Body fixed to 100dvh with overflow:hidden. SOS button capped at
min(60vmin, 70vw, 300px) to fit within viewport alongside topbar.
Bump SW cache to v3.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Dockerfile (Python 3.12 slim) + docker-compose (backend + nginx).
Backend on port 8000 inside container, nginx proxies API and serves
frontend static. SQLite persisted in named volume. Nginx listens on
127.0.0.1:8080 — external SSL handled by host reverse proxy.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Tapping user avatar or network indicator sends a test signal with
geo data. Backend formats it as "Тест от username" (🧪) instead of
"Сигнал" (🚨). Only active after login on main screen.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Only @tutlot.com emails allowed for registration (checked server-side,
invisible to frontend inspect). Wrong domain → scary message + IP
violation tracked. 5 violations → IP permanently blocked from login
and registration. Block screen with OK button on frontend.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When signal has geo, show clickable Google Maps link instead of raw
coordinates. Without geo, show "Гео нету". Added parse_mode=HTML
to send_message for link rendering.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Login now requires login/email + password verified against DB via
/api/auth/login. Only approved registrations can access the app.
Signal endpoint accepts JWT Bearer tokens alongside legacy api_key auth.
Old UUID-only registration flow removed from frontend.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fixes BATON-FIX-015: email-validator was installed manually as root because
deploy process had no pip install step. Added ExecStartPre to run
pip install -r requirements.txt on every service start/restart.
Дублирует аналогичный fix в telegram.py — httpcore тоже логирует
URLs с BOT_TOKEN на transport уровне. Синхронизировано с ручным
патчем на сервере.
Refs: #1303, #1309
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1. .pre-commit-config.yaml — local pygrep hook блокирует коммиты
с токенами формата \d{9,10}:AA[A-Za-z0-9_-]{35} (Telegram bot tokens).
Проверено: срабатывает на токен, пропускает чистые файлы.
2. backend/telegram.py — три функции (send_registration_notification,
answer_callback_query, edit_message_text) логировали exc напрямую,
что раскрывало BOT_TOKEN в URL httpx-исключений в journalctl.
Заменено на type(exc).__name__ — только тип ошибки, без URL.
Refs: #1303, #1309, #1283
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
CORSMiddleware: allow_methods=['POST'] → ['GET', 'POST']
Позволяет браузерам делать GET-запросы к /health и /api/health без CORS-блокировки.
BATON-FIX-013
- Add logging.getLogger("httpx/httpcore").setLevel(WARNING) to prevent
token-embedded API URLs from leaking through transport-level loggers
- Add _mask_token() helper showing only last 4 chars of token
- Fix validate_bot_token() exception handler: log exc type + masked token
instead of raw exc which may contain the full URL in some httpx versions
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add validate_bot_token() to backend/telegram.py: calls getMe on startup,
logs ERROR if token is invalid (never raises per #1215 contract)
- Call validate_bot_token() in lifespan() after db.init_db() for early detection
- Update conftest.py make_app_client() to mock getMe endpoint
- Add 3 tests for validate_bot_token (200, 401, network error cases)
Root cause: CHAT_ID=5190015988 (positive) was wrong — fixed to -5190015988
on server per decision #1212. Group "Big Red Button" confirmed via getChat.
Service restarted.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
