
base64: Buffer.from(markup, 'utf8').toString('base64')
};
}
function uniqueName(prefix: string): string {
return `${prefix}-${Date.now()}-${Math.random().toString(36)
.slice(2, 8)}`;
}

41
e2e/tests/chat/chat-message-features.spec.ts
View File

@@ -1,3 +1,4 @@
import { createHash, randomBytes } from 'node:crypto';
import { type Page } from '@playwright/test';
import {
test,
@@ -182,6 +183,28 @@ test.describe('Chat messaging features', () => {
});
});
test('syncs multi-chunk image attachments byte-identical between users', async ({ createClient }) => {
const scenario = await createChatScenario(createClient);
const imageName = `${uniqueName('photo')}.svg`;
const imageCaption = `Large image upload ${uniqueName('caption')}`;
// Several P2P file chunks (64 KiB each) - regression coverage for transfers
// that previously finalized with only the first chunks received.
const { payload, sha256 } = createMultiChunkImagePayload(imageName);
await test.step('Alice sends a multi-chunk image attachment', async () => {
await scenario.aliceMessages.attachFiles([payload]);
await scenario.aliceMessages.sendMessage(imageCaption);
await scenario.aliceMessages.expectMessageImageLoaded(imageName);
await scenario.aliceMessages.expectMessageImageContentSha256(imageName, sha256);
});
await test.step('Bob receives the image fully and byte-identical', async () => {
await expect(scenario.bobMessages.getMessageItemByText(imageCaption)).toBeVisible({ timeout: 20_000 });
await scenario.bobMessages.expectMessageImageContentSha256(imageName, sha256);
});
});
test('renders link embeds for shared links', async ({ createClient }) => {
const scenario = await createChatScenario(createClient);
const messageText = `Useful docs ${MOCK_EMBED_URL}`;
@@ -442,6 +465,24 @@ function createTextFilePayload(name: string, mimeType: string, content: string):
};
}
function createMultiChunkImagePayload(name: string): { payload: ChatDropFilePayload; sha256: string } {
// ~300 KB of XML-safe noise inside an SVG comment so the file spans
// multiple 64 KiB P2P transfer chunks while remaining a renderable image.
const noise = randomBytes(225_000).toString('base64');
const markup = buildMockSvgMarkup(name).replace('</svg>', `<!-- ${noise} --></svg>`);
const contentBuffer = Buffer.from(markup, 'utf8');
return {
payload: {
name,
mimeType: 'image/svg+xml',
base64: contentBuffer.toString('base64')
},
sha256: createHash('sha256').update(contentBuffer)
.digest('hex')
};
}
function buildMockSvgMarkup(label: string): string {
return [
'<svg xmlns="http://www.w3.org/2000/svg" width="160" height="120" viewBox="0 0 160 120">',

204
e2e/tests/chat/custom-emoji-user-binding.spec.ts Normal file
View File

@@ -0,0 +1,204 @@
import {
test,
expect,
type Page
} from '@playwright/test';
import { test as multiClientTest } from '../../fixtures/multi-client';
import { LoginPage } from '../../pages/login.page';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
import { ChatMessagesPage } from '../../pages/chat-messages.page';
interface TestUser {
username: string;
displayName: string;
password: string;
}
/**
* Regression coverage for: "Emojis should be user bound not client bound".
*
* A custom emoji belongs to the user who saved it, not to the client. A second
* account signing in on the same client must NOT inherit the first user's emoji
* library/picker.
*
* The whole scenario runs in a SINGLE page load (only the very first navigation
* reloads). All user switching is client-side via the router, because the leak
* lived in the long-lived singleton CustomEmojiService that used to keep the
* previous user's library after a logout + login without a reload. To avoid the
* (separate) in-session "create a second server" limitation, the second user
* joins the first user's server rather than creating their own.
*/
// Minimal valid 1x1 transparent GIF; the emoji pipeline validates mime + size only.
const TINY_GIF = Buffer.from(
'47494638396101000100800000000000ffffff21f90401000000002c00000000010001000002024401003b',
'hex'
);
multiClientTest.describe('Custom emoji are user bound, not client bound', () => {
multiClientTest.describe.configure({ timeout: 180_000 });
multiClientTest('a second user on the same client does not inherit the first user library', async ({ createClient }) => {
const { page } = await createClient();
const suffix = uniqueName('emoji-bound');
const alice: TestUser = { username: `alice_${suffix}`, displayName: 'Alice', password: 'TestPass123!' };
const bob: TestUser = { username: `bob_${suffix}`, displayName: 'Bob', password: 'TestPass123!' };
const serverName = `Shared Emoji Server ${suffix}`;
const libraryEmoji = page.locator('app-custom-emoji-picker [data-custom-emoji-library]');
await test.step('Alice registers, creates a server and uploads a custom emoji', async () => {
await new RegisterPage(page).goto();
await submitRegistration(page, alice);
await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
await createServer(page, serverName);
await openComposerEmojiModal(page);
await page.locator('app-custom-emoji-picker input[type="file"]').setInputFiles({
name: `partyblob_${suffix}.gif`,
mimeType: 'image/gif',
buffer: TINY_GIF
});
});
await test.step('Alice sees her own uploaded emoji in her library', async () => {
await openComposerEmojiModal(page);
await expect(libraryEmoji).toHaveCount(1, { timeout: 15_000 });
await page.keyboard.press('Escape');
});
await test.step('Bob signs in on the same client (no reload) and joins the same server', async () => {
await logoutClientSide(page);
await registerClientSide(page, bob);
await joinServerClientSide(page, serverName);
});
await test.step('Bob does not inherit Alice custom emoji library', async () => {
await openComposerEmojiModal(page);
// The modal is open (the file input is asserted inside the helper), so an
// empty grid is a genuine assertion rather than a timing artifact.
await expect(libraryEmoji).toHaveCount(0);
});
});
});
async function createServer(page: Page, serverName: string): Promise<void> {
const searchPage = new ServerSearchPage(page);
await expect(searchPage.createServerButton).toBeVisible({ timeout: 15_000 });
await searchPage.createServerButton.click();
await expect(searchPage.serverNameInput).toBeVisible({ timeout: 15_000 });
// Client-side nav can render the form before its `(ngModelChange)` handler is
// wired, so an early fill never reaches the backing signal. Clear + refill
// until the submit button actually enables.
await expect.poll(async () => {
await searchPage.serverNameInput.fill('');
await searchPage.serverNameInput.fill(serverName);
return searchPage.createSubmitButton.isEnabled();
}, { timeout: 15_000 }).toBe(true);
await searchPage.createSubmitButton.click();
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
await new ChatMessagesPage(page).waitForReady();
}
async function joinServerClientSide(page: Page, serverName: string): Promise<void> {
const searchPage = new ServerSearchPage(page);
await page.locator('a[href="/servers"]').first()
.click();
await expect(searchPage.searchInput).toBeVisible({ timeout: 15_000 });
await searchPage.searchInput.fill(serverName);
const serverCard = page.locator('div[title]', { hasText: serverName }).first();
await expect(serverCard).toBeVisible({ timeout: 20_000 });
await serverCard.dblclick();
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
await new ChatMessagesPage(page).waitForReady();
}
async function openComposerEmojiModal(page: Page): Promise<void> {
const picker = page.locator('app-custom-emoji-picker');
const fileInput = picker.locator('input[type="file"]');
// Reset to a known state: dismiss any open picker, then open it fresh.
await page.keyboard.press('Escape').catch(() => {});
await expect(picker).toHaveCount(0, { timeout: 5_000 })
.catch(() => {});
await page.locator('app-chat-message-composer')
.getByRole('button', { name: 'Open emoji selector' })
.first()
.click();
await expect(picker).toBeVisible({ timeout: 10_000 });
// The compact picker exposes a button that opens the full panel (with the
// upload field and the custom-emoji grid).
await picker.getByRole('button', { name: 'Open emoji selector' }).click();
await expect(fileInput).toBeAttached({ timeout: 10_000 });
}
async function registerClientSide(page: Page, user: TestUser): Promise<void> {
const loginPage = new LoginPage(page);
const registerPage = new RegisterPage(page);
await expect(loginPage.registerLink).toBeVisible({ timeout: 15_000 });
await loginPage.registerLink.click();
await expect(registerPage.usernameInput).toBeVisible({ timeout: 15_000 });
await submitRegistration(page, user);
await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
}
/**
* Fills the registration form resiliently. On client-side navigation the
* template-driven `ngModel` can attach a tick after the input is visible, so an
* early `fill` is overwritten back to empty. Re-fill until every value sticks.
*/
async function submitRegistration(page: Page, user: TestUser): Promise<void> {
const username = page.locator('#register-username');
const displayName = page.locator('#register-display-name');
const password = page.locator('#register-password');
await expect.poll(async () => {
await username.fill(user.username);
await displayName.fill(user.displayName);
await password.fill(user.password);
return [
await username.inputValue(),
await displayName.inputValue(),
await password.inputValue()
].join('|');
}, { timeout: 15_000 }).toBe([
user.username,
user.displayName,
user.password
].join('|'));
await page.getByRole('button', { name: 'Create Account' }).click();
}
async function logoutClientSide(page: Page): Promise<void> {
const menuButton = page.getByRole('button', { name: 'Menu' });
const logoutButton = page.getByRole('button', { name: 'Logout' });
await expect(menuButton).toBeVisible({ timeout: 10_000 });
await menuButton.click();
await expect(logoutButton).toBeVisible({ timeout: 10_000 });
await logoutButton.click();
await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
await expect(new LoginPage(page).usernameInput).toBeVisible({ timeout: 10_000 });
}
function uniqueName(prefix: string): string {
return `${prefix}-${Date.now().toString(36)}-${Math.random().toString(36)
.slice(2, 8)}`;
}

244
e2e/tests/chat/local-attachment-persistence.spec.ts Normal file
View File

@@ -0,0 +1,244 @@
import { type Page } from '@playwright/test';
import {
test,
expect,
type Client
} from '../../fixtures/multi-client';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
import { ChatRoomPage } from '../../pages/chat-room.page';
import { ChatMessagesPage, type ChatDropFilePayload } from '../../pages/chat-messages.page';
const UPLOADER_LOCAL_MISSING_TEXT = 'Your original upload could not be found on this device';
test.describe('Local attachment persistence', () => {
test.describe.configure({ timeout: 180_000 });
test('remembers sent image and file across a page reload with no peer connected', async ({ createClient }) => {
const scenario = await createSingleClientChatScenario(createClient);
const serverName = `Persist Server ${uniqueName('persist')}`;
const imageName = `${uniqueName('diagram')}.svg`;
const fileName = `${uniqueName('notes')}.txt`;
const imageCaption = `Persisted image ${uniqueName('caption')}`;
const fileCaption = `Persisted file ${uniqueName('caption')}`;
const imageAttachment = createTextFilePayload(imageName, 'image/svg+xml', buildMockSvgMarkup(imageName));
const fileAttachment = createTextFilePayload(fileName, 'text/plain', `Attachment body for ${fileName}`);
await test.step('Create a server and open its room', async () => {
await createServerAndOpenRoom(scenario.search, scenario.client.page, serverName, 'Local attachment persistence server');
});
await test.step('Send an image and a generic file attachment', async () => {
await scenario.messages.attachFiles([imageAttachment]);
await scenario.messages.sendMessage(imageCaption);
await scenario.messages.expectMessageImageLoaded(imageName);
await scenario.messages.attachFiles([fileAttachment]);
await scenario.messages.sendMessage(fileCaption);
await expect(scenario.client.page.getByText(fileName, { exact: false })).toBeVisible({ timeout: 20_000 });
});
await test.step('Wait for both attachments to be persisted locally', async () => {
await waitForPersistedAttachmentBytes(scenario.client.page, 2);
await waitForPersistedAttachmentRecords(scenario.client.page, 2);
});
await test.step('Reload the page to simulate an application restart', async () => {
await scenario.client.page.reload();
await expect(scenario.client.page).toHaveURL(/\/(room|dashboard)/, { timeout: 30_000 });
await openSavedRoomByName(scenario.client.page, serverName);
await expect(scenario.messages.getMessageItemByText(imageCaption)).toBeVisible({ timeout: 20_000 });
});
await test.step('The image still renders from local storage with no peer', async () => {
await scenario.messages.expectMessageImageLoaded(imageName);
await expect(scenario.client.page.getByText(UPLOADER_LOCAL_MISSING_TEXT, { exact: false })).toHaveCount(0);
});
await test.step('The generic file is still remembered with no missing-upload error', async () => {
await expect(scenario.messages.getMessageItemByText(fileCaption)).toBeVisible({ timeout: 20_000 });
await expect(scenario.client.page.getByText(fileName, { exact: false })).toBeVisible({ timeout: 20_000 });
await expect(scenario.client.page.getByText(UPLOADER_LOCAL_MISSING_TEXT, { exact: false })).toHaveCount(0);
});
});
});
interface SingleClientChatScenario {
client: Client;
messages: ChatMessagesPage;
room: ChatRoomPage;
search: ServerSearchPage;
}
async function createSingleClientChatScenario(createClient: () => Promise<Client>): Promise<SingleClientChatScenario> {
const suffix = uniqueName('solo');
const client = await createClient();
const credentials = {
username: `solo_${suffix}`,
displayName: 'Solo',
password: 'TestPass123!'
};
const registerPage = new RegisterPage(client.page);
await registerPage.goto();
await registerPage.register(
credentials.username,
credentials.displayName,
credentials.password
);
await expect(client.page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
return {
client,
messages: new ChatMessagesPage(client.page),
room: new ChatRoomPage(client.page),
search: new ServerSearchPage(client.page)
};
}
async function createServerAndOpenRoom(
searchPage: ServerSearchPage,
page: Page,
serverName: string,
description: string
): Promise<void> {
await searchPage.createServer(serverName, { description });
await expect(page).toHaveURL(/\/room\//, { timeout: 15_000 });
await waitForCurrentRoomName(page, serverName);
}
async function openSavedRoomByName(page: Page, roomName: string): Promise<void> {
const roomButton = page.locator(`button[title="${roomName}"]`);
await expect(roomButton).toBeVisible({ timeout: 20_000 });
await roomButton.click();
await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
await expect(page.locator('app-rooms-side-panel').first()).toBeVisible({ timeout: 20_000 });
await waitForCurrentRoomName(page, roomName);
}
async function waitForCurrentRoomName(page: Page, roomName: string, timeout = 20_000): Promise<void> {
await page.waitForFunction(
(expectedRoomName) => {
interface RoomShape { name?: string }
interface AngularDebugApi {
getComponent: (element: Element) => Record<string, unknown>;
}
const host = document.querySelector('app-rooms-side-panel');
const debugApi = (window as { ng?: AngularDebugApi }).ng;
if (!host || !debugApi?.getComponent) {
return false;
}
const component = debugApi.getComponent(host);
const currentRoom = (component['currentRoom'] as (() => RoomShape | null) | undefined)?.() ?? null;
return currentRoom?.name === expectedRoomName;
},
roomName,
{ timeout }
);
}
interface CountOptions {
databaseRole: 'attachment-files' | 'app';
storeName: string;
requireSavedPath: boolean;
}
/** Counts records in the first matching IndexedDB store, optionally requiring a savedPath. */
async function countIndexedDbRecords(page: Page, options: CountOptions): Promise<number> {
return page.evaluate(async (countOptions: CountOptions) => {
if (typeof indexedDB.databases !== 'function') {
return 0;
}
const databases = await indexedDB.databases();
const matchingNames = databases
.map((entry) => entry.name ?? '')
.filter((name) => (countOptions.databaseRole === 'attachment-files'
? name.startsWith('metoyou-attachment-files')
: name === 'metoyou' || name.startsWith('metoyou::')));
const countInDatabase = (databaseName: string): Promise<number> => new Promise<number>((resolve) => {
const request = indexedDB.open(databaseName);
request.onerror = () => resolve(0);
request.onsuccess = () => {
const database = request.result;
if (!database.objectStoreNames.contains(countOptions.storeName)) {
database.close();
resolve(0);
return;
}
const getAll = database.transaction(countOptions.storeName, 'readonly')
.objectStore(countOptions.storeName)
.getAll();
getAll.onsuccess = () => {
const records = (getAll.result as { savedPath?: string }[]) ?? [];
const matching = countOptions.requireSavedPath
? records.filter((record) => !!record.savedPath)
: records;
resolve(matching.length);
database.close();
};
getAll.onerror = () => {
resolve(0);
database.close();
};
};
});
const counts = await Promise.all(matchingNames.map(countInDatabase));
return counts.reduce((total, count) => total + count, 0);
}, options);
}
/** Polls until at least `minCount` attachment byte records exist in the browser file store. */
async function waitForPersistedAttachmentBytes(page: Page, minCount: number): Promise<void> {
await expect.poll(
async () => countIndexedDbRecords(page, { databaseRole: 'attachment-files', storeName: 'files', requireSavedPath: false }),
{ timeout: 20_000, message: 'attachment bytes should persist to IndexedDB before reload' }
).toBeGreaterThanOrEqual(minCount);
}
/** Polls until at least `minCount` attachment metadata records with a savedPath exist in the app database. */
async function waitForPersistedAttachmentRecords(page: Page, minCount: number): Promise<void> {
await expect.poll(
async () => countIndexedDbRecords(page, { databaseRole: 'app', storeName: 'attachments', requireSavedPath: true }),
{ timeout: 20_000, message: 'attachment metadata with savedPath should persist before reload' }
).toBeGreaterThanOrEqual(minCount);
}
function createTextFilePayload(name: string, mimeType: string, content: string): ChatDropFilePayload {
return {
name,
mimeType,
base64: Buffer.from(content, 'utf8').toString('base64')
};
}
function buildMockSvgMarkup(label: string): string {
return [
'<svg xmlns="http://www.w3.org/2000/svg" width="160" height="120" viewBox="0 0 160 120">',
'<rect width="160" height="120" rx="18" fill="#0f172a" />',
'<circle cx="38" cy="36" r="18" fill="#38bdf8" />',
'<rect x="66" y="28" width="64" height="16" rx="8" fill="#f8fafc" />',
'<rect x="24" y="74" width="112" height="12" rx="6" fill="#22c55e" />',
`<text x="24" y="104" fill="#e2e8f0" font-size="12" font-family="Arial, sans-serif">${label}</text>`,
'</svg>'
].join('');
}
function uniqueName(prefix: string): string {
return `${prefix}-${Date.now()}-${Math.random().toString(36)
.slice(2, 8)}`;
}

