Commit graph

357 commits

Author SHA1 Message Date
Richard R
d4bad59007 feat: add loopback support for S3 endpoint in storage migration 2026-02-19 11:20:51 -07:00
Richard R
5ffacb251f fix: remove legacy image name from Docker outputs in workflow 2026-02-19 11:05:42 -07:00
Richard R
fe567782e8 feat: update version from v1.3.0 to v2.0.0 in package.json 2026-02-19 11:00:40 -07:00
Richard R
7f9659fd99 chore: Remove unnecessary Pages configuration step from docs deployment workflow 2026-02-19 10:32:28 -07:00
Richard R
3555561d3b
Merge pull request #80 from richardr1126/better-auth
Major overhaul: implement auth, sqldb for metadata, s3-like storage, and lessen reliance on fs

New Features

Added user authentication system with sign-in, sign-up, and account management
Added TTS rate-limiting with per-user character limits and daily resets
Added user data export functionality
Added support for PostgreSQL database and external S3-compatible object storage
Documentation

Launched comprehensive documentation site with deployment guides, configuration references, and TTS provider integration guides
Chores

Rebranded project from "OpenReader-WebUI" to "OpenReader"
2026-02-19 10:28:51 -07:00
Richard R
7482a4265e feat: Enhance authentication handling by adding error logging and improving session checks in the API and ClaimDataModal component 2026-02-19 02:13:43 -07:00
Richard R
0fbd9d5c38 feat: Update Docker image name to openreader while maintaining openreader-webui as a legacy alias and updating documentation. 2026-02-18 02:54:01 -07:00
Richard R
a0cc189a0f refactor: rename project from OpenReader WebUI to OpenReader across all relevant files. 2026-02-18 02:49:47 -07:00
Richard R
f7af557073 feat: Implement S3 proxy client, enhance session handling, and improve Drizzle migration script. 2026-02-18 02:39:54 -07:00
Richard R
30ad62aa41 feat: Remove explicit background state and implementing text prefetching for smoother page/section transitions. 2026-02-18 00:05:41 -07:00
Richard R
3ede092adc feat: Make word highlighting enabled by default by inverting its environment variable logic, updating documentation, and removing NEXT_PUBLIC_NODE_ENV from Playwright tests. 2026-02-17 22:12:11 -07:00
Richard R
021533223b refactor: Standardize database timestamp fields to bigint epoch milliseconds and update schema migrations. 2026-02-17 21:00:36 -07:00
Richard R
c2188b476f feat: Refactor server-side document, audiobook, and authentication logic, introduce new client-side APIs and caching, and update related tests. 2026-02-17 19:30:12 -07:00
Richard R
8e1b6b4009 refactor: Move document-related components into a dedicated documents subdirectory and update imports. 2026-02-17 18:29:54 -07:00
Richard R
8f5e87ed4a feat: Replace NEXT_PUBLIC_NODE_ENV with explicit feature flags for granular control over DOCX conversion, destructive actions, TTS defaults, and DeepInfra model visibility. 2026-02-17 18:26:03 -07:00
Richard R
eeeceb8e54 feat(privacy): implement data export and encryption with updated policy
Add ZIP-based user data download endpoint, enable AES-256 server-side S3 encryption for all stored documents and audiobooks. Rewrite privacy policy with detailed CCPA categories, service provider disclosures (Vercel/Neon/Railway), and user rights sections. Replace privacy modal with checkbox agreement flow.
2026-02-17 17:16:58 -07:00
Richard R
8dc836cbb7 feat(auth): implement route protection and security headers
Add Next.js middleware to handle session-based access control for protected
routes while maintaining access to public paths. Configure comprehensive
security headers including CSP, HSTS, and frame options in next.config.ts.

