Sprint: pbi-55 (#156)

* ST-cmovs79lt: Schema + migratie PushSubscription model Voeg PushSubscription model toe aan prisma/schema.prisma met snake_case-conventie, relation field op User, en bijbehorende migratie (push_subscriptions tabel, FK + index op user_id). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs7e3o: web-push dependency + VAPID env vars feature-gated Voeg web-push + @types/web-push toe aan package.json. Registreer NEXT_PUBLIC_VAPID_PUBLIC_KEY, VAPID_PRIVATE_KEY, VAPID_SUBJECT en INTERNAL_PUSH_SECRET als .optional() in lib/env.ts. Documenteer alle vier in .env.example en README. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs7jgr: lib/push-server.ts met sendPushToUser + stale-cleanup Server-only push-lib met VAPID feature-gate, send naar alle subscriptions van een user, en automatische cleanup bij 404/410. Unit tests: success-pad, 410 verwijdert sub, 404 verwijdert sub, andere errors loggen zonder delete. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs7ouz: lib/push-client.ts client-side push helpers + stub actions/push.ts Client-side helpers: isPushSupported, isIOSSafari, isStandalonePWA, urlBase64ToUint8Array, subscribeToPush, unsubscribeFromPush. Stub actions/push.ts zodat imports resolven (implementatie volgt in volgende taak). Unit tests voor urlBase64ToUint8Array. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs7ut4: actions/push.ts subscribeToPushAction + unsubscribeFromPushAction Vervangt stub met volledige implementatie: requireUser via getSession, demo-block, Zod-validatie, upsert met user_id-scoping en user-scoped deleteMany. Tests (8): idempotentie, demo-block, unauthenticated, invalid input. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs80c1: POST /api/internal/push/send met constant-time Bearer check Route: 503 als INTERNAL_PUSH_SECRET uitstaat, 401 bij verkeerd secret (timingSafeEqual), 400 bij invalid JSON, 422 bij Zod-fout, 204 bij succes. push-server.ts: env-import vervangen door process.env om SESSION_SECRET validatie tijdens build te omzeilen. Tests aangepast. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs862j: Admin test-send route + public/sw.js service worker POST /api/internal/push/test-send: requireAdmin check (redirect bij niet-admin), optioneel body met defaults, roept sendPushToUser aan, 204. public/sw.js: push-handler met showNotification, notificationclick met same-origin guard, focus bestaand venster of openWindow. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs8jvq: PushToggle component met 3 states + iOS-banner Client component met states loading/unsupported/ios-needs-install/ denied/subscribed/unsubscribed. useEffect detecteert initial status, permission-prompt alleen via user-click. iOS-banner NL, denied-uitleg, subscribe/unsubscribe knoppen met sonner-toasts. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs8psg: notifications-sheet + iOS meta-tags in layout notifications-sheet.tsx: PushToggle onderin met sectie 'Notificatie-instellingen' en visuele scheidslijn. app/layout.tsx: appleWebApp.capable, statusBarStyle en mobile-web-app-capable meta-tags toegevoegd via Next.js Metadata API. manifest.json had al display: standalone. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ST-cmovs8vxj: docs/patterns/web-push.md pattern-documentatie Architectuur-diagram, payload-shape, foutcodes, VAPID-config, iOS-quirks, demo-users blokkade, trigger-voorbeelden (server + HTTP) en admin-testroute curl-voorbeeld. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-07 21:46:01 +02:00 · 2026-05-07 21:46:01 +02:00 · 7ae8a24372
commit 7ae8a24372
parent 25bd59c0b9
22 changed files with 984 additions and 167 deletions
--- a/components/notifications/push-toggle.tsx
+++ b/components/notifications/push-toggle.tsx
@ -0,0 +1,116 @@
+'use client'
+
+import { useEffect, useState } from 'react'
+import { toast } from 'sonner'
+import { Button } from '@/components/ui/button'
+import {
+  isPushSupported,
+  isIOSSafari,
+  isStandalonePWA,
+  subscribeToPush,
+  unsubscribeFromPush,
+} from '@/lib/push-client'
+
+type PushStatus =
+  | 'loading'
+  | 'unsupported'
+  | 'ios-needs-install'
+  | 'denied'
+  | 'subscribed'
+  | 'unsubscribed'
+
+interface PushToggleProps {
+  vapidPublicKey?: string
+}
+
+export function PushToggle({ vapidPublicKey }: PushToggleProps) {
+  const [status, setStatus] = useState<PushStatus>('loading')
+
+  useEffect(() => {
+    async function detectStatus() {
+      if (!isPushSupported()) {
+        if (isIOSSafari() && !isStandalonePWA()) {
+          setStatus('ios-needs-install')
+        } else {
+          setStatus('unsupported')
+        }
+        return
+      }
+
+      if (Notification.permission === 'denied') {
+        setStatus('denied')
+        return
+      }
+
+      try {
+        const reg = await navigator.serviceWorker.getRegistration()
+        const sub = await reg?.pushManager.getSubscription()
+        setStatus(sub ? 'subscribed' : 'unsubscribed')
+      } catch {
+        setStatus('unsubscribed')
+      }
+    }
+
+    detectStatus()
+  }, [])
+
+  async function handleSubscribe() {
+    if (!vapidPublicKey) {
+      toast.error('Push niet beschikbaar — VAPID-sleutel ontbreekt')
+      return
+    }
+    try {
+      await subscribeToPush(vapidPublicKey)
+      setStatus('subscribed')
+      toast.success('Push-notificaties geactiveerd')
+    } catch {
+      if (Notification.permission === 'denied') {
+        setStatus('denied')
+      }
+      toast.error('Kon push niet activeren. Controleer je browserinstellingen.')
+    }
+  }
+
+  async function handleUnsubscribe() {
+    try {
+      await unsubscribeFromPush()
+      setStatus('unsubscribed')
+      toast.success('Push-notificaties uitgeschakeld')
+    } catch {
+      toast.error('Kon push niet uitschakelen')
+    }
+  }
+
+  if (status === 'loading' || status === 'unsupported') return null
+
+  if (status === 'ios-needs-install') {
+    return (
+      <div className="rounded-lg bg-surface-variant p-3 text-sm text-on-surface-variant">
+        Op iPhone/iPad: tik op het delen-icoon en kies{' '}
+        <strong>Zet op beginscherm</strong>. Daarna kun je notificaties activeren.
+      </div>
+    )
+  }
+
+  if (status === 'denied') {
+    return (
+      <p className="text-sm text-on-surface-variant">
+        Notificaties zijn geblokkeerd. Schakel ze in via je browser-instellingen.
+      </p>
+    )
+  }
+
+  if (status === 'unsubscribed') {
+    return (
+      <Button variant="default" size="sm" onClick={handleSubscribe}>
+        Activeer push
+      </Button>
+    )
+  }
+
+  return (
+    <Button variant="outline" size="sm" onClick={handleUnsubscribe}>
+      Push uitzetten
+    </Button>
+  )
+}