176
e2e/tests/chat/multi-client-chat-sync.spec.ts Normal file
View File

@@ -0,0 +1,176 @@
import { test, expect } from '../../fixtures/multi-client';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
import { ChatMessagesPage } from '../../pages/chat-messages.page';
import {
MULTI_DEVICE_PASSWORD,
closeClient,
expectCrossDeviceMessage,
expectSyncedMessage,
expectSyncedMessageWithResync,
expectServerPeerVisible,
loginSecondDeviceIntoServer,
reopenClientInServer,
uniqueMultiDeviceName
} from '../../helpers/multi-device-session';
test.describe('Multi-client chat sync', () => {
test.describe.configure({ timeout: 360_000, retries: 1 });
test('syncs messages between same-user devices and late-joining users after offline gaps', async ({ createClient }) => {
const suffix = uniqueMultiDeviceName('multi-chat-sync');
const hostCredentials = {
username: `ludde_${suffix}`,
displayName: 'Ludde',
password: MULTI_DEVICE_PASSWORD
};
const guestCredentials = {
username: `azaaxin_${suffix}`,
displayName: 'Azaaxin',
password: MULTI_DEVICE_PASSWORD
};
const serverName = `Multi Client Chat Sync ${suffix}`;
const sharedBaselineMessage = `Shared baseline ${suffix}`;
const soloHostMessage = `Solo host message ${suffix}`;
const liveGuestProbeMessage = `Live guest probe ${suffix}`;
const offlineGapMessage = `Offline gap message ${suffix}`;
const client1 = await createClient();
const client2 = await createClient();
const client3 = await createClient();
await test.step('client 1: host registers and creates the shared server', async () => {
const registerPage = new RegisterPage(client1.page);
await registerPage.goto();
await registerPage.register(
hostCredentials.username,
hostCredentials.displayName,
hostCredentials.password
);
await expect(client1.page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
const search = new ServerSearchPage(client1.page);
await search.createServer(serverName, {
description: 'Multi-client chat sync regression coverage'
});
await expect(client1.page).toHaveURL(/\/room\//, { timeout: 15_000 });
});
const messages1 = new ChatMessagesPage(client1.page);
await messages1.waitForReady();
await test.step('client 2: second host device joins the same server', async () => {
await loginSecondDeviceIntoServer(client2.page, hostCredentials, serverName);
});
const messages2 = new ChatMessagesPage(client2.page);
await messages2.waitForReady();
await test.step('both host devices exchange chat while online together', async () => {
await expectCrossDeviceMessage(messages1, messages2, sharedBaselineMessage);
});
await test.step('close the second host browser (client 2)', async () => {
await closeClient(client2);
});
await test.step('client 1 sends chat while the second host device is offline', async () => {
await client1.page.bringToFront();
await messages1.sendMessage(soloHostMessage);
await expect(messages1.getMessageItemByText(soloHostMessage)).toBeVisible({ timeout: 20_000 });
});
await test.step('guest account registers ahead of joining the server', async () => {
const registerPage = new RegisterPage(client3.page);
await registerPage.goto();
await registerPage.register(
guestCredentials.username,
guestCredentials.displayName,
guestCredentials.password
);
await expect(client3.page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
});
let messages3 = new ChatMessagesPage(client3.page);
await test.step('client 3: guest joins and receives existing chat history', async () => {
// Keep the host tab active so its websocket + peer negotiation stay alive.
await client1.page.bringToFront();
await messages1.waitForReady();
const search = new ServerSearchPage(client3.page);
await search.joinServerFromSearch(serverName);
await expect(client3.page).toHaveURL(/\/room\//, { timeout: 20_000 });
messages3 = new ChatMessagesPage(client3.page);
await messages3.waitForReady();
// Presence gate: both users must see each other in the members panel
// before cross-user chat delivery can be expected.
await client1.page.bringToFront();
await expectServerPeerVisible(client1.page, guestCredentials.displayName);
await client3.page.bringToFront();
await expectServerPeerVisible(client3.page, hostCredentials.displayName);
// Live delivery first - proves host <-> guest transport is actually up.
await expectCrossDeviceMessage(messages1, messages3, liveGuestProbeMessage);
// History only replicates over P2P inventory once the peer link exists.
await client1.page.bringToFront();
await expectSyncedMessageWithResync(client3.page, messages3, sharedBaselineMessage);
await expectSyncedMessageWithResync(client3.page, messages3, soloHostMessage);
});
await test.step('close the guest browser (client 3)', async () => {
await closeClient(client3);
});
await test.step('reopen client 2 and send a message while client 1 stays online', async () => {
await client1.page.bringToFront();
const reopened = await reopenClientInServer(createClient, hostCredentials, serverName);
// Same-user catch-up uses account_sync, not P2P between own devices.
await expectSyncedMessageWithResync(
reopened.client.page,
reopened.messages,
soloHostMessage
);
await reopened.messages.sendMessage(offlineGapMessage);
await expect(reopened.messages.getMessageItemByText(offlineGapMessage)).toBeVisible({ timeout: 20_000 });
});
await test.step('reopened guest client receives the offline-gap message from host device 2', async () => {
await client1.page.bringToFront();
await messages1.waitForReady();
const reopenedGuest = await reopenClientInServer(createClient, guestCredentials, serverName);
// Presence gate before relying on cross-user delivery again.
await client1.page.bringToFront();
await expectServerPeerVisible(client1.page, guestCredentials.displayName);
await reopenedGuest.client.page.bringToFront();
await expectServerPeerVisible(reopenedGuest.client.page, hostCredentials.displayName);
await expectCrossDeviceMessage(messages1, reopenedGuest.messages, `Guest wake ${suffix}`);
await expectSyncedMessageWithResync(
reopenedGuest.client.page,
reopenedGuest.messages,
offlineGapMessage
);
});
await test.step('primary host device still receives the message from its second device', async () => {
await expectSyncedMessage(messages1, offlineGapMessage);
});
});
});

96
e2e/tests/chat/multi-device-attachment-sharing.spec.ts Normal file
View File

@@ -0,0 +1,96 @@
import { test, expect } from '../../fixtures/multi-client';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
import { ChatMessagesPage, type ChatDropFilePayload } from '../../pages/chat-messages.page';
import {
MULTI_DEVICE_PASSWORD,
loginSecondDeviceIntoServer,
uniqueMultiDeviceName
} from '../../helpers/multi-device-session';
const SHARED_FROM_DEVICE_TEXT = 'Shared from your device';
test.describe('Multi-device attachment sharing', () => {
test.describe.configure({ timeout: 300_000, retries: 1 });
test('only the uploading device claims "Shared from your device"; the second same-user device can request it', async ({
createClient
}) => {
const suffix = uniqueMultiDeviceName('attach-share');
const credentials = {
username: `share_${suffix}`,
displayName: 'Multi Device User',
password: MULTI_DEVICE_PASSWORD
};
const serverName = `Attachment Sharing ${suffix}`;
const fileName = `${suffix}-handoff.bin`;
const caption = `Uploaded from device A ${suffix}`;
const fileAttachment = createBinaryFilePayload(fileName, 'application/octet-stream', `binary-body-${suffix}`);
const clientA = await createClient();
const messagesA = new ChatMessagesPage(clientA.page);
await test.step('device A registers, creates a server, and uploads a generic file', async () => {
const registerPage = new RegisterPage(clientA.page);
await registerPage.goto();
await registerPage.register(credentials.username, credentials.displayName, credentials.password);
await expect(clientA.page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
const search = new ServerSearchPage(clientA.page);
await search.createServer(serverName, { description: 'Multi-device attachment sharing regression coverage' });
await expect(clientA.page).toHaveURL(/\/room\//, { timeout: 15_000 });
await messagesA.waitForReady();
await messagesA.attachFiles([fileAttachment]);
await messagesA.sendMessage(caption);
await expect(messagesA.getMessageItemByText(caption)).toBeVisible({ timeout: 30_000 });
});
await test.step('device A (the uploader) shows "Shared from your device"', async () => {
const bubbleA = messagesA.getMessageItemByText(caption);
await expect(bubbleA.getByText(fileName, { exact: false })).toBeVisible({ timeout: 20_000 });
await expect(bubbleA.getByText(SHARED_FROM_DEVICE_TEXT, { exact: false })).toBeVisible({ timeout: 20_000 });
});
const clientB = await createClient();
const messagesB = new ChatMessagesPage(clientB.page);
await test.step('device B (same user) logs into the same server after the upload', async () => {
await loginSecondDeviceIntoServer(clientB.page, credentials, serverName);
// Keep device A active so it answers device B's account_sync_peer_online push.
await clientA.page.bringToFront();
await messagesA.waitForReady();
await clientB.page.bringToFront();
await messagesB.waitForReady();
});
await test.step('device B receives the message and its attachment via same-user account sync', async () => {
await expect(messagesB.getMessageItemByText(caption)).toBeVisible({ timeout: 90_000 });
await expect(messagesB.getMessageItemByText(caption).getByText(fileName, { exact: false }))
.toBeVisible({ timeout: 90_000 });
});
await test.step('device B does NOT claim to share it and can request/download the file', async () => {
const bubbleB = messagesB.getMessageItemByText(caption);
// The regression: device B used to render "Shared from your device" and hide the
// download affordance because the synced metadata carried the uploader's user id.
await expect(bubbleB.getByText(SHARED_FROM_DEVICE_TEXT, { exact: false })).toHaveCount(0);
// Device B must instead be able to fetch the file as any recipient would.
const getButton = bubbleB.getByRole('button', { name: /request|download/i });
await expect(getButton.first()).toBeVisible({ timeout: 20_000 });
});
});
});
function createBinaryFilePayload(name: string, mimeType: string, content: string): ChatDropFilePayload {
return {
name,
mimeType,
base64: Buffer.from(content, 'utf8').toString('base64')
};
}

16
e2e/tests/chat/notifications.spec.ts
View File

@@ -1,5 +1,6 @@
import {
expect,
type BrowserContext,
type Locator,
type Page
} from '@playwright/test';
@@ -35,6 +36,7 @@ test.describe('Chat notifications', () => {
await clearDesktopNotifications(scenario.alice.page);
await scenario.bobRoom.joinTextChannel(scenario.channelName);
await scenario.bobMessages.sendMessage(message);
await expectUnreadCounts(scenario.alice.page, scenario.serverName, scenario.channelName);
});
await test.step('Alice receives a desktop notification with the channel preview', async () => {
@@ -67,8 +69,7 @@ test.describe('Chat notifications', () => {
});
await test.step('Alice still sees unread badges for the room and channel', async () => {
await expect(getUnreadBadge(getSavedRoomButton(scenario.alice.page, scenario.serverName))).toHaveText('1', { timeout: 20_000 });
await expect(getUnreadBadge(getTextChannelButton(scenario.alice.page, scenario.channelName))).toHaveText('1', { timeout: 20_000 });
await expectUnreadCounts(scenario.alice.page, scenario.serverName, scenario.channelName);
});
await test.step('Alice does not get a muted desktop popup', async () => {
@@ -96,7 +97,7 @@ async function createNotificationScenario(createClient: () => Promise<Client>):
const alice = await createClient();
const bob = await createClient();
await installDesktopNotificationSpy(alice.page);
await installDesktopNotificationSpy(alice.context);
await registerUser(alice.page, aliceCredentials.username, aliceCredentials.displayName, aliceCredentials.password);
await registerUser(bob.page, bobCredentials.username, bobCredentials.displayName, bobCredentials.password);
@@ -143,8 +144,8 @@ async function registerUser(page: Page, username: string, displayName: string, p
await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
}
async function installDesktopNotificationSpy(page: Page): Promise<void> {
await page.addInitScript(() => {
async function installDesktopNotificationSpy(context: BrowserContext): Promise<void> {
await context.addInitScript(() => {
const notifications: DesktopNotificationRecord[] = [];
class MockNotification {
@@ -250,6 +251,11 @@ function getUnreadBadge(container: Locator): Locator {
return container.locator('span.rounded-full').first();
}
async function expectUnreadCounts(page: Page, serverName: string, channelName: string): Promise<void> {
await expect(getUnreadBadge(getSavedRoomButton(page, serverName))).toHaveText('1', { timeout: 45_000 });
await expect(getUnreadBadge(getTextChannelButton(page, channelName))).toHaveText('1', { timeout: 45_000 });
}
function uniqueName(prefix: string): string {
return `${prefix}-${Date.now()}-${Math.random().toString(36)
.slice(2, 8)}`;

3
e2e/tests/chat/profile-avatar-sync.spec.ts
View File

@@ -367,11 +367,10 @@ async function launchPersistentSession(
});
await installTestServerEndpoint(context, testServerPort);
await installWebRTCTracking(context);
const page = context.pages()[0] ?? await context.newPage();
await installWebRTCTracking(page);
return { context, page };
}

3
e2e/tests/chat/server-icon-sync.spec.ts
View File

@@ -196,11 +196,10 @@ async function launchPersistentSession(userDataDir: string, testServerPort: numb
});
await installTestServerEndpoint(context, testServerPort);
await installWebRTCTracking(context);
const page = context.pages()[0] ?? (await context.newPage());
await installWebRTCTracking(page);
return { context, page };
}

107
e2e/tests/mobile/android-app-icon.spec.ts Normal file
View File

@@ -0,0 +1,107 @@
import { createHash } from 'node:crypto';
import { existsSync, readFileSync } from 'node:fs';
import { join } from 'node:path';
import sharp from 'sharp';
import { test, expect } from '../../fixtures/base';
import {
BRAND_LAUNCHER_BACKGROUND_COLOR,
findMissingLauncherResources,
findStockCapacitorResources,
isBrandLauncherBackgroundColor,
readAdaptiveIconBackgroundColor,
REQUIRED_LAUNCHER_ICON_FILES,
REQUIRED_SPLASH_FILES
} from '../../../toju-app/src/app/infrastructure/mobile/logic/mobile-android-launcher-icon.rules';
/**
* Regression coverage for: "No android app icon" - the Capacitor shell shipped
* the stock Ionic placeholder launcher icon instead of the Toju brand mark.
*
* A native launcher icon cannot be asserted through a running browser, so this
* spec verifies the committed Android resources directly: every density is
* present, none still match a stock Capacitor placeholder, the adaptive-icon
* background is the brand purple, and the generated bitmaps actually contain the
* brand mark (white cat on a purple disc). This is deterministic - no emulator,
* no timing - so it stays reliable in CI.
*/
const REPO_ROOT = join(__dirname, '..', '..', '..');
const RES_DIR = join(REPO_ROOT, 'toju-app', 'android', 'app', 'src', 'main', 'res');
const BRAND_PURPLE = { r: 0x4a, g: 0x21, b: 0x7a };
const WHITE = { r: 255, g: 255, b: 255 };
const COLOR_TOLERANCE = 24;
function sha256(resRelativePath: string): string {
return createHash('sha256').update(readFileSync(join(RES_DIR, resRelativePath)))
.digest('hex');
}
function colorDistance(
left: { r: number; g: number; b: number },
right: { r: number; g: number; b: number }
): number {
return Math.max(Math.abs(left.r - right.r), Math.abs(left.g - right.g), Math.abs(left.b - right.b));
}
async function samplePixel(
resRelativePath: string,
xRatio: number,
yRatio: number
): Promise<{ r: number; g: number; b: number }> {
const { data, info } = await sharp(join(RES_DIR, resRelativePath)).raw()
.toBuffer({ resolveWithObject: true });
const x = Math.min(info.width - 1, Math.floor(info.width * xRatio));
const y = Math.min(info.height - 1, Math.floor(info.height * yRatio));
const offset = (y * info.width + x) * info.channels;
return { r: data[offset], g: data[offset + 1], b: data[offset + 2] };
}
test.describe('Android brand app icon', () => {
test('ships a launcher icon and splash for every required density', () => {
const allRequired = [...REQUIRED_LAUNCHER_ICON_FILES, ...REQUIRED_SPLASH_FILES];
const present = allRequired.filter((file) => existsSync(join(RES_DIR, file)));
expect(findMissingLauncherResources(present)).toEqual([]);
});
test('replaces every stock Capacitor placeholder with the brand asset', () => {
const allRequired = [...REQUIRED_LAUNCHER_ICON_FILES, ...REQUIRED_SPLASH_FILES];
const hashByFile = Object.fromEntries(
allRequired.filter((file) => existsSync(join(RES_DIR, file))).map((file) => [file, sha256(file)])
);
expect(findStockCapacitorResources(hashByFile)).toEqual([]);
});
test('uses the brand purple as the adaptive-icon background', () => {
const valuesXml = readFileSync(join(RES_DIR, 'values', 'ic_launcher_background.xml'), 'utf8');
const color = readAdaptiveIconBackgroundColor(valuesXml);
expect(color).not.toBe('#FFFFFF');
expect(isBrandLauncherBackgroundColor(color)).toBe(true);
expect(color?.toLowerCase()).toBe(BRAND_LAUNCHER_BACKGROUND_COLOR.toLowerCase());
});
test('renders the brand mark (white cat on a purple disc) in the launcher bitmap', async () => {
const launcher = 'mipmap-xxxhdpi/ic_launcher.png';
const ringTop = await samplePixel(launcher, 0.5, 0.12);
const ringLeft = await samplePixel(launcher, 0.12, 0.5);
const faceCenter = await samplePixel(launcher, 0.5, 0.5);
expect(colorDistance(ringTop, BRAND_PURPLE)).toBeLessThanOrEqual(COLOR_TOLERANCE);
expect(colorDistance(ringLeft, BRAND_PURPLE)).toBeLessThanOrEqual(COLOR_TOLERANCE);
expect(colorDistance(faceCenter, WHITE)).toBeLessThanOrEqual(COLOR_TOLERANCE);
});
test('renders the splash art as the brand mark centred on a purple field', async () => {
const splash = 'drawable-port-xhdpi/splash.png';
const corner = await samplePixel(splash, 0.04, 0.04);
const center = await samplePixel(splash, 0.5, 0.5);
expect(colorDistance(corner, BRAND_PURPLE)).toBeLessThanOrEqual(COLOR_TOLERANCE);
expect(colorDistance(center, WHITE)).toBeLessThanOrEqual(COLOR_TOLERANCE);
});
});