Also, reduce session cookie cache duration to 5 minutes to ensure frequent
revalidation against the database and fix a navigation issue in the EPUB
context when jumping to specific CFI locations.
2026-02-16 19:06:24 -07:00
Richard R
f58a2b690d refactor(db): remove user_id foreign key from user_tts_chars
Remove the foreign key constraint referencing the user table in both
Postgres and SQLite schemas. This decouples the usage tracking from
the primary user table.
2026-02-16 17:29:26 -07:00
Richard R
fc24b31cc3 perf: lazy load heavy dependencies and db drivers
Move database drivers and heavy server-side modules to be loaded
lazily via require() and dynamic import(). This reduces the initial
memory footprint and improves cold start performance for serverless
functions by avoiding loading unused dependencies on every request.
2026-02-16 16:10:03 -07:00
Richard R
9931c7d0d8 fix(api): add retry for document blob head checks
Implement a retry mechanism for document blob HEAD requests to handle
S3 read-after-write propagation delays. This prevents 409 errors
when the client calls the endpoint immediately after performing a
direct upload to S3 via a presigned URL.
2026-02-16 15:51:01 -07:00
Richard R
596c04d4d3 feat(preview): improve failure recovery and configuration
Update the client-side preview status logic to gracefully handle failed
states and return fallback URLs. Add PDF worker tracing to the build
configuration for preview-related API endpoints and include server-side
error logging.
2026-02-16 15:46:30 -07:00
Richard R
deaacbd6f0 feat(auth): add conditional GitHub authentication support
Implement a check for GitHub OAuth credentials to conditionally render
the GitHub sign-in button. This ensures the UI accurately reflects
available authentication methods based on environment configuration.

- Add `isGithubAuthEnabled` utility to verify server-side credentials
- Propagate GitHub auth status through context providers to the UI
- Conditionally display the GitHub sign-in button in the sign-in page
- Update documentation and examples to use hex encoding for `AUTH_SECRET`
- Add unit tests for the new GitHub authentication configuration logic
2026-02-16 14:21:25 -07:00
Richard R
94d24c4687 test(export): increase timeout for resume test
Increase timeout to 60 seconds for the audiobook resume test to prevent flakiness when processing PDF exports.
2026-02-16 10:19:54 -07:00
Richard R
80b2ae2676 test: improve test reliability and adjust timeouts
Increase timeouts for export and navigation tests to 60 seconds to
prevent flakiness. Remove brittle assertions checking for visible
overlays in setup helpers to ensure more stable test execution.
2026-02-16 01:50:43 -07:00
Richard R
fa406a8cb2 refactor(deps): remove ffprobe-static and fix playwright flakiness
Replace ffprobe-static with ffmpeg-static for metadata extraction in
migration scripts. This removes the requirement for ffprobe binaries
across Docker, CI, and Vercel environments, simplifying the dependency
graph.
2026-02-16 01:41:54 -07:00
Richard R
da0fce708f refactor: improve database reliability and clean up code
Enable WAL mode and set a busy timeout for SQLite to better handle
concurrent access and prevent 500 errors. Add error handling to
async calls in UI components and remove unused imports across several
files.
2026-02-15 15:44:20 -07:00
Richard R
4d13b5b821 refactor: improve async state and session reliability
Implement AbortController in ConfigContext, PDFContext, and preference sync to prevent race conditions during session changes or rapid navigation. Refactor document preview routes into shared utilities and add LRU caching for text previews to optimize memory. Update documentation for Better Auth schema ownership and migration workflows. Fix issues with Postgres system user seeding and better-sqlite3 configuration.
2026-02-15 15:13:25 -07:00
Richard R
8e4f0b0ca9 build(config): remove better-sqlite3 from serverExternalPackages 2026-02-15 14:02:42 -07:00
Richard R
8cb2929116 feat(db): add system user seeding and storage cleanup
- Implement ensureSystemUserExists to handle foreign key constraints for
  unclaimed data when authentication is disabled.
- Add missing foreign key relationship between audiobook chapters and
  audiobooks with cascade delete.
- Integrate a beforeDelete hook in auth config to trigger storage
  cleanup when a user is removed.
- Regenerate initial migrations for both PostgreSQL and SQLite to
  reflect schema updates.
2026-02-15 14:00:35 -07:00
Richard R
d3c7831f70 fix: address hook violations and improve resource reliability
- Refactor useAuthSession to call useSession unconditionally, adhering to React Rules of Hooks by using a stub client when auth is disabled.
- Update migration script to insert a system user to satisfy foreign key constraints during database transitions.
- Implement AbortController and timeouts in entrypoint endpoint polling to prevent hanging fetch requests.
- Use useMemo in PDFViewer to provide a stable file object, preventing unnecessary re-renders and warnings.
- Enhance state cleanup in EPUBContext and AuthLoader to handle missing metadata or disallowed sessions gracefully.
2026-02-15 13:31:06 -07:00
Richard R
3eebfe6c6c ci(config): remove vercel configuration file 2026-02-15 13:06:34 -07:00
Richard R
bedbbb026a feat(db): add foreign keys and cascade deletes
Enforce referential integrity by linking application tables to the auth user table across both PostgreSQL and SQLite schemas.

