Commit Graph

9 Commits

Author SHA1 Message Date
null a7b602de87 feat(chat): encrypted image messages, notification deep link routing, partner photo on home, rate limiter bump, chat bubble drag-to-dismiss
- FirestoreQuestionThreadDataSource: sendImageMessage encrypts bytes with couple key, uploads to Storage, stores URL in Firestore; loadDecryptedMedia downloads + decrypts
- QuestionMessage: type field (text/image), mediaUrl, isImage helper
- QuestionDiscussionThread: image picker (gallery + camera), encrypted image rendering with produceState, messenger-style avatars on consecutive bubbles
- QuestionThreadViewModel: sendImage, loadDecryptedMedia, dailyRevealed skip for already-revealed daily questions, partner photo loading
- MainActivity: deepLinkRouteFromIntent resolves FCM data extras to navigation routes; pendingDeepLink state for onNewIntent
- AppNavigation: LaunchedEffect waits for HOME route before navigating deep link (fixes race with onboarding)
- PartnerHomeScreen: partner photoUrl loaded and displayed in identity card
- NotificationRateLimiter: 20 partner/day, 100/week (was 2/4 — too tight for game activity)
- MessageBubbleOverlay: drag-to-dismiss zone at bottom, no auto-timeout (persists until read)
- ActiveThreadMonitor: dismisses bubble when entering conversation
- onMessageWritten: includes author name + photo URL in notification payload
- firestore.rules: messages create allows type=image with mediaUrl or type=text with ciphertext
- storage.rules: chat_media path with 15MB cap
- file_paths.xml: cache-path for camera capture
2026-06-24 15:18:41 -05:00
null 658ead38cd security: App Check enforcement on all callables, fail-closed device integrity, no raw code in logs; release signing config; iOS RevenueCat log level 2026-06-23 10:56:42 -05:00
null 5e16177eb2 feat: code push -- notifications, cloud functions, iOS updates 2026-06-22 08:53:23 -05:00
null af70280daa feat: E2EE recovery flow, iOS parity updates, onboarding + pairing polish 2026-06-21 11:20:48 -05:00
null 0a377ecdda fix(accept-invite): dynamic encryptionVersion, Firestore TTL on attempt docs, wipe recoveryPhrase on accept 2026-06-21 09:13:29 -05:00
null 26419ce08d feat: remove email invite screen, add accept-invite rate limiting, clean up iOS pairing (v0.2.2) 2026-06-21 08:55:43 -05:00
null 57a3e35359 feat(outcomes): add 30/60/90 day check-in flow with baseline + reminders 2026-06-20 23:59:24 -05:00
null 4dad0e774e refactor: update crypto, invite flow, and account screen patterns 2026-06-20 18:09:46 -05:00
null 39255c8733 fix: prevent invite code enumeration via Cloud Function (batch v0.2.18)
- Remove client-side read access to invites (only inviter can read own invite)
- Deny direct client update to invites (server-side only via Admin SDK)
- Add acceptInviteCallable Cloud Function: validates code, creates couple,
  updates user docs, marks invite accepted, returns wrapped key for local decryption
- Update Android client: FirestoreInviteDataSource calls callable function,
  InviteConfirmViewModel uses acceptInvite + unwrapAndStore flow
- Deprecate CoupleRepositoryImpl.createCouple (client-side path removed)
- Update Firestore rules tests: unpaired read now denied, direct update now denied
- 118/118 tests passing
2026-06-19 21:46:12 -05:00