39
e2e/tests/mobile/mobile-login-on-startup.spec.ts Normal file
View File

@@ -0,0 +1,39 @@
import { test, expect } from '../../fixtures/multi-client';
/**
* Regression coverage for: "No login screen mobile phone on startup".
*
* Signed-out mobile users used to be left on a logged-out /dashboard (the
* startup redirect special-cased mobile + root/dashboard and kept them there),
* so they were never greeted with the login screen. The fix removes that mobile
* exception: signed-out visitors are sent to /login on every platform.
*
* The mobile viewport must be set BEFORE navigation so ViewportService reports
* `isMobile === true` at app bootstrap, which is exactly when the redirect ran.
*/
const MOBILE_VIEWPORT = { width: 390, height: 844 };
test.describe('Mobile login screen on startup', () => {
test.describe.configure({ timeout: 120_000 });
test('greets a signed-out mobile visitor on /dashboard with the login screen', async ({ createClient }) => {
const { page } = await createClient();
await page.setViewportSize(MOBILE_VIEWPORT);
await page.goto('/dashboard', { waitUntil: 'domcontentloaded' });
await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
await expect(page.locator('#login-username')).toBeVisible({ timeout: 15_000 });
});
test('greets a signed-out mobile visitor on the app root with the login screen', async ({ createClient }) => {
const { page } = await createClient();
await page.setViewportSize(MOBILE_VIEWPORT);
await page.goto('/', { waitUntil: 'domcontentloaded' });
await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
await expect(page.locator('#login-username')).toBeVisible({ timeout: 15_000 });
});
});

40
e2e/tests/plugins/plugin-api-two-users.spec.ts
View File

@@ -4,13 +4,20 @@ import {
test,
type Client
} from '../../fixtures/multi-client';
import { openPluginStore } from '../../helpers/app-menu';
import {
addPluginSource,
E2E_PLUGIN_SOURCE_URL,
E2E_PLUGIN_TITLE
} from '../../helpers/plugin-store';
import { installWebRTCTracking } from '../../helpers/webrtc-helpers';
import { ChatMessagesPage } from '../../pages/chat-messages.page';
import { ChatRoomPage } from '../../pages/chat-room.page';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
const PLUGIN_SOURCE_URL = 'http://localhost:4200/plugins/e2e-plugin-source.json';
const PLUGIN_TITLE = 'E2E All API Plugin';
const PLUGIN_SOURCE_URL = E2E_PLUGIN_SOURCE_URL;
const PLUGIN_TITLE = E2E_PLUGIN_TITLE;
const EDITED_MESSAGE = 'Plugin API edited message';
const ORIGINAL_MESSAGE = 'Plugin API original message';
const DELETED_MESSAGE = 'Plugin API deleted message';
@@ -35,8 +42,7 @@ test.describe('Plugin API multi-user runtime', () => {
});
await test.step('Activate the server plugin for Bob as the embed/soundboard receiver', async () => {
await installGrantAndActivatePlugin(scenario.bob.page, false);
await closeSettingsModal(scenario.bob.page);
await installRequiredServerPluginsViaModal(scenario.bob.page);
await expect(soundboardComposerButton(scenario.bob.page)).toBeVisible({ timeout: 20_000 });
await expect(scenario.bob.page.getByText(SOUND_BOARD_TEXT, { exact: true })).toBeVisible({ timeout: 20_000 });
});
@@ -87,6 +93,9 @@ async function createPluginApiScenario(createClient: () => Promise<Client>): Pro
const alice = await createClient();
const bob = await createClient();
await installWebRTCTracking(alice.page);
await installWebRTCTracking(bob.page);
await registerUser(alice.page, `alice_${suffix}`, 'Alice');
await registerUser(bob.page, `bob_${suffix}`, 'Bob');
@@ -98,13 +107,10 @@ async function createPluginApiScenario(createClient: () => Promise<Client>): Pro
const aliceRoom = new ChatRoomPage(alice.page);
await aliceRoom.ensureVoiceChannelExists(VOICE_CHANNEL);
await installGrantAndActivatePlugin(alice.page, true);
await closeSettingsModal(alice.page);
await expect(soundboardComposerButton(alice.page)).toBeVisible({ timeout: 20_000 });
const bobSearch = new ServerSearchPage(bob.page);
await bobSearch.joinServerFromSearch(serverName, { acceptPluginDownloads: true });
await bobSearch.joinServerFromSearch(serverName);
await expect(bob.page).toHaveURL(/\/room\//, { timeout: 30_000 });
const bobRoom = new ChatRoomPage(bob.page);
@@ -113,6 +119,9 @@ async function createPluginApiScenario(createClient: () => Promise<Client>): Pro
await bobRoom.joinVoiceChannel(VOICE_CHANNEL);
await expect(aliceRoom.voiceControls).toBeVisible({ timeout: 30_000 });
await expect(bobRoom.voiceControls).toBeVisible({ timeout: 30_000 });
await installGrantAndActivatePlugin(alice.page, true);
await closeSettingsModal(alice.page);
await expect(soundboardComposerButton(alice.page)).toBeVisible({ timeout: 20_000 });
const aliceMessages = new ChatMessagesPage(alice.page);
const bobMessages = new ChatMessagesPage(bob.page);
@@ -141,14 +150,11 @@ async function registerUser(page: Page, username: string, displayName: string):
}
async function installGrantAndActivatePlugin(page: Page, installFromStore: boolean): Promise<void> {
await page.getByRole('button', { name: 'Plugin Store' }).click();
await expect(page).toHaveURL(/\/plugin-store/, { timeout: 20_000 });
await openPluginStore(page);
await expect(page.getByTestId('plugin-store-page')).toBeVisible({ timeout: 20_000 });
if (installFromStore) {
await page.getByLabel('Plugin source manifest URL').fill(PLUGIN_SOURCE_URL);
await page.getByRole('button', { name: 'Add Source' }).click();
await expect(page.getByRole('heading', { name: PLUGIN_TITLE })).toBeVisible({ timeout: 20_000 });
await addPluginSource(page, PLUGIN_SOURCE_URL);
await page.locator('article', { hasText: PLUGIN_TITLE }).getByRole('button', { exact: true, name: /^(Install|Install to Server)$/ })
.click();
@@ -171,6 +177,14 @@ async function installGrantAndActivatePlugin(page: Page, installFromStore: boole
await expect(page.getByText('all-api plugin completed')).toBeVisible({ timeout: 30_000 });
}
async function installRequiredServerPluginsViaModal(page: Page): Promise<void> {
const installButton = page.getByRole('button', { name: 'Install plugins' });
await expect(installButton).toBeVisible({ timeout: 30_000 });
await installButton.click();
await expect(installButton).toHaveCount(0, { timeout: 30_000 });
}
async function closeSettingsModal(page: Page): Promise<void> {
await page.keyboard.press('Escape');
await expect(page.getByTestId('plugin-manager')).toHaveCount(0);

14
e2e/tests/plugins/plugin-manager-ui.spec.ts
View File

@@ -1,4 +1,7 @@
import { expect, test } from '../../fixtures/multi-client';
import { openPluginStore } from '../../helpers/app-menu';
import { expectDashboardReady } from '../../helpers/dashboard';
import { addPluginSource } from '../../helpers/plugin-store';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
@@ -15,7 +18,7 @@ test.describe('Plugin manager UI', () => {
await test.step('Register user and create server context', async () => {
await register.goto();
await register.register(`plugin_${suffix}`, 'Plugin Tester', 'TestPass123!');
await expect(page.getByPlaceholder('Search people, servers, or paste an invite...')).toBeVisible({ timeout: 30_000 });
await expectDashboardReady(page);
await search.createServer(`Plugin API Server ${suffix}`, {
description: 'Plugin manager UI E2E coverage'
});
@@ -23,16 +26,13 @@ test.describe('Plugin manager UI', () => {
await expect(page).toHaveURL(/\/room\//, { timeout: 30_000 });
});
await test.step('Open visible Plugin Store button', async () => {
await page.getByRole('button', { name: 'Plugin Store' }).click();
await expect(page).toHaveURL(/\/plugin-store/, { timeout: 10_000 });
await test.step('Open Plugin Store from the title-bar menu', async () => {
await openPluginStore(page);
await expect(page.getByTestId('plugin-store-page')).toBeVisible({ timeout: 10_000 });
});
await test.step('Install fixture plugin from source manifest', async () => {
await page.getByLabel('Plugin source manifest URL').fill('http://localhost:4200/plugins/e2e-plugin-source.json');
await page.getByRole('button', { name: 'Add Source' }).click();
await expect(page.getByRole('heading', { name: 'E2E All API Plugin' })).toBeVisible({ timeout: 15_000 });
await addPluginSource(page);
const pluginCard = page.locator('article', { hasText: 'E2E All API Plugin' });
await pluginCard.getByRole('button', { name: 'Readme' }).click();

98
e2e/tests/servers/server-discovery-default.spec.ts Normal file
View File

@@ -0,0 +1,98 @@
import { test, expect } from '../../fixtures/multi-client';
import { type Client } from '../../fixtures/multi-client';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
import { dashboardSearchInput, expectDashboardReady } from '../../helpers/dashboard';
import { MULTI_DEVICE_PASSWORD, uniqueMultiDeviceName } from '../../helpers/multi-device-session';
/**
* Regression coverage for: "Fresh users have the server list in dashboard
* completely empty until anything searched."
*
* The directory exposes a curated discovery view (featured/trending) that must
* populate the dashboard "Popular Servers" panel and the /servers page without
* the user typing a search query. A stale client-side host blocklist used to
* short-circuit discovery to [] for the default production endpoints, so servers
* only appeared once a search ran. These tests prove the default view is
* populated, and that discovery self-heals when an endpoint lacks the
* featured/trending routes (older signal servers answer them with 404).
*/
async function createPublicServer(client: Client, username: string, serverName: string): Promise<void> {
const register = new RegisterPage(client.page);
await register.goto();
await register.register(username, 'Discovery Host', MULTI_DEVICE_PASSWORD);
await expect(client.page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
const search = new ServerSearchPage(client.page);
await search.createServer(serverName, { description: 'Public discovery server' });
await expect(client.page).toHaveURL(/\/room\//, { timeout: 15_000 });
}
function popularServersPanel(client: Client) {
return client.page.locator('div.rounded-xl', { hasText: 'Popular Servers' });
}
test.describe('Server discovery default view', () => {
test.describe.configure({ timeout: 120_000, retries: 1 });
test('a fresh account sees public servers in Popular Servers without searching', async ({ createClient }) => {
const suffix = uniqueMultiDeviceName('discovery-default');
const serverName = `Discovery Default ${suffix}`;
const host = await createClient();
const visitor = await createClient();
await test.step('host registers and publishes a public server', async () => {
await createPublicServer(host, `host_${suffix}`, serverName);
});
await test.step('a brand-new account registers', async () => {
const register = new RegisterPage(visitor.page);
await register.goto();
await register.register(`visitor_${suffix}`, 'Discovery Visitor', MULTI_DEVICE_PASSWORD);
await expectDashboardReady(visitor.page);
});
await test.step('Popular Servers lists the public server with no search query entered', async () => {
await expect(dashboardSearchInput(visitor.page)).toHaveValue('');
await expect(popularServersPanel(visitor).getByText(serverName)).toBeVisible({ timeout: 30_000 });
});
});
test('discovery falls back to the public listing when featured/trending routes 404', async ({ createClient }) => {
const suffix = uniqueMultiDeviceName('discovery-fallback');
const serverName = `Discovery Fallback ${suffix}`;
const host = await createClient();
const visitor = await createClient();
await test.step('host registers and publishes a public server', async () => {
await createPublicServer(host, `host_${suffix}`, serverName);
});
await test.step('simulate a legacy signal server without featured/trending routes', async () => {
const notFound = {
status: 404,
contentType: 'application/json',
body: JSON.stringify({ error: 'Server not found', errorCode: 'SERVER_NOT_FOUND' })
};
await visitor.page.route('**/api/servers/featured**', (route) => route.fulfill(notFound));
await visitor.page.route('**/api/servers/trending**', (route) => route.fulfill(notFound));
});
await test.step('a brand-new account registers against the legacy-style endpoint', async () => {
const register = new RegisterPage(visitor.page);
await register.goto();
await register.register(`visitor_${suffix}`, 'Discovery Visitor', MULTI_DEVICE_PASSWORD);
await expectDashboardReady(visitor.page);
});
await test.step('Popular Servers still lists the server via the public-listing fallback', async () => {
await expect(dashboardSearchInput(visitor.page)).toHaveValue('');
await expect(popularServersPanel(visitor).getByText(serverName)).toBeVisible({ timeout: 30_000 });
});
});
});

7
e2e/tests/settings/connectivity-warning.spec.ts
View File

@@ -1,4 +1,5 @@
import { test, expect } from '../../fixtures/multi-client';
import { expectDashboardReady } from '../../helpers/dashboard';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
import { ChatRoomPage } from '../../pages/chat-room.page';
@@ -88,7 +89,7 @@ test.describe('Connectivity warning', () => {
await register.goto();
await register.register(`alice_${suffix}`, 'Alice', 'TestPass123!');
await expect(alice.page.getByPlaceholder('Search people, servers, or paste an invite...')).toBeVisible({ timeout: 30_000 });
await expectDashboardReady(alice.page);
});
await test.step('Register Bob', async () => {
@@ -96,7 +97,7 @@ test.describe('Connectivity warning', () => {
await register.goto();
await register.register(`bob_${suffix}`, 'Bob', 'TestPass123!');
await expect(bob.page.getByPlaceholder('Search people, servers, or paste an invite...')).toBeVisible({ timeout: 30_000 });
await expectDashboardReady(bob.page);
});
await test.step('Register Charlie', async () => {
@@ -104,7 +105,7 @@ test.describe('Connectivity warning', () => {
await register.goto();
await register.register(`charlie_${suffix}`, 'Charlie', 'TestPass123!');
await expect(charlie.page.getByPlaceholder('Search people, servers, or paste an invite...')).toBeVisible({ timeout: 30_000 });
await expectDashboardReady(charlie.page);
});
// ── Create server and have everyone join ──

8
e2e/tests/settings/ice-server-settings.spec.ts
View File

@@ -1,4 +1,6 @@
import { test, expect } from '../../fixtures/multi-client';
import { openSettingsFromMenu } from '../../helpers/app-menu';
import { expectDashboardReady } from '../../helpers/dashboard';
import { RegisterPage } from '../../pages/register.page';
test.describe('ICE server settings', () => {
@@ -9,8 +11,8 @@ test.describe('ICE server settings', () => {
await register.goto();
await register.register(`user_${suffix}`, 'IceTestUser', 'TestPass123!');
await expect(page.getByPlaceholder('Search people, servers, or paste an invite...')).toBeVisible({ timeout: 30_000 });
await page.getByTitle('Settings').click();
await expectDashboardReady(page);
await openSettingsFromMenu(page);
await expect(page.getByRole('button', { name: 'Network' })).toBeVisible({ timeout: 10_000 });
await page.getByRole('button', { name: 'Network' }).click();
await expect(page.getByTestId('ice-server-settings')).toBeVisible({ timeout: 10_000 });
@@ -101,7 +103,7 @@ test.describe('ICE server settings', () => {
await expect(page.getByText('stun:persist-test.example.com:3478')).toBeVisible({ timeout: 5_000 });
await page.reload({ waitUntil: 'domcontentloaded' });
await page.getByTitle('Settings').click();
await openSettingsFromMenu(page);
await expect(page.getByRole('button', { name: 'Network' })).toBeVisible({ timeout: 10_000 });
await page.getByRole('button', { name: 'Network' }).click();
await expect(page.getByText('stun:persist-test.example.com:3478')).toBeVisible({ timeout: 10_000 });

5
e2e/tests/settings/stun-turn-fallback.spec.ts
View File

@@ -1,4 +1,5 @@
import { test, expect } from '../../fixtures/multi-client';
import { expectDashboardReady } from '../../helpers/dashboard';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
import { ChatRoomPage } from '../../pages/chat-room.page';
@@ -89,7 +90,7 @@ test.describe('STUN/TURN fallback behaviour', () => {
await register.goto();
await register.register(`alice_${suffix}`, 'Alice', 'TestPass123!');
await expect(alice.page.getByPlaceholder('Search people, servers, or paste an invite...')).toBeVisible({ timeout: 30_000 });
await expectDashboardReady(alice.page);
});
await test.step('Register Bob', async () => {
@@ -97,7 +98,7 @@ test.describe('STUN/TURN fallback behaviour', () => {
await register.goto();
await register.register(`bob_${suffix}`, 'Bob', 'TestPass123!');
await expect(bob.page.getByPlaceholder('Search people, servers, or paste an invite...')).toBeVisible({ timeout: 30_000 });
await expectDashboardReady(bob.page);
});
await test.step('Alice creates a server', async () => {