- Add foreign key references with ON DELETE CASCADE to all user-owned tables.
- Re-generate initial migrations for Postgres and SQLite providers.
- Update migration script to ensure the SQLite database directory exists.
- Remove explicit SSL configuration from the PostgreSQL connection pool.
2026-02-15 13:02:42 -07:00
Richard R
bb853acaf6 Refactor authentication schema and database handling
- Updated SQLite journal metadata with new tag and timestamp.
- Refactored account deletion API to utilize Better Auth's built-in user deletion method for cascading cleanup.
- Enhanced database initialization to include authentication schemas for both SQLite and Postgres.
- Removed user, session, account, and verification tables from the Drizzle schema, as they are now managed by Better Auth.
- Created separate schema files for authentication in both Postgres and SQLite.
- Added SQL migration scripts for creating necessary tables in both database systems.
2026-02-15 12:49:23 -07:00
Richard R
f9366dbfa2 refactor(audio): replace ffprobe with ffmpeg for metadata extraction
- Remove ffprobe-static dependency and associated configuration
- Reimplement ffprobeAudio to parse duration and title tags from ffmpeg output
- Update CI workflow to install SeaweedFS binary and set required environment variables
- Enhance E2E test setup to handle auth-protected endpoints during document cleanup
2026-02-15 12:13:29 -07:00
Richard R
260513ebaa ci(config): configure CI environment and optimize function memory
- Set FFMPEG_BIN and FFPROBE_BIN environment variables in Playwright workflow
- Reduce memory allocation for audiobook and whisper API routes to 1024MB
2026-02-15 11:33:46 -07:00
Richard R
1f4794a706 feat(auth): implement session gatekeeping and architectural reorganization
- Introduce `USE_ANONYMOUS_AUTH_SESSIONS` to make guest access an opt-in feature.
- Transition root-level pages into `(app)` and `(public)` route groups for improved access control.
- Adopt Figtree as the primary typeface and implement a pre-render theme initialization script.
- Decouple audiobook chapter processing into a standalone API route and harden resource ownership logic.
- Replace the legacy footer with a unified layout and add skeleton loading states for document lists.
- Update environment documentation and test suites to align with the revised routing and auth flows.

BREAKING CHANGE: The audiobook generation API has been restructured, moving specific chapter logic to `/api/audiobook/chapter`.
2026-02-15 11:12:42 -07:00
Richard R
9f25e05cce feat(previews): implement document preview generation and caching
- Add document preview caching logic with in-memory and persisted storage.
- Implement S3 blobstore functions for managing document previews.
- Create rendering functions for PDF and EPUB cover images to JPEG format.
- Introduce database schema and functions for managing document preview metadata.
- Add unit tests for rendering PDF and EPUB previews.
2026-02-12 16:05:03 -07:00
Richard R
82f82a990e feat: add user preferences and document progress syncing
- Implemented user preferences management with a new API for GET and PUT requests.
- Added user document progress tracking with a new API for retrieving and updating progress.
- Introduced database schema changes for user preferences and document progress.
- Enhanced EPUB and TTS contexts to support syncing user preferences and document progress.
- Added functions to handle transferring user preferences and progress during account linking.
- Updated client-side logic to schedule syncing of user preferences and document progress.
2026-02-11 13:58:16 -07:00
Richard R
852092c558 docs: reorganize documentation structure and fix word highlight behavior 2026-02-11 06:03:51 -07:00
Richard R
63483e055e refactor(docs): reorganize and enhance documentation structure
- Rename configuration.md to auth.md for clarity
- Rename storage-and-blob-behavior.md to object-blob-storage.md
- Split server library import into dedicated documentation page
- Rename intro.md to introduction.md
- Merge support.md into support-and-contributing.md
- Add interactive tabs to configuration and setup guides
- Improve cross-references and navigation between documentation pages
- Update sidebar structure and Docusaurus config for new file paths
2026-02-11 04:16:02 -07:00
Richard R
4e2d18962d fix(config): update ffmpeg tracing for audiobook APIs
Configure Next.js output tracing to properly include ffmpeg and ffprobe
static binaries for audiobook processing endpoints. This ensures the
required binaries are bundled correctly during deployment across all
audiobook API routes.
2026-02-11 03:20:22 -07:00
Richard R
9b9206f50d refactor(audiobooks): migrate audiobook pipeline to object storage
This commit restructures the audiobook generation and serving layer to rely exclusively on S3-compatible blob storage, removing the dependency on local filesystem paths.

