Files
Pete/internal/web/static/js/prefs.js
prosolis cbbedd9894 Add optional Authentik (OIDC) sign-in with server-side preference sync
Signed-in users get their preferences (hidden feeds, weather location,
weather toggle) stored server-side keyed by their OIDC subject and synced
across devices. Anonymous visitors keep using browser localStorage, so the
site stays public. First sign-in migrates existing localStorage prefs up.

- config: [web.auth] section (issuer, client_id/secret, redirect, session_secret)
- storage: user_preferences table + Get/PutUserPrefs
- web/auth: OIDC code flow, HMAC-signed session cookie, CSRF state + nonce
- web/prefs_api: GET/PUT /api/preferences (auth-gated, 64KB cap)
- frontend: prefs.js sync layer seeds localStorage from server, pushes on write
- header: sign-in / account control

OIDC discovery is non-fatal at boot: if Authentik is down, Pete serves
anonymously rather than refusing to start.
2026-06-21 15:44:53 -07:00

71 lines
2.5 KiB
JavaScript

// Preference sync. Anonymous visitors keep using localStorage exactly as
// before — this file is a no-op for them. When a user is signed in (Authentik
// via OIDC), the server is the source of truth: their stored blob is injected
// as window.PETE_PREFS and seeded into localStorage *synchronously* here, before
// the feature scripts (settings.js, weather*.js) read it. Those scripts then
// call PetePrefs.push() after every write to mirror the change back up.
//
// This script must run before the others — it's loaded first in layout.html,
// and all the feature scripts are `defer`, so document order is guaranteed.
(function () {
// The localStorage keys we sync. The weather *cache* is deliberately excluded:
// it's transient and per-device.
var SYNCED = ["pete.disabledSources.v1", "pete.weather.loc.v1", "pete-weather-off"];
var user = window.PETE_USER || null;
var serverPrefs = window.PETE_PREFS || null;
function seed(prefs) {
SYNCED.forEach(function (k) {
if (!Object.prototype.hasOwnProperty.call(prefs, k)) return;
var v = prefs[k];
try {
if (v === null || v === undefined) localStorage.removeItem(k);
else localStorage.setItem(k, String(v));
} catch (e) {}
});
}
function snapshot() {
var out = {};
SYNCED.forEach(function (k) {
try { var v = localStorage.getItem(k); if (v !== null) out[k] = v; } catch (e) {}
});
return out;
}
var timer = null;
function push() {
if (!user) return; // anonymous: localStorage only
if (timer) clearTimeout(timer);
timer = setTimeout(function () {
timer = null;
try {
fetch("/api/preferences", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(snapshot()),
credentials: "same-origin",
keepalive: true
}).catch(function () {});
} catch (e) {}
}, 600);
}
window.PetePrefs = { push: push, loggedIn: !!user, syncedKeys: SYNCED };
if (user) {
if (serverPrefs && typeof serverPrefs === "object") {
seed(serverPrefs); // cross-device: server wins on load
} else {
push(); // first sign-in: migrate this browser's prefs to the account
}
// Swap "saved in this browser" copy for the synced story.
document.addEventListener("DOMContentLoaded", function () {
document.querySelectorAll("[data-storage-note]").forEach(function (el) {
el.textContent = "Synced to your account ✓";
});
});
}
})();