26
e2e/tests/voice/mixed-signal-config-voice.spec.ts
View File

@@ -18,7 +18,8 @@ import {
import {
authHeaders,
readAuthTokenFromPage,
registerTestUser
registerTestUser,
type AuthSession
} from '../../helpers/auth-api';
import { RegisterPage } from '../../pages/register.page';
import { ServerSearchPage } from '../../pages/server-search.page';
@@ -150,6 +151,14 @@ test.describe('Mixed signal-config voice', () => {
}
});
let secondaryRoomId = '';
// Identity that owns the secondary room. The invite must be created with
// this same API session: client 0 also auto-provisions a *separate*
// identity on the secondary signal endpoint, which overwrites the page's
// stored token, so reading the token back from the page would yield a
// non-owner identity and the invite request would be rejected (NOT_MEMBER).
let secondaryRoomOwner: AuthSession;
// ── Create rooms ────────────────────────────────────────────
await test.step('Create voice room on primary and chat room on secondary', async () => {
// Use a "both" user (client 0) to create both rooms
@@ -190,6 +199,7 @@ test.describe('Mixed signal-config voice', () => {
);
secondaryRoomId = secondaryRoom.id;
secondaryRoomOwner = secondarySession;
});
// ── Create invite links ─────────────────────────────────────
@@ -198,7 +208,6 @@ test.describe('Mixed signal-config voice', () => {
// Group D (secondary-only) needs invite to primary room.
let primaryRoomInviteUrl: string;
let secondaryRoomInviteUrl: string;
let secondaryRoomId = '';
await test.step('Create invite links for cross-signal rooms', async () => {
// Navigate to voice room to get its ID
@@ -220,17 +229,14 @@ test.describe('Mixed signal-config voice', () => {
primaryRoomInviteUrl = `/invite/${primaryInvite.id}?server=${encodeURIComponent(testServer.url)}`;
// Create invite for secondary room (chat) via API
const secondaryToken = await readAuthTokenFromPage(clients[0].page, secondaryServer.url);
if (!secondaryToken) {
throw new Error('Missing session token for secondary signal invite creation');
}
// Create invite for secondary room (chat) via API using the API session
// that owns the room. The page-stored token for the secondary endpoint
// belongs to client 0's auto-provisioned identity, which is not the
// room owner and would be rejected with NOT_MEMBER.
const secondaryInvite = await createInviteViaApi(
secondaryServer.url,
secondaryRoomId,
secondaryToken,
secondaryRoomOwner.token,
clients[0].user.displayName
);

14
electron/api/auth-store.spec.ts Normal file
View File

@@ -0,0 +1,14 @@
import {
describe,
expect,
it
} from 'vitest';
import { getLocalApiTokenTtlMs } from './auth-store';
const TEN_YEARS_MS = 10 * 365 * 24 * 60 * 60 * 1000;
describe('auth-store', () => {
it('defaults local API tokens to a very long lifetime', () => {
expect(getLocalApiTokenTtlMs()).toBe(TEN_YEARS_MS);
});
});

8
electron/api/auth-store.ts
View File

@@ -10,9 +10,13 @@ export interface IssuedToken {
expiresAt: number;
}
const TOKEN_TTL_MS = 24 * 60 * 60 * 1000;
const DEFAULT_TOKEN_TTL_MS = 10 * 365 * 24 * 60 * 60 * 1000;
const tokens = new Map<string, IssuedToken>();
export function getLocalApiTokenTtlMs(): number {
return DEFAULT_TOKEN_TTL_MS;
}
export function issueToken(params: {
userId: string;
username: string;
@@ -24,7 +28,7 @@ export function issueToken(params: {
const issued: IssuedToken = {
token,
issuedAt,
expiresAt: issuedAt + TOKEN_TTL_MS,
expiresAt: issuedAt + getLocalApiTokenTtlMs(),
userId: params.userId,
username: params.username,
displayName: params.displayName,

60
electron/api/provision-secret-store.ts Normal file
View File

@@ -0,0 +1,60 @@
import { safeStorage } from 'electron';
import {
mkdir,
readFile,
writeFile
} from 'fs/promises';
import path from 'path';
import { app } from 'electron';
const STORAGE_DIR_NAME = 'provision-secrets';
function getStorageDir(): string {
return path.join(app.getPath('userData'), STORAGE_DIR_NAME);
}
function getSecretFilePath(homeUserId: string): string {
return path.join(getStorageDir(), `${homeUserId}.bin`);
}
async function ensureStorageDir(): Promise<void> {
await mkdir(getStorageDir(), { recursive: true });
}
export async function storeProvisionSecret(homeUserId: string, secret: string): Promise<boolean> {
if (!homeUserId.trim() || !secret) {
return false;
}
await ensureStorageDir();
if (!safeStorage.isEncryptionAvailable()) {
await writeFile(getSecretFilePath(homeUserId), secret, 'utf8');
return true;
}
const encrypted = safeStorage.encryptString(secret);
await writeFile(getSecretFilePath(homeUserId), encrypted);
return true;
}
export async function getProvisionSecret(homeUserId: string): Promise<string | null> {
if (!homeUserId.trim()) {
return null;
}
try {
const filePath = getSecretFilePath(homeUserId);
const payload = await readFile(filePath);
if (!safeStorage.isEncryptionAvailable()) {
return payload.toString('utf8');
}
return safeStorage.decryptString(payload);
} catch {
return null;
}
}

17
electron/app/lifecycle.ts
View File

@@ -22,6 +22,12 @@ import {
setupWindowControlHandlers
} from '../ipc';
import { startIdleMonitor, stopIdleMonitor } from '../idle/idle-monitor';
import {
attachRendererDiagnosticsHooks,
ensurePerfDiagIpcRegistered,
shutdownPerfDiagnostics,
startPerfDiagnostics
} from '../diagnostics';
function startLocalApiAfterWindowReady(): void {
setImmediate(() => {
@@ -32,6 +38,8 @@ function startLocalApiAfterWindowReady(): void {
}
export function registerAppLifecycle(): void {
ensurePerfDiagIpcRegistered();
app.whenReady().then(async () => {
const dockIconPath = getDockIconPath();
@@ -45,7 +53,15 @@ export function registerAppLifecycle(): void {
await migrateLegacyDesktopBranding();
await synchronizeAutoStartSetting();
initializeDesktopUpdater();
startPerfDiagnostics();
await createWindow();
const mainWindow = getMainWindow();
if (mainWindow) {
attachRendererDiagnosticsHooks(mainWindow);
}
startLocalApiAfterWindowReady();
startIdleMonitor();
@@ -67,6 +83,7 @@ export function registerAppLifecycle(): void {
app.on('before-quit', async (event) => {
prepareWindowForAppQuit();
await shutdownPerfDiagnostics();
if (getDataSource()?.isInitialized) {
event.preventDefault();

27
electron/diagnostics/diagnostics.flags.spec.ts Normal file
View File

@@ -0,0 +1,27 @@
import {
describe,
it,
expect
} from 'vitest';
import { isPerfDiagEnabled } from './diagnostics.flags';
describe('isPerfDiagEnabled', () => {
it('returns false when the flag is unset', () => {
expect(isPerfDiagEnabled({}, false)).toBe(false);
expect(isPerfDiagEnabled({}, true)).toBe(false);
});
it('returns true in development when METOYOU_PERF_DIAG is truthy', () => {
expect(isPerfDiagEnabled({ METOYOU_PERF_DIAG: '1' }, false)).toBe(true);
expect(isPerfDiagEnabled({ METOYOU_PERF_DIAG: 'true' }, false)).toBe(true);
expect(isPerfDiagEnabled({ METOYOU_PERF_DIAG: 'on' }, false)).toBe(true);
});
it('returns false in packaged builds unless force is set', () => {
expect(isPerfDiagEnabled({ METOYOU_PERF_DIAG: '1' }, true)).toBe(false);
expect(isPerfDiagEnabled({
METOYOU_PERF_DIAG: '1',
METOYOU_PERF_DIAG_FORCE: '1'
}, true)).toBe(true);
});
});

29
electron/diagnostics/diagnostics.flags.ts Normal file
View File

@@ -0,0 +1,29 @@
export const PERF_DIAG_ENV = 'METOYOU_PERF_DIAG';
export const PERF_DIAG_FORCE_ENV = 'METOYOU_PERF_DIAG_FORCE';
const TRUTHY = new Set([
'1',
'true',
'yes',
'on'
]);
function isTruthyFlag(value: string | undefined): boolean {
return TRUTHY.has(String(value ?? '').trim()
.toLowerCase());
}
export function isPerfDiagEnabled(
env: NodeJS.ProcessEnv,
isPackaged: boolean
): boolean {
if (!isTruthyFlag(env[PERF_DIAG_ENV])) {
return false;
}
if (isPackaged && !isTruthyFlag(env[PERF_DIAG_FORCE_ENV])) {
return false;
}
return true;
}

214
electron/diagnostics/diagnostics.lifecycle.ts Normal file
View File

@@ -0,0 +1,214 @@
import {
app,
BrowserWindow,
ipcMain
} from 'electron';
import { collectAppMetricsSnapshot } from '../app-metrics';
import { sumWorkingSetKb } from './process-metrics.rules';
import { isPerfDiagEnabled } from './diagnostics.flags';
import type { PerfDiagEntry } from './diagnostics.models';
import { PerfDiagWriter } from './diagnostics.writer';
const PROCESS_POLL_INTERVAL_MS = 5_000;
let activeWriter: PerfDiagWriter | null = null;
let processPollTimer: NodeJS.Timeout | null = null;
let diagnosticsEnabled = false;
let ipcRegistered = false;
export function isPerfDiagActive(): boolean {
return diagnosticsEnabled;
}
export function ensurePerfDiagIpcRegistered(): void {
if (ipcRegistered) {
return;
}
ipcRegistered = true;
ipcMain.handle('perf-diag-is-enabled', () => diagnosticsEnabled);
ipcMain.handle('perf-diag-report', (_event, entry: PerfDiagEntry) => {
const writer = activeWriter;
if (!diagnosticsEnabled || !writer) {
return false;
}
try {
writer.append(normalizeRendererEntry(entry));
return true;
} catch {
return false;
}
});
}
export function getActivePerfDiagWriter(): PerfDiagWriter | null {
return activeWriter;
}
export function startPerfDiagnostics(): PerfDiagWriter | null {
ensurePerfDiagIpcRegistered();
diagnosticsEnabled = isPerfDiagEnabled(process.env, app.isPackaged);
if (!diagnosticsEnabled) {
return null;
}
const sessionId = `${Date.now().toString(36)}-${process.pid}`;
const writer = new PerfDiagWriter({
userDataPath: app.getPath('userData'),
sessionId
});
activeWriter = writer;
registerProcessCrashHandlers(writer);
startProcessMetricsPolling(writer);
writer.append({
collectedAt: Date.now(),
source: 'main',
type: 'session',
payload: {
event: 'started',
sessionId,
filePath: writer.snapshotFilePath
}
});
return writer;
}
export function attachRendererDiagnosticsHooks(window: BrowserWindow): void {
const writer = activeWriter;
if (!writer) {
return;
}
window.webContents.on('render-process-gone', (_event, details) => {
writer.append({
collectedAt: Date.now(),
source: 'main',
type: 'crash',
payload: {
reason: details.reason,
exitCode: details.exitCode
}
});
void writer.flushSnapshot('render-process-gone');
});
window.webContents.on('unresponsive', () => {
writer.append({
collectedAt: Date.now(),
source: 'main',
type: 'unresponsive',
payload: {}
});
});
window.webContents.on('responsive', () => {
writer.append({
collectedAt: Date.now(),
source: 'main',
type: 'session',
payload: { event: 'renderer-responsive' }
});
});
}
export async function shutdownPerfDiagnostics(): Promise<void> {
if (!activeWriter) {
return;
}
await activeWriter.flushSnapshot('shutdown');
if (processPollTimer) {
clearInterval(processPollTimer);
processPollTimer = null;
}
activeWriter = null;
diagnosticsEnabled = false;
}
function registerProcessCrashHandlers(writer: PerfDiagWriter): void {
app.on('child-process-gone', (_event, details) => {
writer.append({
collectedAt: Date.now(),
source: 'main',
type: 'crash',
payload: {
type: details.type,
reason: details.reason,
exitCode: details.exitCode,
serviceName: details.serviceName ?? null,
name: details.name ?? null
}
});
});
process.on('uncaughtException', (error) => {
writer.append({
collectedAt: Date.now(),
source: 'main',
type: 'crash',
payload: {
scope: 'main-uncaughtException',
message: error.message
}
});
void writer.flushSnapshot('uncaughtException');
});
process.on('unhandledRejection', (reason) => {
writer.append({
collectedAt: Date.now(),
source: 'main',
type: 'crash',
payload: {
scope: 'main-unhandledRejection',
reason: String(reason)
}
});
});
}
function startProcessMetricsPolling(writer: PerfDiagWriter): void {
const sample = (): void => {
try {
const metrics = collectAppMetricsSnapshot();
const totalKb = sumWorkingSetKb(metrics.processes);
writer.append({
collectedAt: metrics.collectedAt,
source: 'main',
type: 'process',
payload: {
totalWorkingSetKb: totalKb,
processes: metrics.processes
}
});
} catch {
// Collector failures must never affect the app.
}
};
sample();
processPollTimer = setInterval(sample, PROCESS_POLL_INTERVAL_MS);
}
function normalizeRendererEntry(entry: PerfDiagEntry): PerfDiagEntry {
return {
collectedAt: Number(entry.collectedAt) || Date.now(),
source: 'renderer',
type: entry.type,
payload: entry.payload ?? {}
};
}

17
electron/diagnostics/diagnostics.models.ts Normal file
View File

@@ -0,0 +1,17 @@
export type PerfDiagSource = 'main' | 'renderer';
export type PerfDiagEntryType =
| 'session'
| 'process'
| 'store'
| 'components'
| 'heap'
| 'crash'
| 'unresponsive';
export interface PerfDiagEntry {
collectedAt: number;
source: PerfDiagSource;
type: PerfDiagEntryType;
payload: Record<string, unknown>;
}

53
electron/diagnostics/diagnostics.rules.spec.ts Normal file
View File

@@ -0,0 +1,53 @@
import {
describe,
it,
expect
} from 'vitest';
import {
formatPerfDiagLine,
pushRingBuffer,
resolveDiagnosticsFilePath
} from './diagnostics.rules';
describe('pushRingBuffer', () => {
it('appends items until capacity is reached', () => {
expect(pushRingBuffer([1, 2], 3, 4)).toEqual([
1,
2,
3
]);
});
it('drops the oldest items when capacity is exceeded', () => {
expect(pushRingBuffer([
1,
2,
3
], 4, 3)).toEqual([
2,
3,
4
]);
});
});
describe('formatPerfDiagLine', () => {
it('serializes one JSON object per line', () => {
const line = formatPerfDiagLine({
collectedAt: 1_700_000_000_000,
source: 'main',
type: 'process',
payload: { browserKb: 128 }
});
expect(line).toBe('{"collectedAt":1700000000000,"source":"main","type":"process","payload":{"browserKb":128}}');
expect(line.endsWith('\n')).toBe(false);
});
});
describe('resolveDiagnosticsFilePath', () => {
it('places session files under diagnostics/', () => {
expect(resolveDiagnosticsFilePath('/tmp/user-data', 'session-1'))
.toBe('/tmp/user-data/diagnostics/perf-session-1.jsonl');
});
});

24
electron/diagnostics/diagnostics.rules.ts Normal file
View File

@@ -0,0 +1,24 @@
import * as path from 'path';
import type { PerfDiagEntry } from './diagnostics.models';
export function pushRingBuffer<T>(items: readonly T[], item: T, capacity: number): T[] {
const next = [...items, item];
if (next.length <= capacity) {
return next;
}
return next.slice(next.length - capacity);
}
export function formatPerfDiagLine(entry: PerfDiagEntry): string {
return JSON.stringify(entry);
}
export function resolveDiagnosticsFilePath(userDataPath: string, sessionId: string): string {
return path.join(userDataPath, 'diagnostics', `perf-${sessionId}.jsonl`);
}
export function resolveDiagnosticsDirectory(userDataPath: string): string {
return path.join(userDataPath, 'diagnostics');
}

108
electron/diagnostics/diagnostics.writer.ts Normal file
View File

@@ -0,0 +1,108 @@
import * as fsp from 'fs/promises';
import * as path from 'path';
import type { PerfDiagEntry } from './diagnostics.models';
import {
formatPerfDiagLine,
pushRingBuffer,
resolveDiagnosticsFilePath
} from './diagnostics.rules';
const DEFAULT_RING_CAPACITY = 120;
const FLUSH_DEBOUNCE_MS = 250;
export interface PerfDiagWriterOptions {
userDataPath: string;
sessionId: string;
ringCapacity?: number;
}
export class PerfDiagWriter {
private readonly filePath: string;
private readonly ringCapacity: number;
private readonly pendingLines: string[] = [];
private ring: PerfDiagEntry[] = [];
private flushTimer: NodeJS.Timeout | null = null;
private flushInFlight: Promise<void> | null = null;
private disabled = false;
constructor(options: PerfDiagWriterOptions) {
this.filePath = resolveDiagnosticsFilePath(options.userDataPath, options.sessionId);
this.ringCapacity = options.ringCapacity ?? DEFAULT_RING_CAPACITY;
}
get snapshotFilePath(): string {
return this.filePath;
}
get bufferedEntries(): readonly PerfDiagEntry[] {
return this.ring;
}
append(entry: PerfDiagEntry): void {
if (this.disabled) {
return;
}
try {
this.ring = pushRingBuffer(this.ring, entry, this.ringCapacity);
this.pendingLines.push(`${formatPerfDiagLine(entry)}\n`);
this.scheduleFlush();
} catch {
this.disabled = true;
}
}
async flush(): Promise<void> {
if (this.disabled || this.pendingLines.length === 0) {
return;
}
if (this.flushInFlight) {
await this.flushInFlight;
return;
}
const lines = this.pendingLines.splice(0, this.pendingLines.length);
this.flushInFlight = this.writeLines(lines)
.catch(() => {
this.disabled = true;
})
.finally(() => {
this.flushInFlight = null;
});
await this.flushInFlight;
}
async flushSnapshot(label: string): Promise<void> {
this.append({
collectedAt: Date.now(),
source: 'main',
type: 'session',
payload: {
event: label,
filePath: this.filePath,
entries: this.ring
}
});
await this.flush();
}
private scheduleFlush(): void {
if (this.flushTimer) {
return;
}
this.flushTimer = setTimeout(() => {
this.flushTimer = null;
void this.flush();
}, FLUSH_DEBOUNCE_MS);
}
private async writeLines(lines: string[]): Promise<void> {
await fsp.mkdir(path.dirname(this.filePath), { recursive: true });
await fsp.appendFile(this.filePath, lines.join(''), 'utf8');
}
}