- Bundle `ffmpeg` and `ffprobe` binaries via npm to ensure portability across environments.
- Update API routes to stream audio directly from blob storage instead of local disk.
- Remove legacy migration endpoints and filesystem-based indexing logic.
- Add startup scripts to facilitate the transition from local to remote storage.

BREAKING CHANGE: Audiobook functionality is now strictly dependent on S3 configuration. The previous filesystem-based storage method has been removed.
2026-02-11 02:44:34 -07:00
Richard R
91bcf232e1 fix(docs): simplify docs versioning workflow 2026-02-10 15:15:44 -07:00
Richard R
6d5fb65a72 feat(docs): add configurable rate limiting and external docs
Add environment variables for fine-grained control over TTS rate limiting
and Better Auth behavior. Move documentation to external Docusaurus site
with automated deployment workflows.

- TTS rate limiting can now be enabled/disabled via TTS_ENABLE_RATE_LIMIT
- Customizable daily limits for anonymous/authenticated users and IP backstops
- Better Auth rate limiting can be disabled via DISABLE_AUTH_RATE_LIMIT
- Rename library import env vars to IMPORT_LIBRARY_DIRS/DIR
- Add docs-site with Docusaurus and GitHub Actions workflows
- Update README to reference external documentation
2026-02-10 15:11:37 -07:00
Richard R
81d249ed52 feat(storage): implement S3/SeaweedFS blob storage for documents
Replaces local filesystem document storage with S3-compatible object storage.
Adds embedded SeaweedFS 'weed mini' for local development and Docker deployments.
Updates document upload flow to use presigned URLs with a server fallback proxy.
Refactors auth configuration to use BASE_URL and AUTH_SECRET.

BREAKING CHANGE: Renamed BETTER_AUTH_URL to BASE_URL and BETTER_AUTH_SECRET to AUTH_SECRET. Removed legacy document upload/content endpoints. Requires S3 environment variables (auto-configured for embedded SeaweedFS).
2026-02-10 12:29:15 -07:00
Richard R
4a5f3060f2 refactor(documents): migrate from IndexedDB to server-backed storage with caching
- Replace client-side IndexedDB with server-first document storage
- Add document caching layer for offline capability and performance
- Implement document transfer during anonymous-to-authenticated account linking
- Add database indexes for improved query performance
- Update document contexts to use new caching system
- Refactor document upload and deletion APIs
- Add audiobook pruning for missing files
- Improve test isolation with namespace support
- Add unit tests for document cache and transfer functions
2026-02-08 11:15:57 -07:00
Richard R
2c23dc9043 refactor(db): remove conditional database usage from API layer
Ensure all metadata operations consistently use the database layer,
removing filesystem-only fallback paths and conditional DB checks.

- Simplified migration scripts to always run on startup
- Updated document/audiobook APIs to always query DB
- Added ensureDbIndexed() calls across all routes
- Extracted test namespace utilities to dedicated module
- Removed migration-manager.ts (functionality consolidated)
- Updated rate limiter to assume DB is always available

BREAKING CHANGE: Database is now required in all configurations.
When auth is disabled, SQLite is used by default at /app/docstore/sqlite3.db.
2026-02-03 12:17:30 -07:00
Richard R
c24710b2ca refactor(audiobooks): implement user-specific storage with composite primary keys
- Change audiobooks and audiobookChapters tables to use composite PK (id, userId)
- Migrate audiobooks from flat storage to user-specific directories under audiobooks_users
- Add support for claiming unclaimed audiobooks on account creation
- Improve auth rate limiting with retry logic and DISABLE_AUTH_RATE_LIMIT for tests
- Fix iOS/Safari audio playback with unlock mechanism and playback rate watchdog
- Update API routes to handle user-scoped audiobook access with fallback to unclaimed
- Transfer audiobooks when linking anonymous accounts to real accounts
- Remove foreign key constraint from audiobookChapters to support composite PK
- Add cascade delete to account and session foreign keys
2026-02-03 12:17:06 -07:00
Richard R
30ce65e747 refactor(auth): bootstrap anonymous sessions via AuthLoader
Replace privacy popup with PrivacyModal and reorganize auth UI components
Remove signed-out persistence and centralize session handling in useAuthSession
Move document viewers and Kokoro voice helpers into dedicated modules
2026-01-28 02:39:44 -07:00
Richard R
20111b1e36 fix(tests): try to get tests working again 2026-01-28 01:04:01 -07:00