diff --git a/.gitignore b/.gitignore index 18226ca..32d73a1 100644 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,6 @@ certs build .venv __pycache__ -.pyc \ No newline at end of file +.pycvapid.json +Web/vapid.json +Web/vapid_*.pem diff --git a/Web/push_notifications.py b/Web/push_notifications.py index 3af706a..4cfe7f6 100644 --- a/Web/push_notifications.py +++ b/Web/push_notifications.py @@ -16,11 +16,39 @@ import settings as cfg logger = logging.getLogger(__name__) -# VAPID keys for push notifications (should be in environment variables) +# VAPID keys for push notifications VAPID_PUBLIC_KEY = os.getenv('VAPID_PUBLIC_KEY', '') VAPID_PRIVATE_KEY = os.getenv('VAPID_PRIVATE_KEY', '') VAPID_SUBJECT = os.getenv('VAPID_SUBJECT', f'mailto:admin@{os.getenv("SERVER_NAME", "localhost")}') +VAPID_PRIVATE_PEM = os.path.join(os.path.dirname(__file__), 'vapid_private.pem') +VAPID_PUBLIC_PEM = os.path.join(os.path.dirname(__file__), 'vapid_public.pem') + +# Auto-generate VAPID keys if none are provided +if not VAPID_PUBLIC_KEY or not VAPID_PRIVATE_KEY: + try: + from py_vapid import Vapid, b64urlencode + from cryptography.hazmat.primitives import serialization + + vapid = Vapid() + if not os.path.exists(VAPID_PRIVATE_PEM): + vapid.generate_keys() + vapid.save_key(VAPID_PRIVATE_PEM) + vapid.save_public_key(VAPID_PUBLIC_PEM) + logger.info("Auto-generated new VAPID keys") + else: + vapid = Vapid.from_file(VAPID_PRIVATE_PEM) + + raw_pub = vapid.public_key.public_bytes( + serialization.Encoding.X962, + serialization.PublicFormat.UncompressedPoint + ) + + VAPID_PUBLIC_KEY = b64urlencode(raw_pub) + VAPID_PRIVATE_KEY = VAPID_PRIVATE_PEM + except Exception as e: + logger.error(f'Could not load or generate VAPID keys: {e}') + # Push service endpoint (typically Firebase or Web Push Service) PUSH_SERVICE_URL = 'https://fcm.googleapis.com/fcm/send' # Firebase Cloud Messaging FCM_API_KEY = os.getenv('FCM_API_KEY', '') # Firebase API key diff --git a/Web/requirements.txt b/Web/requirements.txt index d82e894..8260d77 100755 --- a/Web/requirements.txt +++ b/Web/requirements.txt @@ -13,4 +13,4 @@ redis reportlab python-barcode openpyxl -cryptography \ No newline at end of file +cryptographypywebpush diff --git a/generate-vapid-keys.sh b/generate-vapid-keys.sh deleted file mode 100755 index e044694..0000000 --- a/generate-vapid-keys.sh +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/bash - -# VAPID Key Generation Script for Web Push Notifications -# Generates VAPID (Voluntary Application Server Identification) keys required for push notifications - -echo "===========================================" -echo "VAPID Key Generation for Inventarsystem" -echo "===========================================" -echo "" - -# Check if Python is available -if ! command -v python3 &> /dev/null; then - echo "❌ Error: Python 3 is required but not installed." - exit 1 -fi - -# Check if pywebpush is installed -echo "Checking for pywebpush..." -python3 -c "import pywebpush" 2>/dev/null - -if [ $? -ne 0 ]; then - echo "Installing pywebpush..." - pip3 install pywebpush - if [ $? -ne 0 ]; then - echo "❌ Error: Failed to install pywebpush" - echo "Please install manually: pip3 install pywebpush" - exit 1 - fi -fi - -echo "✓ pywebpush is installed" -echo "" - -# Generate VAPID keys -echo "Generating VAPID keys..." -python3 << 'EOF' -from pywebpush import generate_keys - -try: - keys = generate_keys() - print("✓ VAPID Keys generated successfully!") - print("") - print("PUBLIC KEY (share with browsers):") - print(keys['public_key']) - print("") - print("PRIVATE KEY (keep secret!):") - print(keys['private_key']) - print("") - print("===========================================" - print("Add these to your environment variables:") - print("===========================================" - print("") - print("export VAPID_PUBLIC_KEY='" + keys['public_key'] + "'") - print("export VAPID_PRIVATE_KEY='" + keys['private_key'] + "'") - print("export VAPID_SUBJECT='mailto:admin@yourdomain.com'") - print("") - print("Or add to your .env file:") - print("") - print("VAPID_PUBLIC_KEY=" + keys['public_key']) - print("VAPID_PRIVATE_KEY=" + keys['private_key']) - print("VAPID_SUBJECT=mailto:admin@yourdomain.com") - print("") - print("⚠️ IMPORTANT: Keep the PRIVATE KEY secret!") - print("===========================================" - -except Exception as e: - print(f"❌ Error generating VAPID keys: {e}") - exit(1) -EOF - -if [ $? -eq 0 ]; then - echo "" - echo "✓ Next steps:" - echo "1. Copy the PUBLIC KEY to your browser-side code" - echo "2. Set the PRIVATE KEY in your server environment" - echo "3. Update config.json with your email address" - echo "4. Test with: curl http://localhost:5000/api/push/vapid-key" -else - echo "❌ Error generating keys" - exit 1 -fi diff --git a/requirements.txt b/requirements.txt index 4d881ac..23f0366 100644 --- a/requirements.txt +++ b/requirements.txt @@ -13,4 +13,4 @@ reportlab python-barcode openpyxl cryptography -pywebpush \ No newline at end of file +pywebpushpywebpush