11
electron/diagnostics/index.ts Normal file
View File

@@ -0,0 +1,11 @@
export { isPerfDiagEnabled, PERF_DIAG_ENV, PERF_DIAG_FORCE_ENV } from './diagnostics.flags';
export {
attachRendererDiagnosticsHooks,
ensurePerfDiagIpcRegistered,
getActivePerfDiagWriter,
isPerfDiagActive,
shutdownPerfDiagnostics,
startPerfDiagnostics
} from './diagnostics.lifecycle';
export type { PerfDiagEntry, PerfDiagEntryType, PerfDiagSource } from './diagnostics.models';
export { PerfDiagWriter } from './diagnostics.writer';

19
electron/diagnostics/process-metrics.rules.ts Normal file
View File

@@ -0,0 +1,19 @@
export interface ProcessWorkingSetSnapshot {
workingSetKb: number | null;
}
export function sumWorkingSetKb(processes: readonly ProcessWorkingSetSnapshot[]): number | null {
let total = 0;
let hasAny = false;
for (const process of processes) {
if (process.workingSetKb == null || process.workingSetKb < 0) {
continue;
}
total += process.workingSetKb;
hasAny = true;
}
return hasAny ? total : null;
}

15
electron/ipc/system.ts
View File

@@ -20,6 +20,7 @@ import {
type DesktopSettings
} from '../desktop-settings';
import { applyLocalApiSettings, getLocalApiSnapshot } from '../api';
import { getProvisionSecret, storeProvisionSecret } from '../api/provision-secret-store';
import {
activateLinuxScreenShareAudioRouting,
deactivateLinuxScreenShareAudioRouting,
@@ -62,7 +63,11 @@ import { listRunningProcessNames } from '../process-list';
import { detectActiveGame } from '../game-detection';
import { collectAppMetricsSnapshot } from '../app-metrics';
import { clearAllTokens } from '../api/auth-store';
import { assertPathUnderUserData, grantPluginReadRoot, resolveReadablePath } from '../path-jail';
import {
assertPathUnderUserData,
grantPluginReadRoot,
resolveReadablePath
} from '../path-jail';
const DEFAULT_MIME_TYPE = 'application/octet-stream';
const MAX_ACTIVE_DESKTOP_NOTIFICATIONS = 20;
@@ -380,6 +385,14 @@ export function setupSystemHandlers(): void {
ipcMain.handle('get-app-metrics', () => collectAppMetricsSnapshot());
ipcMain.handle('store-provision-secret', async (_event, homeUserId: string, secret: string) =>
await storeProvisionSecret(homeUserId, secret)
);
ipcMain.handle('get-provision-secret', async (_event, homeUserId: string) =>
await getProvisionSecret(homeUserId)
);
ipcMain.handle('get-app-data-path', () => app.getPath('userData'));
ipcMain.handle('open-current-data-folder', async () => await openCurrentDataFolder());
ipcMain.handle('export-user-data', async () => await exportUserData());

3
electron/path-jail.spec.ts
View File

@@ -37,8 +37,10 @@ describe('path-jail', () => {
it('accepts cached plugin bundle paths under plugin-bundles', async () => {
const bundleDir = path.join(tempRoot, 'plugin-bundles', 'example.plugin', '1.0.0');
fs.mkdirSync(bundleDir, { recursive: true });
const bundlePath = path.join(bundleDir, 'main.js');
fs.writeFileSync(bundlePath, 'export default {}');
await expect(assertPathUnderRoot(tempRoot, bundlePath)).resolves.toBe(bundlePath);
@@ -59,6 +61,7 @@ describe('path-jail', () => {
it('allows user-granted plugin source roots outside app data', async () => {
const externalRoot = fs.mkdtempSync(path.join(os.tmpdir(), 'metoyou-plugin-source-'));
const manifestPath = path.join(externalRoot, 'plugin-source.json');
fs.writeFileSync(manifestPath, '{}');
grantPluginReadRoot(externalRoot);

17
electron/preload.ts
View File

@@ -252,6 +252,13 @@ export interface ElectronAPI {
workingSetKb: number | null;
}[];
}>;
isPerfDiagEnabled: () => Promise<boolean>;
reportPerfDiagSample: (entry: {
collectedAt: number;
source: 'main' | 'renderer';
type: string;
payload: Record<string, unknown>;
}) => Promise<boolean>;
getAppDataPath: () => Promise<string>;
openCurrentDataFolder: () => Promise<boolean>;
exportUserData: () => Promise<ExportUserDataResult>;
@@ -339,6 +346,9 @@ export interface ElectronAPI {
command: <T = unknown>(command: Command) => Promise<T>;
query: <T = unknown>(query: Query) => Promise<T>;
storeProvisionSecret: (homeUserId: string, secret: string) => Promise<boolean>;
getProvisionSecret: (homeUserId: string) => Promise<string | null>;
}
const electronAPI: ElectronAPI = {
@@ -388,6 +398,8 @@ const electronAPI: ElectronAPI = {
};
},
getAppMetrics: () => ipcRenderer.invoke('get-app-metrics'),
isPerfDiagEnabled: () => ipcRenderer.invoke('perf-diag-is-enabled'),
reportPerfDiagSample: (entry) => ipcRenderer.invoke('perf-diag-report', entry),
getAppDataPath: () => ipcRenderer.invoke('get-app-data-path'),
openCurrentDataFolder: () => ipcRenderer.invoke('open-current-data-folder'),
exportUserData: () => ipcRenderer.invoke('export-user-data'),
@@ -493,7 +505,10 @@ const electronAPI: ElectronAPI = {
},
command: (command) => ipcRenderer.invoke('cqrs:command', command),
query: (query) => ipcRenderer.invoke('cqrs:query', query)
query: (query) => ipcRenderer.invoke('cqrs:query', query),
storeProvisionSecret: (homeUserId, secret) => ipcRenderer.invoke('store-provision-secret', homeUserId, secret),
getProvisionSecret: (homeUserId) => ipcRenderer.invoke('get-provision-secret', homeUserId)
};
contextBridge.exposeInMainWorld('electronAPI', electronAPI);

7
electron/window/create-window.ts
View File

@@ -11,6 +11,7 @@ import * as fs from 'fs';
import * as path from 'path';
import { DESKTOP_APP_DISPLAY_NAME } from '../app/desktop-branding.rules';
import { readDesktopSettings } from '../desktop-settings';
import { resolveDevelopmentClientUrl } from './dev-client-url.rules';
let mainWindow: BrowserWindow | null = null;
let tray: Tray | null = null;
@@ -277,11 +278,7 @@ export async function createWindow(): Promise<void> {
}
if (process.env['NODE_ENV'] === 'development') {
const devUrl = process.env['SSL'] === 'true'
? 'https://localhost:4200'
: 'http://localhost:4200';
await mainWindow.loadURL(devUrl);
await mainWindow.loadURL(resolveDevelopmentClientUrl(process.env['SSL'] === 'true'));
if (process.env['DEBUG_DEVTOOLS'] === '1') {
mainWindow.webContents.openDevTools();

26
electron/window/dev-client-url.rules.spec.ts Normal file
View File

@@ -0,0 +1,26 @@
import {
describe,
expect,
it
} from 'vitest';
import {
DEV_CLIENT_HOST,
DEV_CLIENT_PORT,
resolveDevelopmentClientUrl
} from './dev-client-url.rules';
describe('dev-client-url.rules', () => {
it('targets loopback IPv4 so dev wait-on avoids stale localhost IPv6 listeners', () => {
expect(DEV_CLIENT_HOST).toBe('127.0.0.1');
expect(DEV_CLIENT_PORT).toBe(4200);
});
it('builds the HTTP dev client URL', () => {
expect(resolveDevelopmentClientUrl(false)).toBe('http://127.0.0.1:4200');
});
it('builds the HTTPS dev client URL', () => {
expect(resolveDevelopmentClientUrl(true)).toBe('https://127.0.0.1:4200');
});
});

8
electron/window/dev-client-url.rules.ts Normal file
View File

@@ -0,0 +1,8 @@
export const DEV_CLIENT_HOST = '127.0.0.1';
export const DEV_CLIENT_PORT = 4200;
export function resolveDevelopmentClientUrl(sslEnabled: boolean): string {
const scheme = sslEnabled ? 'https' : 'http';
return `${scheme}://${DEV_CLIENT_HOST}:${DEV_CLIENT_PORT}`;
}

17
eslint.config.js
View File

@@ -59,21 +59,8 @@ module.exports = tseslint.config(
'ClassBody.body > PropertyDefinition[decorators.length > 0] > .key'
], SwitchCase:1 }],
'@stylistic/ts/member-delimiter-style': ['error',{ multiline:{ delimiter:'semi', requireLast:true }, singleline:{ delimiter:'semi', requireLast:false } }],
'@typescript-eslint/member-ordering': ['error',{ default:[
'signature','call-signature',
'public-static-field','protected-static-field','private-static-field','#private-static-field',
'public-decorated-field','protected-decorated-field','private-decorated-field',
'public-instance-field','protected-instance-field','private-instance-field','#private-instance-field',
'public-abstract-field','protected-abstract-field',
'public-field','protected-field','private-field','#private-field',
'static-field','instance-field','abstract-field','decorated-field','field','static-initialization',
'public-constructor','protected-constructor','private-constructor','constructor',
'public-static-method','protected-static-method','private-static-method','#private-static-method',
'public-decorated-method','protected-decorated-method','private-decorated-method',
'public-instance-method','protected-instance-method','private-instance-method','#private-instance-method',
'public-abstract-method','protected-abstract-method','public-method','protected-method','private-method','#private-method',
'static-method','instance-method','abstract-method','decorated-method','method'
] }],
// Disabled: bulk member reordering breaks Angular inject()/field init order (TS2729).
'@typescript-eslint/member-ordering': 'off',
'@typescript-eslint/no-empty-function': 'off',
'@typescript-eslint/no-empty-interface': 'error',
'@typescript-eslint/no-explicit-any': 'error',

BIN
images/icon-new-rounded.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 808 KiB

547
package-lock.json generated
View File

@@ -93,10 +93,12 @@
"eslint-config-prettier": "^10.1.8",
"eslint-plugin-import-newlines": "^1.4.1",
"eslint-plugin-prettier": "^5.5.5",
"fake-indexeddb": "^6.2.5",
"glob": "^10.5.0",
"pkg": "^5.8.1",
"postcss": "^8.5.6",
"prettier": "^3.8.1",
"sharp": "^0.34.4",
"tailwindcss": "^3.4.19",
"typescript": "~5.9.2",
"typescript-eslint": "8.50.1",
@@ -5601,6 +5603,496 @@
"mlly": "^1.8.0"
}
},
"node_modules/@img/colour": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/@img/colour/-/colour-1.1.0.tgz",
"integrity": "sha512-Td76q7j57o/tLVdgS746cYARfSyxk8iEfRxewL9h4OMzYhbW4TAcppl0mT4eyqXddh6L/jwoM75mo7ixa/pCeQ==",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=18"
}
},
"node_modules/@img/sharp-darwin-arm64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-darwin-arm64/-/sharp-darwin-arm64-0.34.5.tgz",
"integrity": "sha512-imtQ3WMJXbMY4fxb/Ndp6HBTNVtWCUI0WdobyheGf5+ad6xX8VIDO8u2xE4qc/fr08CKG/7dDseFtn6M6g/r3w==",
"cpu": [
"arm64"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"darwin"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-darwin-arm64": "1.2.4"
}
},
"node_modules/@img/sharp-darwin-x64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-darwin-x64/-/sharp-darwin-x64-0.34.5.tgz",
"integrity": "sha512-YNEFAF/4KQ/PeW0N+r+aVVsoIY0/qxxikF2SWdp+NRkmMB7y9LBZAVqQ4yhGCm/H3H270OSykqmQMKLBhBJDEw==",
"cpu": [
"x64"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"darwin"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-darwin-x64": "1.2.4"
}
},
"node_modules/@img/sharp-libvips-darwin-arm64": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-arm64/-/sharp-libvips-darwin-arm64-1.2.4.tgz",
"integrity": "sha512-zqjjo7RatFfFoP0MkQ51jfuFZBnVE2pRiaydKJ1G/rHZvnsrHAOcQALIi9sA5co5xenQdTugCvtb1cuf78Vf4g==",
"cpu": [
"arm64"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"darwin"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-darwin-x64": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-x64/-/sharp-libvips-darwin-x64-1.2.4.tgz",
"integrity": "sha512-1IOd5xfVhlGwX+zXv2N93k0yMONvUlANylbJw1eTah8K/Jtpi15KC+WSiaX/nBmbm2HxRM1gZ0nSdjSsrZbGKg==",
"cpu": [
"x64"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"darwin"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-linux-arm": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm/-/sharp-libvips-linux-arm-1.2.4.tgz",
"integrity": "sha512-bFI7xcKFELdiNCVov8e44Ia4u2byA+l3XtsAj+Q8tfCwO6BQ8iDojYdvoPMqsKDkuoOo+X6HZA0s0q11ANMQ8A==",
"cpu": [
"arm"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"linux"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-linux-arm64": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm64/-/sharp-libvips-linux-arm64-1.2.4.tgz",
"integrity": "sha512-excjX8DfsIcJ10x1Kzr4RcWe1edC9PquDRRPx3YVCvQv+U5p7Yin2s32ftzikXojb1PIFc/9Mt28/y+iRklkrw==",
"cpu": [
"arm64"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"linux"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-linux-ppc64": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-ppc64/-/sharp-libvips-linux-ppc64-1.2.4.tgz",
"integrity": "sha512-FMuvGijLDYG6lW+b/UvyilUWu5Ayu+3r2d1S8notiGCIyYU/76eig1UfMmkZ7vwgOrzKzlQbFSuQfgm7GYUPpA==",
"cpu": [
"ppc64"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"linux"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-linux-riscv64": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-riscv64/-/sharp-libvips-linux-riscv64-1.2.4.tgz",
"integrity": "sha512-oVDbcR4zUC0ce82teubSm+x6ETixtKZBh/qbREIOcI3cULzDyb18Sr/Wcyx7NRQeQzOiHTNbZFF1UwPS2scyGA==",
"cpu": [
"riscv64"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"linux"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-linux-s390x": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-s390x/-/sharp-libvips-linux-s390x-1.2.4.tgz",
"integrity": "sha512-qmp9VrzgPgMoGZyPvrQHqk02uyjA0/QrTO26Tqk6l4ZV0MPWIW6LTkqOIov+J1yEu7MbFQaDpwdwJKhbJvuRxQ==",
"cpu": [
"s390x"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"linux"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-linux-x64": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-x64/-/sharp-libvips-linux-x64-1.2.4.tgz",
"integrity": "sha512-tJxiiLsmHc9Ax1bz3oaOYBURTXGIRDODBqhveVHonrHJ9/+k89qbLl0bcJns+e4t4rvaNBxaEZsFtSfAdquPrw==",
"cpu": [
"x64"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"linux"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-linuxmusl-arm64": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linuxmusl-arm64/-/sharp-libvips-linuxmusl-arm64-1.2.4.tgz",
"integrity": "sha512-FVQHuwx1IIuNow9QAbYUzJ+En8KcVm9Lk5+uGUQJHaZmMECZmOlix9HnH7n1TRkXMS0pGxIJokIVB9SuqZGGXw==",
"cpu": [
"arm64"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"linux"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-libvips-linuxmusl-x64": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linuxmusl-x64/-/sharp-libvips-linuxmusl-x64-1.2.4.tgz",
"integrity": "sha512-+LpyBk7L44ZIXwz/VYfglaX/okxezESc6UxDSoyo2Ks6Jxc4Y7sGjpgU9s4PMgqgjj1gZCylTieNamqA1MF7Dg==",
"cpu": [
"x64"
],
"dev": true,
"license": "LGPL-3.0-or-later",
"optional": true,
"os": [
"linux"
],
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-linux-arm": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-linux-arm/-/sharp-linux-arm-0.34.5.tgz",
"integrity": "sha512-9dLqsvwtg1uuXBGZKsxem9595+ujv0sJ6Vi8wcTANSFpwV/GONat5eCkzQo/1O6zRIkh0m/8+5BjrRr7jDUSZw==",
"cpu": [
"arm"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-linux-arm": "1.2.4"
}
},
"node_modules/@img/sharp-linux-arm64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-linux-arm64/-/sharp-linux-arm64-0.34.5.tgz",
"integrity": "sha512-bKQzaJRY/bkPOXyKx5EVup7qkaojECG6NLYswgktOZjaXecSAeCWiZwwiFf3/Y+O1HrauiE3FVsGxFg8c24rZg==",
"cpu": [
"arm64"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-linux-arm64": "1.2.4"
}
},
"node_modules/@img/sharp-linux-ppc64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-linux-ppc64/-/sharp-linux-ppc64-0.34.5.tgz",
"integrity": "sha512-7zznwNaqW6YtsfrGGDA6BRkISKAAE1Jo0QdpNYXNMHu2+0dTrPflTLNkpc8l7MUP5M16ZJcUvysVWWrMefZquA==",
"cpu": [
"ppc64"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-linux-ppc64": "1.2.4"
}
},
"node_modules/@img/sharp-linux-riscv64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-linux-riscv64/-/sharp-linux-riscv64-0.34.5.tgz",
"integrity": "sha512-51gJuLPTKa7piYPaVs8GmByo7/U7/7TZOq+cnXJIHZKavIRHAP77e3N2HEl3dgiqdD/w0yUfiJnII77PuDDFdw==",
"cpu": [
"riscv64"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-linux-riscv64": "1.2.4"
}
},
"node_modules/@img/sharp-linux-s390x": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-linux-s390x/-/sharp-linux-s390x-0.34.5.tgz",
"integrity": "sha512-nQtCk0PdKfho3eC5MrbQoigJ2gd1CgddUMkabUj+rBevs8tZ2cULOx46E7oyX+04WGfABgIwmMC0VqieTiR4jg==",
"cpu": [
"s390x"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-linux-s390x": "1.2.4"
}
},
"node_modules/@img/sharp-linux-x64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-linux-x64/-/sharp-linux-x64-0.34.5.tgz",
"integrity": "sha512-MEzd8HPKxVxVenwAa+JRPwEC7QFjoPWuS5NZnBt6B3pu7EG2Ge0id1oLHZpPJdn3OQK+BQDiw9zStiHBTJQQQQ==",
"cpu": [
"x64"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-linux-x64": "1.2.4"
}
},
"node_modules/@img/sharp-linuxmusl-arm64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-linuxmusl-arm64/-/sharp-linuxmusl-arm64-0.34.5.tgz",
"integrity": "sha512-fprJR6GtRsMt6Kyfq44IsChVZeGN97gTD331weR1ex1c1rypDEABN6Tm2xa1wE6lYb5DdEnk03NZPqA7Id21yg==",
"cpu": [
"arm64"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-linuxmusl-arm64": "1.2.4"
}
},
"node_modules/@img/sharp-linuxmusl-x64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-linuxmusl-x64/-/sharp-linuxmusl-x64-0.34.5.tgz",
"integrity": "sha512-Jg8wNT1MUzIvhBFxViqrEhWDGzqymo3sV7z7ZsaWbZNDLXRJZoRGrjulp60YYtV4wfY8VIKcWidjojlLcWrd8Q==",
"cpu": [
"x64"
],
"dev": true,
"license": "Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-libvips-linuxmusl-x64": "1.2.4"
}
},
"node_modules/@img/sharp-wasm32": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-wasm32/-/sharp-wasm32-0.34.5.tgz",
"integrity": "sha512-OdWTEiVkY2PHwqkbBI8frFxQQFekHaSSkUIJkwzclWZe64O1X4UlUjqqqLaPbUpMOQk6FBu/HtlGXNblIs0huw==",
"cpu": [
"wasm32"
],
"dev": true,
"license": "Apache-2.0 AND LGPL-3.0-or-later AND MIT",
"optional": true,
"dependencies": {
"@emnapi/runtime": "^1.7.0"
},
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-win32-arm64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-win32-arm64/-/sharp-win32-arm64-0.34.5.tgz",
"integrity": "sha512-WQ3AgWCWYSb2yt+IG8mnC6Jdk9Whs7O0gxphblsLvdhSpSTtmu69ZG1Gkb6NuvxsNACwiPV6cNSZNzt0KPsw7g==",
"cpu": [
"arm64"
],
"dev": true,
"license": "Apache-2.0 AND LGPL-3.0-or-later",
"optional": true,
"os": [
"win32"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-win32-ia32": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-win32-ia32/-/sharp-win32-ia32-0.34.5.tgz",
"integrity": "sha512-FV9m/7NmeCmSHDD5j4+4pNI8Cp3aW+JvLoXcTUo0IqyjSfAZJ8dIUmijx1qaJsIiU+Hosw6xM5KijAWRJCSgNg==",
"cpu": [
"ia32"
],
"dev": true,
"license": "Apache-2.0 AND LGPL-3.0-or-later",
"optional": true,
"os": [
"win32"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@img/sharp-win32-x64": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.34.5.tgz",
"integrity": "sha512-+29YMsqY2/9eFEiW93eqWnuLcWcufowXewwSNIT6UwZdUUCrM3oFjMWH/Z6/TMmb4hlFenmfAVbpWeup2jryCw==",
"cpu": [
"x64"
],
"dev": true,
"license": "Apache-2.0 AND LGPL-3.0-or-later",
"optional": true,
"os": [
"win32"
],
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
}
},
"node_modules/@inquirer/ansi": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/@inquirer/ansi/-/ansi-1.0.2.tgz",
@@ -20431,6 +20923,16 @@
"license": "MIT",
"optional": true
},
"node_modules/fake-indexeddb": {
"version": "6.2.5",
"resolved": "https://registry.npmjs.org/fake-indexeddb/-/fake-indexeddb-6.2.5.tgz",
"integrity": "sha512-CGnyrvbhPlWYMngksqrSSUT1BAVP49dZocrHuK0SvtR0D5TMs5wP0o3j7jexDJW01KSadjBp1M/71o/KR3nD1w==",
"dev": true,
"license": "Apache-2.0",
"engines": {
"node": ">=18"
}
},
"node_modules/fast-deep-equal": {
"version": "3.1.3",
"resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
@@ -31827,6 +32329,51 @@
"node": ">=8"
}
},
"node_modules/sharp": {
"version": "0.34.5",
"resolved": "https://registry.npmjs.org/sharp/-/sharp-0.34.5.tgz",
"integrity": "sha512-Ou9I5Ft9WNcCbXrU9cMgPBcCK8LiwLqcbywW3t4oDV37n1pzpuNLsYiAV8eODnjbtQlSDwZ2cUEeQz4E54Hltg==",
"dev": true,
"hasInstallScript": true,
"license": "Apache-2.0",
"dependencies": {
"@img/colour": "^1.0.0",
"detect-libc": "^2.1.2",
"semver": "^7.7.3"
},
"engines": {
"node": "^18.17.0 || ^20.3.0 || >=21.0.0"
},
"funding": {
"url": "https://opencollective.com/libvips"
},
"optionalDependencies": {
"@img/sharp-darwin-arm64": "0.34.5",
"@img/sharp-darwin-x64": "0.34.5",
"@img/sharp-libvips-darwin-arm64": "1.2.4",
"@img/sharp-libvips-darwin-x64": "1.2.4",
"@img/sharp-libvips-linux-arm": "1.2.4",
"@img/sharp-libvips-linux-arm64": "1.2.4",
"@img/sharp-libvips-linux-ppc64": "1.2.4",
"@img/sharp-libvips-linux-riscv64": "1.2.4",
"@img/sharp-libvips-linux-s390x": "1.2.4",
"@img/sharp-libvips-linux-x64": "1.2.4",
"@img/sharp-libvips-linuxmusl-arm64": "1.2.4",
"@img/sharp-libvips-linuxmusl-x64": "1.2.4",
"@img/sharp-linux-arm": "0.34.5",
"@img/sharp-linux-arm64": "0.34.5",
"@img/sharp-linux-ppc64": "0.34.5",
"@img/sharp-linux-riscv64": "0.34.5",
"@img/sharp-linux-s390x": "0.34.5",
"@img/sharp-linux-x64": "0.34.5",
"@img/sharp-linuxmusl-arm64": "0.34.5",
"@img/sharp-linuxmusl-x64": "0.34.5",
"@img/sharp-wasm32": "0.34.5",
"@img/sharp-win32-arm64": "0.34.5",
"@img/sharp-win32-ia32": "0.34.5",
"@img/sharp-win32-x64": "0.34.5"
}
},
"node_modules/shebang-command": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz",

15
package.json
View File

@@ -23,7 +23,7 @@
"server:start": "cd server && npm start",
"server:dev": "cd server && npm run dev",
"electron": "npm run build && npm run build:electron && node tools/launch-electron.js . --no-sandbox --disable-dev-shm-usage",
"electron:dev": "concurrently \"npm run start\" \"wait-on http://localhost:4200 && npm run build:electron && cross-env NODE_ENV=development node tools/launch-electron.js . --no-sandbox --disable-dev-shm-usage\"",
"electron:dev": "concurrently \"npm run start\" \"wait-on http://127.0.0.1:4200 && npm run build:electron && cross-env NODE_ENV=development node tools/launch-electron.js . --no-sandbox --disable-dev-shm-usage\"",
"electron:full": "./dev.sh",
"electron:full:build": "npm run build:all && concurrently --kill-others \"cd server && npm start\" \"cross-env NODE_ENV=production node tools/launch-electron.js . --no-sandbox --disable-dev-shm-usage\"",
"migration:generate": "typeorm migration:generate electron/migrations/Auto -d dist/electron/data-source.js",
@@ -52,10 +52,13 @@
"server:bundle:win": "node tools/package-server-executable.js --target node18-win-x64 --output metoyou-server-win-x64.exe",
"sort:props": "node tools/sort-template-properties.js",
"i18n:sync": "node tools/sync-app-i18n-catalog.mjs",
"test:e2e": "cd e2e && npx playwright test",
"test:e2e:ui": "cd e2e && npx playwright test --ui",
"test:e2e:debug": "cd e2e && npx playwright test --debug",
"test:e2e:report": "cd e2e && npx playwright show-report ../test-results/html-report",
"test:e2e": "node e2e/run-playwright.mjs test",
"test:e2e:ui": "node e2e/run-playwright.mjs test --ui",
"test:e2e:debug": "node e2e/run-playwright.mjs test --debug",
"test:e2e:report": "node e2e/run-playwright.mjs show-report ../test-results/html-report",
"perf:diag:view": "node tools/perf-diag-viewer.js",
"perf:diag:tail": "node tools/perf-diag-viewer.js --tail",
"cap:assets:android": "node tools/generate-android-app-icons.mjs",
"cap:sync": "cd toju-app && npx cap sync",
"cap:open:android": "node tools/cap-open-android.js",
"cap:open:ios": "cd toju-app && npx cap open ios",
@@ -151,10 +154,12 @@
"eslint-config-prettier": "^10.1.8",
"eslint-plugin-import-newlines": "^1.4.1",
"eslint-plugin-prettier": "^5.5.5",
"fake-indexeddb": "^6.2.5",
"glob": "^10.5.0",
"pkg": "^5.8.1",
"postcss": "^8.5.6",
"prettier": "^3.8.1",
"sharp": "^0.34.4",
"tailwindcss": "^3.4.19",
"typescript": "~5.9.2",
"typescript-eslint": "8.50.1",

5
server/CONTEXT.md
View File

@@ -21,7 +21,9 @@ Owns the shared, internet-reachable runtime: HTTP routes for server directory /
| **Server directory** | The catalog of joinable chat servers, exposed by `src/routes/servers.ts` plus invite and join-request routes. | "guild list" |
| **SSRF guard** | The outbound-fetch policy enforced by `src/routes/ssrf-guard.ts` — gates link-metadata and proxy routes that fetch user-supplied URLs. | "proxy filter" |
| **Variables file** | `data/variables.json` — runtime config (klipy key, server host/protocol, release manifest URL, link-preview toggle) normalized on startup. | "config", ".env" (those are separate) |
| **Session token** | Opaque bearer token issued on login/register, stored in `session_tokens`, required on mutating REST routes and WebSocket `identify`. | "API key", "JWT" |
| **Session token** | Opaque bearer token issued on login/register, stored in `session_tokens`, required on mutating REST routes and WebSocket `identify`. Multiple valid tokens may exist per user (multi-device login). | "API key", "JWT" |
| **Client instance id** | Opaque per-install string on WebSocket `identify` and `voice_state`; used to distinguish connections for the same `oderId` and to track which connection owns active voice. | "device id" |
| **Voice-active connection** | WebSocket connection for a user with `voiceActive=true` after a connected `voice_state`; preferred target for RTC relay. | "voice owner socket" |
## Relationships
@@ -46,6 +48,7 @@ Owns the shared, internet-reachable runtime: HTTP routes for server directory /
- Every database schema change ships as a TypeORM **migration**; the live database is never mutated outside the migration system.
- WebSocket **Envelope** types are defined once in `src/websocket/types.ts` and **must** stay structurally compatible with `toju-app/src/app/shared-kernel/signaling-contracts.ts` — drift between the two is a wire-protocol break.
- WebSocket messages from a single connection are processed **strictly in arrival order** (`handleWebSocketMessage` chains them per connection id). Concurrent handling lets a `join_server` overtake a still-awaiting `identify` and silently drop room membership.
- User-supplied URLs are **never** fetched without going through `ssrf-guard.ts`.
- Secrets (klipy API key, OAuth tokens, signing keys) live in `data/variables.json` or environment variables — never in code, never in logs.

2
server/src/app.ts
View File

@@ -41,7 +41,7 @@ function buildCorsOptions() {
export function createApp(): express.Express {
const app = express();
// Trust loopback proxies only avoids express-rate-limit ERR_ERL_PERMISSIVE_TRUST_PROXY.
// Trust loopback proxies only - avoids express-rate-limit ERR_ERL_PERMISSIVE_TRUST_PROXY.
app.set('trust proxy', 'loopback');
app.use(cors(buildCorsOptions()));
app.use(express.json());

30
server/src/routes/user-registration.rules.spec.ts Normal file
View File

@@ -0,0 +1,30 @@
import {
describe,
it,
expect
} from 'vitest';
import { isDuplicateUsernameError } from './user-registration.rules';
describe('user-registration.rules', () => {
it('detects sqlite unique constraint failures on username', () => {
expect(isDuplicateUsernameError({
message: 'UNIQUE constraint failed: users.username'
})).toBe(true);
});
it('detects typeorm query failed errors with username constraint text', () => {
expect(isDuplicateUsernameError({
name: 'QueryFailedError',
message: 'SQLITE_CONSTRAINT: UNIQUE constraint failed: users.username'
})).toBe(true);
});
it('ignores unrelated database errors', () => {
expect(isDuplicateUsernameError({
message: 'UNIQUE constraint failed: servers.id'
})).toBe(false);
expect(isDuplicateUsernameError(new Error('connection lost'))).toBe(false);
expect(isDuplicateUsernameError(null)).toBe(false);
});
});

11
server/src/routes/user-registration.rules.ts Normal file
View File

@@ -0,0 +1,11 @@
export function isDuplicateUsernameError(error: unknown): boolean {
if (!error || typeof error !== 'object') {
return false;
}
const message = 'message' in error && typeof error.message === 'string'
? error.message
: '';
return message.includes('UNIQUE constraint failed: users.username');
}

12
server/src/routes/users.ts
View File

@@ -10,6 +10,7 @@ import {
import { hashPasswordForStorage, verifyPassword } from '../services/password-auth.service';
import { issueSessionToken, revokeSessionToken } from '../services/session-auth.service';
import { getAuthenticatedUserId, requireAuth } from '../middleware/require-auth';
import { isDuplicateUsernameError } from './user-registration.rules';
const router = Router();
@@ -46,7 +47,16 @@ router.post('/register', async (req, res) => {
createdAt: Date.now()
};
await registerUser(user);
try {
await registerUser(user);
} catch (error) {
if (isDuplicateUsernameError(error)) {
return res.status(409).json({ error: 'Username taken' });
}
throw error;
}
const session = await issueSessionToken(user.id);
res.status(201).json(buildAuthResponse(user, session.token, session.expiresAt));

39
server/src/services/session-auth.service.spec.ts Normal file
View File

@@ -0,0 +1,39 @@
import {
afterEach,
describe,
expect,
it
} from 'vitest';
import { getSessionTokenTtlMs } from './session-auth.service';
const TEN_YEARS_MS = 10 * 365 * 24 * 60 * 60 * 1000;
describe('session-auth.service', () => {
const originalTtl = process.env.SESSION_TOKEN_TTL_MS;
afterEach(() => {
if (originalTtl === undefined) {
delete process.env.SESSION_TOKEN_TTL_MS;
} else {
process.env.SESSION_TOKEN_TTL_MS = originalTtl;
}
});
it('defaults session tokens to a very long lifetime', () => {
delete process.env.SESSION_TOKEN_TTL_MS;
expect(getSessionTokenTtlMs()).toBe(TEN_YEARS_MS);
});
it('honors SESSION_TOKEN_TTL_MS when configured', () => {
process.env.SESSION_TOKEN_TTL_MS = '3600000';
expect(getSessionTokenTtlMs()).toBe(3_600_000);
});
it('falls back to the default when SESSION_TOKEN_TTL_MS is invalid', () => {
process.env.SESSION_TOKEN_TTL_MS = 'not-a-number';
expect(getSessionTokenTtlMs()).toBe(TEN_YEARS_MS);
});
});

2
server/src/services/session-auth.service.ts
View File

@@ -4,7 +4,7 @@ import { SessionTokenEntity } from '../entities/SessionTokenEntity';
import { getUserById } from '../cqrs';
import type { AuthUserPayload } from '../cqrs/types';
const DEFAULT_TOKEN_TTL_MS = 24 * 60 * 60 * 1000;
const DEFAULT_TOKEN_TTL_MS = 10 * 365 * 24 * 60 * 60 * 1000;
export interface IssuedSessionToken {
token: string;

108
server/src/websocket/broadcast.spec.ts Normal file
View File

@@ -0,0 +1,108 @@
import {
beforeEach,
describe,
expect,
it
} from 'vitest';
import { WebSocket } from 'ws';
import { connectedUsers } from './state';
import { ConnectedUser } from './types';
import {
broadcastToServer,
findUserByOderId,
findVoiceActiveConnection
} from './broadcast';
function createMockWs(): WebSocket & { sentMessages: string[] } {
const sent: string[] = [];
const ws = {
readyState: WebSocket.OPEN,
send: (data: string) => { sent.push(data); },
close: () => {},
sentMessages: sent
} as unknown as WebSocket & { sentMessages: string[] };
return ws;
}
function createConnectedUser(
connectionId: string,
oderId: string,
overrides: Partial<ConnectedUser> = {}
): ConnectedUser {
const user: ConnectedUser = {
oderId,
ws: createMockWs(),
authenticated: true,
serverIds: new Set(['server-1']),
displayName: 'Test User',
lastPong: Date.now(),
...overrides
};
connectedUsers.set(connectionId, user);
return user;
}
describe('broadcastToServer', () => {
beforeEach(() => {
connectedUsers.clear();
});
it('delivers chat_message to every connection in the server except the sender connection', () => {
createConnectedUser('conn-a1', 'user-1');
const connA2 = createConnectedUser('conn-a2', 'user-1');
const connB = createConnectedUser('conn-b', 'user-2');
broadcastToServer('server-1', { type: 'chat_message', text: 'hello' }, {
excludeConnectionId: 'conn-a1'
});
expect((connA2.ws as WebSocket & { sentMessages: string[] }).sentMessages).toHaveLength(1);
expect((connB.ws as WebSocket & { sentMessages: string[] }).sentMessages).toHaveLength(1);
expect(connectedUsers.get('conn-a1')?.ws).toBeDefined();
const connA1Passive = connectedUsers.get('conn-a1')?.ws as WebSocket & { sentMessages: string[] } | undefined;
expect(connA1Passive?.sentMessages).toHaveLength(0);
});
it('excludes every connection for an identity when excludeIdentityOderId is set', () => {
const connA1 = createConnectedUser('conn-a1', 'user-1');
const connA2 = createConnectedUser('conn-a2', 'user-1');
const connB = createConnectedUser('conn-b', 'user-2');
broadcastToServer('server-1', { type: 'user_left', oderId: 'user-1' }, {
excludeIdentityOderId: 'user-1'
});
expect((connA1.ws as WebSocket & { sentMessages: string[] }).sentMessages).toHaveLength(0);
expect((connA2.ws as WebSocket & { sentMessages: string[] }).sentMessages).toHaveLength(0);
expect((connB.ws as WebSocket & { sentMessages: string[] }).sentMessages).toHaveLength(1);
});
});
describe('findVoiceActiveConnection', () => {
beforeEach(() => {
connectedUsers.clear();
});
it('returns the connection marked voiceActive for the user', () => {
createConnectedUser('conn-passive', 'user-1', { voiceActive: false });
const active = createConnectedUser('conn-active', 'user-1', { voiceActive: true });
expect(findVoiceActiveConnection('user-1')).toBe(active);
});
it('returns undefined when no voiceActive connection exists', () => {
createConnectedUser('conn-1', 'user-1');
expect(findVoiceActiveConnection('user-1')).toBeUndefined();
});
it('findUserByOderId falls back to any open connection when no voiceActive connection exists', () => {
const fallback = createConnectedUser('conn-1', 'user-1');
expect(findUserByOderId('user-1')).toBe(fallback);
});
});

74
server/src/websocket/broadcast.ts
View File

@@ -7,19 +7,35 @@ interface WsMessage {
type: string;
}
export function broadcastToServer(serverId: string, message: WsMessage, excludeOderId?: string): void {
console.log(`Broadcasting to server ${serverId}, excluding ${excludeOderId}:`, message.type);
export interface BroadcastOptions {
/** Skip only the sending WebSocket connection. */
excludeConnectionId?: string;
/** Skip every open connection for this identity (presence events). */
excludeIdentityOderId?: string;
}
// Deduplicate by oderId so users with multiple connections (e.g. from
// different signal URLs routing to the same server) receive the
// broadcast only once.
const sentToOderIds = new Set<string>();
export function broadcastToServer(serverId: string, message: WsMessage, options?: BroadcastOptions): void {
console.log(
`Broadcasting to server ${serverId}, excluding connection ${options?.excludeConnectionId ?? 'none'} ` +
`identity ${options?.excludeIdentityOderId ?? 'none'}:`,
message.type
);
connectedUsers.forEach((user) => {
if (user.serverIds.has(serverId) && user.oderId !== excludeOderId && !sentToOderIds.has(user.oderId)) {
sentToOderIds.add(user.oderId);
console.log(` -> Sending to ${user.displayName} (${user.oderId})`);
connectedUsers.forEach((user, connectionId) => {
if (
!user.serverIds.has(serverId)
|| connectionId === options?.excludeConnectionId
|| (options?.excludeIdentityOderId && user.oderId === options.excludeIdentityOderId)
|| user.ws.readyState !== WebSocket.OPEN
) {
return;
}
try {
console.log(` -> Sending to ${user.displayName} (${user.oderId}) via ${connectionId}`);
user.ws.send(JSON.stringify(message));
} catch (error) {
console.warn(`Failed to broadcast ${message.type} to ${user.displayName ?? 'Unknown'} (${user.oderId})`, error);
}
});
}
@@ -77,7 +93,45 @@ export function notifyUser(oderId: string, message: WsMessage): void {
}
}
export function notifyOtherConnectionsForOderId(
oderId: string,
message: WsMessage,
excludeConnectionId?: string
): void {
connectedUsers.forEach((user, connectionId) => {
if (
connectionId === excludeConnectionId
|| user.oderId !== oderId
|| user.ws.readyState !== WebSocket.OPEN
) {
return;
}
try {
user.ws.send(JSON.stringify(message));
} catch (error) {
console.warn(`Failed to notify ${user.displayName ?? 'Unknown'} (${user.oderId})`, error);
}
});
}
export function findUserByOderId(oderId: string) {
return findVoiceActiveConnection(oderId) ?? findAnyConnectionForOderId(oderId);
}
export function findVoiceActiveConnection(oderId: string): ConnectedUser | undefined {
let voiceActiveMatch: ConnectedUser | undefined;
connectedUsers.forEach((user) => {
if (user.oderId === oderId && user.voiceActive && user.ws.readyState === WebSocket.OPEN) {
voiceActiveMatch = user;
}
});
return voiceActiveMatch;
}
export function findAnyConnectionForOderId(oderId: string): ConnectedUser | undefined {
let match: ConnectedUser | undefined;
connectedUsers.forEach((user) => {

271
server/src/websocket/handler-multi-client.spec.ts Normal file
View File

@@ -0,0 +1,271 @@
import {
beforeEach,
describe,
expect,
it,
vi
} from 'vitest';
import { WebSocket } from 'ws';
import { connectedUsers } from './state';
import { ConnectedUser } from './types';
import { handleWebSocketMessage } from './handler';
vi.mock('../services/server-access.service', () => ({
authorizeWebSocketJoin: vi.fn(async () => ({ allowed: true as const })),
findServerMembership: vi.fn(async () => ({ id: 'membership-1' })),
usersShareServerMembership: vi.fn(async () => true)
}));
vi.mock('../services/session-auth.service', () => ({
consumeSessionToken: vi.fn(async (token: string) => {
if (token !== 'test-token') {
return null;
}
return {
token,
user: {
id: 'user-1',
username: 'alice',
displayName: 'Alice',
passwordHash: 'hash',
createdAt: Date.now()
},
issuedAt: Date.now(),
expiresAt: Date.now() + 60_000
};
})
}));
vi.mock('../services/plugin-support.service', async (importOriginal) => {
const actual = await importOriginal<typeof import('../services/plugin-support.service')>();
return {
...actual,
getPluginRequirementsSnapshot: vi.fn(async () => ({
requirements: [],
eventDefinitions: []
}))
};
});
function createMockWs(): WebSocket & { sentMessages: string[]; closeCalled: boolean } {
const sent: string[] = [];
const ws = {
readyState: WebSocket.OPEN,
send: (data: string) => { sent.push(data); },
close: () => { ws.closeCalled = true; },
terminate: () => { ws.closeCalled = true; },
closeCalled: false,
sentMessages: sent
} as unknown as WebSocket & { sentMessages: string[]; closeCalled: boolean };
return ws;
}
function createConnectedUser(
connectionId: string,
overrides: Partial<ConnectedUser> = {}
): ConnectedUser {
const ws = createMockWs();
const user: ConnectedUser = {
oderId: connectionId,
ws,
authenticated: false,
serverIds: new Set(),
displayName: 'Alice',
lastPong: Date.now(),
...overrides
};
connectedUsers.set(connectionId, user);
return user;
}
function getSentMessages(user: ConnectedUser): string[] {
return (user.ws as WebSocket & { sentMessages: string[] }).sentMessages;
}
describe('server websocket handler - multi-client sessions', () => {
beforeEach(() => {
connectedUsers.clear();
vi.clearAllMocks();
});
it('relays voice_state to other connections for the same user', async () => {
createConnectedUser('conn-a1', {
authenticated: true,
oderId: 'user-1',
serverIds: new Set(['server-1']),
clientInstanceId: 'device-a'
});
const passive = createConnectedUser('conn-a2', {
authenticated: true,
oderId: 'user-1',
serverIds: new Set(['server-1']),
clientInstanceId: 'device-b'
});
getSentMessages(passive).length = 0;
await handleWebSocketMessage('conn-a1', {
type: 'voice_state',
serverId: 'server-1',
voiceState: {
isConnected: true,
roomId: 'voice-1',
serverId: 'server-1',
clientInstanceId: 'device-a'
}
});
const messages = getSentMessages(passive).map((raw) => JSON.parse(raw) as { type: string });
const voiceState = messages.find((message) => message.type === 'voice_state');
expect(voiceState).toBeDefined();
expect(connectedUsers.get('conn-a1')?.voiceActive).toBe(true);
expect(connectedUsers.get('conn-a2')?.voiceActive).toBeFalsy();
});
it('forwards RTC offers to the voice-active connection for the target user', async () => {
createConnectedUser('conn-sender', {
authenticated: true,
oderId: 'user-2',
serverIds: new Set(['server-1'])
});
createConnectedUser('conn-passive', {
authenticated: true,
oderId: 'user-1',
serverIds: new Set(['server-1']),
clientInstanceId: 'device-passive'
});
const active = createConnectedUser('conn-active', {
authenticated: true,
oderId: 'user-1',
serverIds: new Set(['server-1']),
voiceActive: true,
clientInstanceId: 'device-active'
});
getSentMessages(active).length = 0;
await handleWebSocketMessage('conn-sender', {
type: 'offer',
targetUserId: 'user-1',
serverId: 'server-1',
payload: { sdp: { type: 'offer', sdp: 'v=0' } }
});
const messages = getSentMessages(active).map((raw) => JSON.parse(raw) as { type: string });
expect(messages.some((message) => message.type === 'offer')).toBe(true);
});
it('relays voice_client_takeover to other connections for the same user', async () => {
createConnectedUser('conn-requester', {
authenticated: true,
oderId: 'user-1',
serverIds: new Set(['server-1']),
clientInstanceId: 'device-b'
});
const active = createConnectedUser('conn-active', {
authenticated: true,
oderId: 'user-1',
serverIds: new Set(['server-1']),
voiceActive: true,
clientInstanceId: 'device-a'
});
getSentMessages(active).length = 0;
await handleWebSocketMessage('conn-requester', {
type: 'voice_client_takeover',
clientInstanceId: 'device-b'
});
const messages = getSentMessages(active).map((raw) => JSON.parse(raw) as { type: string; clientInstanceId?: string });
const takeover = messages.find((message) => message.type === 'voice_client_takeover');
expect(takeover?.clientInstanceId).toBe('device-b');
});
it('evicts a stale connection with the same identity scope and client instance', async () => {
const stale = createConnectedUser('conn-stale', {
authenticated: true,
oderId: 'user-1',
connectionScope: 'ws://localhost:3001',
clientInstanceId: 'device-a'
});
createConnectedUser('conn-new', {
authenticated: false,
connectionScope: 'ws://localhost:3001',
clientInstanceId: 'device-a'
});
await handleWebSocketMessage('conn-new', {
type: 'identify',
token: 'test-token',
oderId: 'user-1',
displayName: 'Alice',
connectionScope: 'ws://localhost:3001',
clientInstanceId: 'device-a'
});
expect(connectedUsers.has('conn-stale')).toBe(false);
expect((stale.ws as WebSocket & { closeCalled: boolean }).closeCalled).toBe(true);
expect(connectedUsers.get('conn-new')?.authenticated).toBe(true);
});
it('relays account_sync payloads to other connections for the same user', async () => {
createConnectedUser('conn-a1', {
authenticated: true,
oderId: 'user-1',
serverIds: new Set(['server-1']),
clientInstanceId: 'device-a'
});
const receiver = createConnectedUser('conn-a2', {
authenticated: true,
oderId: 'user-1',
serverIds: new Set(['server-1']),
clientInstanceId: 'device-b'
});
getSentMessages(receiver).length = 0;
await handleWebSocketMessage('conn-a1', {
type: 'account_sync',
clientInstanceId: 'device-a',
payload: {
type: 'friend-added',
userId: 'friend-1',
addedAt: 123
}
});
const messages = getSentMessages(receiver).map((raw) => JSON.parse(raw) as {
type: string;
payload?: { type: string; userId?: string };
clientInstanceId?: string;
fromUserId?: string;
});
const relay = messages.find((message) => message.type === 'account_sync');
expect(relay).toEqual({
type: 'account_sync',
clientInstanceId: 'device-a',
fromUserId: 'user-1',
payload: {
type: 'friend-added',
userId: 'friend-1',
addedAt: 123
}
});
});
});

146
server/src/websocket/handler-ordering.spec.ts Normal file
View File

@@ -0,0 +1,146 @@
import {
describe,
it,
expect,
beforeEach,
vi
} from 'vitest';
import { WebSocket } from 'ws';
import { connectedUsers } from './state';
import { ConnectedUser } from './types';
import { handleWebSocketMessage } from './handler';
vi.mock('../services/server-access.service', () => ({
authorizeWebSocketJoin: vi.fn(async () => ({ allowed: true as const })),
findServerMembership: vi.fn(async () => ({ id: 'membership-1' })),
usersShareServerMembership: vi.fn(async () => false)
}));
vi.mock('../services/session-auth.service', () => ({
// Resolve on a macrotask so an unserialized handler would interleave the
// next message before identify completes - mirrors a real DB lookup.
consumeSessionToken: vi.fn(async (token: string) => {
await new Promise((resolve) => setTimeout(resolve, 0));
if (token !== 'valid-token') {
return null;
}
return {
token,
user: {
id: 'user-1',
username: 'alice',
displayName: 'Alice',
passwordHash: 'hash',
createdAt: Date.now()
},
issuedAt: Date.now(),
expiresAt: Date.now() + 60_000
};
})
}));
vi.mock('../services/plugin-support.service', () => ({
getPluginRequirementsSnapshot: vi.fn(async () => ({ plugins: [] })),
PluginSupportError: class PluginSupportError extends Error {
code = 'TEST';
},
validatePluginEventEnvelope: vi.fn(async () => undefined)
}));
function createMockWs(): WebSocket & { sentMessages: string[] } {
const sent: string[] = [];
const ws = {
readyState: WebSocket.OPEN,
send: (data: string) => { sent.push(data); },
close: () => {},
sentMessages: sent
} as unknown as WebSocket & { sentMessages: string[] };
return ws;
}
function createConnectedUser(connectionId: string): ConnectedUser {
const ws = createMockWs();
const user: ConnectedUser = {
oderId: connectionId,
ws,
authenticated: false,
serverIds: new Set(),
displayName: 'Test User',
lastPong: Date.now()
};
connectedUsers.set(connectionId, user);
return user;
}
function getSentMessages(user: ConnectedUser | undefined): { type: string }[] {
const sentMessages = (user?.ws as WebSocket & { sentMessages: string[] }).sentMessages;
return sentMessages.map((raw) => JSON.parse(raw) as { type: string });
}
describe('server websocket handler - per-connection message ordering', () => {
beforeEach(() => {
connectedUsers.clear();
vi.clearAllMocks();
});
it('processes join_server after a still-running identify instead of dropping it', async () => {
createConnectedUser('conn-1');
// Both messages arrive in the same tick (one TCP segment); the handler
// must not evaluate join_server while identify is still awaiting auth.
const identifyPromise = handleWebSocketMessage('conn-1', {
type: 'identify',
token: 'valid-token',
oderId: 'user-1',
displayName: 'Alice'
});
const joinPromise = handleWebSocketMessage('conn-1', {
type: 'join_server',
serverId: 'server-1'
});
await Promise.all([identifyPromise, joinPromise]);
const user = connectedUsers.get('conn-1');
expect(user?.authenticated).toBe(true);
expect(user?.serverIds.has('server-1')).toBe(true);
const authRequired = getSentMessages(user).find((message) => message.type === 'auth_required');
expect(authRequired).toBeUndefined();
});
it('keeps processing queued messages after a handler error', async () => {
createConnectedUser('conn-1');
const badIdentify = handleWebSocketMessage('conn-1', {
type: 'identify',
token: 'valid-token',
oderId: 'user-1',
displayName: 'Alice'
});
// Unknown types are logged and ignored - must not wedge the queue.
const unknown = handleWebSocketMessage('conn-1', { type: 'not-a-real-type' });
const join = handleWebSocketMessage('conn-1', {
type: 'join_server',
serverId: 'server-1'
});
await Promise.all([
badIdentify,
unknown,
join
]);
const user = connectedUsers.get('conn-1');
expect(user?.serverIds.has('server-1')).toBe(true);
});
});

204
server/src/websocket/handler.ts
View File

@@ -5,7 +5,8 @@ import {
findUserByOderId,
getServerIdsForOderId,
getUniqueUsersInServer,
isOderIdConnectedToServer
isOderIdConnectedToServer,
notifyOtherConnectionsForOderId
} from './broadcast';
import {
authorizeWebSocketJoin,
@@ -72,6 +73,74 @@ function buildPresenceUserPayload(user: ConnectedUser): {
};
}
function normalizeClientInstanceId(value: unknown): string | undefined {
if (typeof value !== 'string') {
return undefined;
}
const normalized = value.trim();
return normalized || undefined;
}
function readVoiceConnected(message: WsMessage): boolean {
const voiceState = message['voiceState'];
if (!voiceState || typeof voiceState !== 'object') {
return message['isConnected'] === true;
}
return (voiceState as { isConnected?: boolean }).isConnected === true;
}
function evictStaleClientInstanceConnections(
oderId: string,
connectionScope: string | undefined,
clientInstanceId: string | undefined,
keepConnectionId: string
): void {
if (!clientInstanceId) {
return;
}
connectedUsers.forEach((candidate, connectionId) => {
if (
connectionId === keepConnectionId
|| candidate.oderId !== oderId
|| candidate.connectionScope !== connectionScope
|| candidate.clientInstanceId !== clientInstanceId
) {
return;
}
try {
candidate.ws.close();
} catch {
console.warn(`Failed to close stale connection ${connectionId} for ${oderId}`);
}
connectedUsers.delete(connectionId);
});
}
function clearVoiceActiveForOderId(oderId: string, exceptConnectionId?: string): void {
connectedUsers.forEach((candidate, connectionId) => {
if (candidate.oderId !== oderId || connectionId === exceptConnectionId) {
return;
}
candidate.voiceActive = false;
connectedUsers.set(connectionId, candidate);
});
}
function sendVoiceStateSnapshotToConnection(user: ConnectedUser, snapshot: Record<string, unknown>): void {
user.ws.send(JSON.stringify({
type: 'voice_state',
...snapshot
}));
}
function readMessageId(value: unknown): string | undefined {
if (typeof value !== 'string') {
return undefined;
@@ -198,13 +267,17 @@ async function handleIdentify(user: ConnectedUser, message: WsMessage, connectio
const newOderId = session.user.id;
const newScope = typeof message['connectionScope'] === 'string' ? message['connectionScope'] : undefined;
const newClientInstanceId = normalizeClientInstanceId(message['clientInstanceId']);
const previousDisplayName = normalizeDisplayName(user.displayName);
const previousDescription = user.description;
const previousProfileUpdatedAt = user.profileUpdatedAt;
const previousHomeSignalServerUrl = user.homeSignalServerUrl;
evictStaleClientInstanceConnections(newOderId, newScope, newClientInstanceId, connectionId);
user.oderId = newOderId;
user.authenticated = true;
user.clientInstanceId = newClientInstanceId;
user.displayName = normalizeDisplayName(message['displayName'], normalizeDisplayName(user.displayName));
if (Object.prototype.hasOwnProperty.call(message, 'description')) {
@@ -223,6 +296,22 @@ async function handleIdentify(user: ConnectedUser, message: WsMessage, connectio
connectedUsers.set(connectionId, user);
console.log(`User identified: ${user.displayName} (${user.oderId})`);
notifyOtherConnectionsForOderId(newOderId, {
type: 'account_sync_peer_online',
clientInstanceId: newClientInstanceId
}, connectionId);
const voiceSnapshot = Array.from(connectedUsers.entries()).find(([otherConnectionId, otherUser]) =>
otherConnectionId !== connectionId
&& otherUser.oderId === newOderId
&& otherUser.voiceActive
&& otherUser.voiceStateSnapshot
)?.[1]?.voiceStateSnapshot;
if (voiceSnapshot) {
sendVoiceStateSnapshotToConnection(user, voiceSnapshot);
}
if (
user.displayName === previousDisplayName
&& user.description === previousDescription
@@ -240,7 +329,7 @@ async function handleIdentify(user: ConnectedUser, message: WsMessage, connectio
...buildPresenceUserPayload(user),
serverId
},
user.oderId
{ excludeConnectionId: connectionId }
);
}
}
@@ -287,7 +376,7 @@ async function handleJoinServer(user: ConnectedUser, message: WsMessage, connect
...buildPresenceUserPayload(user),
serverId: sid
},
user.oderId
{ excludeIdentityOderId: user.oderId }
);
}
}
@@ -338,7 +427,7 @@ function handleLeaveServer(user: ConnectedUser, message: WsMessage, connectionId
serverId: leaveSid,
serverIds: remainingServerIds
},
user.oderId
{ excludeIdentityOderId: user.oderId }
);
}
@@ -394,7 +483,7 @@ async function forwardRtcMessage(user: ConnectedUser, message: WsMessage): Promi
}
}
function handleChatMessage(user: ConnectedUser, message: WsMessage): void {
function handleChatMessage(user: ConnectedUser, message: WsMessage, connectionId: string): void {
const chatSid = (message['serverId'] as string | undefined) ?? user.viewedServerId;
if (chatSid && user.serverIds.has(chatSid)) {
@@ -404,18 +493,38 @@ function handleChatMessage(user: ConnectedUser, message: WsMessage): void {
message: message['message'],
senderId: user.oderId,
senderName: user.displayName,
clientInstanceId: user.clientInstanceId,
timestamp: Date.now()
});
}, { excludeConnectionId: connectionId });
}
}
function handleVoiceState(user: ConnectedUser, message: WsMessage): void {
function handleVoiceState(user: ConnectedUser, message: WsMessage, connectionId: string): void {
const serverId = readMessageId(message['serverId']) ?? user.viewedServerId;
if (!serverId || !user.serverIds.has(serverId)) {
return;
}
const isConnected = readVoiceConnected(message);
if (isConnected) {
clearVoiceActiveForOderId(user.oderId, connectionId);
user.voiceActive = true;
user.voiceStateSnapshot = {
...message,
type: 'voice_state',
serverId,
oderId: user.oderId,
displayName: normalizeDisplayName(user.displayName)
};
} else {
user.voiceActive = false;
user.voiceStateSnapshot = undefined;
}
connectedUsers.set(connectionId, user);
broadcastToServer(
serverId,
{
@@ -425,11 +534,34 @@ function handleVoiceState(user: ConnectedUser, message: WsMessage): void {
oderId: user.oderId,
displayName: normalizeDisplayName(user.displayName)
},
user.oderId
{ excludeConnectionId: connectionId }
);
}
function handleTyping(user: ConnectedUser, message: WsMessage): void {
function handleVoiceClientTakeover(user: ConnectedUser, message: WsMessage, connectionId: string): void {
notifyOtherConnectionsForOderId(user.oderId, {
type: 'voice_client_takeover',
clientInstanceId: normalizeClientInstanceId(message['clientInstanceId']) ?? user.clientInstanceId,
requestedByClientInstanceId: normalizeClientInstanceId(message['clientInstanceId']) ?? user.clientInstanceId
}, connectionId);
}
function handleAccountSync(user: ConnectedUser, message: WsMessage, connectionId: string): void {
const payload = message['payload'];
if (!payload || typeof payload !== 'object' || typeof (payload as { type?: unknown }).type !== 'string') {
return;
}
notifyOtherConnectionsForOderId(user.oderId, {
type: 'account_sync',
clientInstanceId: normalizeClientInstanceId(message['clientInstanceId']) ?? user.clientInstanceId,
fromUserId: user.oderId,
payload
}, connectionId);
}
function handleTyping(user: ConnectedUser, message: WsMessage, connectionId: string): void {
const typingSid = (message['serverId'] as string | undefined) ?? user.viewedServerId;
const channelId = typeof message['channelId'] === 'string' && message['channelId'].trim() ? message['channelId'].trim() : 'general';
const isTyping = message['isTyping'] !== false;
@@ -443,9 +575,10 @@ function handleTyping(user: ConnectedUser, message: WsMessage): void {
channelId,
isTyping,
oderId: user.oderId,
displayName: user.displayName
displayName: user.displayName,
clientInstanceId: user.clientInstanceId
},
user.oderId
{ excludeConnectionId: connectionId }
);
}
}
@@ -475,7 +608,7 @@ function handleStatusUpdate(user: ConnectedUser, message: WsMessage, connectionI
oderId: user.oderId,
status
},
user.oderId
{ excludeConnectionId: connectionId }
);
}
}
@@ -520,7 +653,7 @@ function handleServerIconSyncRequest(user: ConnectedUser, message: WsMessage): v
user.ws.send(JSON.stringify({ type: 'server_icon_sync_peers', serverId, users }));
}
async function handlePluginEvent(user: ConnectedUser, message: WsMessage): Promise<void> {
async function handlePluginEvent(user: ConnectedUser, message: WsMessage, connectionId: string): Promise<void> {
const serverId = readMessageId(message['serverId']) ?? user.viewedServerId;
const pluginId = readMessageId(message['pluginId']);
const eventName = readMessageId(message['eventName']);
@@ -565,14 +698,39 @@ async function handlePluginEvent(user: ConnectedUser, message: WsMessage): Promi
sourceUserId: user.oderId,
emittedAt: Date.now()
},
user.oderId
{ excludeConnectionId: connectionId }
);
} catch (error) {
sendPluginError(user, error, message);
}
}
export async function handleWebSocketMessage(connectionId: string, message: WsMessage): Promise<void> {
/**
* Tail of the in-flight message chain per connection.
*
* Messages from one client can arrive in the same tick (one TCP segment), but
* handlers like identify await async work. Without serialization a
* join_server can be evaluated while identify is still pending, get rejected
* as unauthenticated, and silently lose the room membership.
*/
const connectionMessageChains = new Map<string, Promise<void>>();
export function handleWebSocketMessage(connectionId: string, message: WsMessage): Promise<void> {
const prior = connectionMessageChains.get(connectionId) ?? Promise.resolve();
const current = prior.then(() => processWebSocketMessage(connectionId, message));
const tail = current.catch(() => undefined);
connectionMessageChains.set(connectionId, tail);
void tail.then(() => {
if (connectionMessageChains.get(connectionId) === tail) {
connectionMessageChains.delete(connectionId);
}
});
return current;
}
async function processWebSocketMessage(connectionId: string, message: WsMessage): Promise<void> {
const user = connectedUsers.get(connectionId);
if (!user)
@@ -623,15 +781,23 @@ export async function handleWebSocketMessage(connectionId: string, message: WsMe
break;
case 'chat_message':
handleChatMessage(user, message);
handleChatMessage(user, message, connectionId);
break;
case 'voice_state':
handleVoiceState(user, message);
handleVoiceState(user, message, connectionId);
break;
case 'voice_client_takeover':
handleVoiceClientTakeover(user, message, connectionId);
break;
case 'account_sync':
handleAccountSync(user, message, connectionId);
break;
case 'typing':
handleTyping(user, message);
handleTyping(user, message, connectionId);
break;
case 'status_update':
@@ -647,7 +813,7 @@ export async function handleWebSocketMessage(connectionId: string, message: WsMe
break;
case 'plugin_event':
await handlePluginEvent(user, message);
await handlePluginEvent(user, message, connectionId);
break;
default:

2
server/src/websocket/index.ts
View File

@@ -39,7 +39,7 @@ function removeDeadConnection(connectionId: string): void {
displayName: user.displayName,
serverId: sid,
serverIds: remainingServerIds
}, user.oderId);
}, { excludeIdentityOderId: user.oderId });
});
try {

6
server/src/websocket/types.ts
View File

@@ -22,6 +22,12 @@ export interface ConnectedUser {
status?: 'online' | 'away' | 'busy' | 'offline';
/** Latest server icon timestamp this connection can provide over P2P. */
serverIconUpdatedAtByServerId?: Map<string, number>;
/** Stable per-install client id sent by the product client. */
clientInstanceId?: string;
/** Whether this connection currently owns active voice/WebRTC for the user. */
voiceActive?: boolean;
/** Cached voice state snapshot used to bootstrap newly connected client instances. */
voiceStateSnapshot?: Record<string, unknown>;
/** Timestamp of the last pong or client message received (used to detect dead connections). */
lastPong: number;
}

2
toju-app/CONTEXT.md
View File

@@ -24,6 +24,8 @@ Owns the user-facing Angular 21 desktop chat experience: rendering and orchestra
| **Custom emoji** | User-created image emoji assets stored locally, synced peer-to-peer, and referenced from messages/reactions by stable `:emoji[id](name)` tokens. | "sticker", "emote" |
| **App locale** | The active UI language for the product client, resolved by `resolveAppLocale()` in `core/i18n/`; only `en` is shipped today. | "language", "i18n locale" |
| **Translation catalog** | JSON string tables under `public/i18n/catalog/*.json`, merged to `public/i18n/en.json` via `npm run i18n:sync`, loaded at startup by `AppI18nService`. | "locale file", "messages file" |
| **Client instance** | Stable per-tab UUID (`metoyou.clientInstanceId` in `sessionStorage`) sent on WebSocket `identify` and voice-state payloads so the signaling server can route multi-device sessions without evicting other tabs or synced profiles. | "device id", "session id" |
| **Voice owner connection** | The single client instance whose `clientInstanceId` matches the user's active `voiceState.clientInstanceId` and therefore owns mic/WebRTC for that identity. | "active voice client" |
## Relationships

BIN
toju-app/android/app/src/main/res/drawable-land-hdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 7.5 KiB

After

Width:  |  Height:  |  Size: 36 KiB

BIN
toju-app/android/app/src/main/res/drawable-land-mdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.9 KiB

After

Width:  |  Height:  |  Size: 18 KiB

BIN
toju-app/android/app/src/main/res/drawable-land-xhdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.0 KiB

After

Width:  |  Height:  |  Size: 80 KiB

BIN
toju-app/android/app/src/main/res/drawable-land-xxhdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 14 KiB

After

Width:  |  Height:  |  Size: 142 KiB

BIN
toju-app/android/app/src/main/res/drawable-land-xxxhdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 237 KiB

BIN
toju-app/android/app/src/main/res/drawable-port-hdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 7.7 KiB

After

Width:  |  Height:  |  Size: 36 KiB

BIN
toju-app/android/app/src/main/res/drawable-port-mdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.0 KiB

After

Width:  |  Height:  |  Size: 17 KiB

BIN
toju-app/android/app/src/main/res/drawable-port-xhdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.6 KiB

After

Width:  |  Height:  |  Size: 80 KiB

BIN
toju-app/android/app/src/main/res/drawable-port-xxhdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 13 KiB

After

Width:  |  Height:  |  Size: 137 KiB

BIN
toju-app/android/app/src/main/res/drawable-port-xxxhdpi/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 233 KiB

34
toju-app/android/app/src/main/res/drawable-v24/ic_launcher_foreground.xml
View File

@@ -1,34 +0,0 @@
<vector xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:aapt="http://schemas.android.com/aapt"
android:width="108dp"
android:height="108dp"
android:viewportHeight="108"
android:viewportWidth="108">
<path
android:fillType="evenOdd"
android:pathData="M32,64C32,64 38.39,52.99 44.13,50.95C51.37,48.37 70.14,49.57 70.14,49.57L108.26,87.69L108,109.01L75.97,107.97L32,64Z"
android:strokeColor="#00000000"
android:strokeWidth="1">
<aapt:attr name="android:fillColor">
<gradient
android:endX="78.5885"
android:endY="90.9159"
android:startX="48.7653"
android:startY="61.0927"
android:type="linear">
<item
android:color="#44000000"
android:offset="0.0" />
<item
android:color="#00000000"
android:offset="1.0" />
</gradient>
</aapt:attr>
</path>
<path
android:fillColor="#FFFFFF"
android:fillType="nonZero"
android:pathData="M66.94,46.02L66.94,46.02C72.44,50.07 76,56.61 76,64L32,64C32,56.61 35.56,50.11 40.98,46.06L36.18,41.19C35.45,40.45 35.45,39.3 36.18,38.56C36.91,37.81 38.05,37.81 38.78,38.56L44.25,44.05C47.18,42.57 50.48,41.71 54,41.71C57.48,41.71 60.78,42.57 63.68,44.05L69.11,38.56C69.84,37.81 70.98,37.81 71.71,38.56C72.44,39.3 72.44,40.45 71.71,41.19L66.94,46.02ZM62.94,56.92C64.08,56.92 65,56.01 65,54.88C65,53.76 64.08,52.85 62.94,52.85C61.8,52.85 60.88,53.76 60.88,54.88C60.88,56.01 61.8,56.92 62.94,56.92ZM45.06,56.92C46.2,56.92 47.13,56.01 47.13,54.88C47.13,53.76 46.2,52.85 45.06,52.85C43.92,52.85 43,53.76 43,54.88C43,56.01 43.92,56.92 45.06,56.92Z"
android:strokeColor="#00000000"
android:strokeWidth="1" />
</vector>

BIN
toju-app/android/app/src/main/res/drawable/splash.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.9 KiB

After

Width:  |  Height:  |  Size: 18 KiB

BIN
toju-app/android/app/src/main/res/mipmap-hdpi/ic_launcher.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.7 KiB

After

Width:  |  Height:  |  Size: 6.0 KiB

BIN
toju-app/android/app/src/main/res/mipmap-hdpi/ic_launcher_foreground.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.4 KiB

After

Width:  |  Height:  |  Size: 19 KiB

BIN
toju-app/android/app/src/main/res/mipmap-hdpi/ic_launcher_round.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.2 KiB

After

Width:  |  Height:  |  Size: 6.0 KiB

BIN
toju-app/android/app/src/main/res/mipmap-mdpi/ic_launcher.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.8 KiB

After

Width:  |  Height:  |  Size: 3.6 KiB

BIN
toju-app/android/app/src/main/res/mipmap-mdpi/ic_launcher_foreground.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.1 KiB

After

Width:  |  Height:  |  Size: 11 KiB

BIN
toju-app/android/app/src/main/res/mipmap-mdpi/ic_launcher_round.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.7 KiB

After

Width:  |  Height:  |  Size: 3.6 KiB

Some files were not shown because too many files have changed in this diff Show More