lord3nd3r
/
aprhodite
forked from ComputerTech/aprhodite
1
0
Fork 0
Code Pull Requests Activity
28 Commits 1 Branch 0 Tags 461 KiB
Commit Graph

15 Commits

Author SHA1 Message Date
End3r 8cce8e6c2e security: add CSRF protection, input sanitization, security logging, and JWT expiry reduction 2026-04-12 18:43:39 -05:00
3nd3r fa030a32b7 Fix admin panel: live AI access toggle, auto-refresh after actions 
- Grant/Revoke AI button now notifies target user live via ai_unlock event
- ai_unlock handler updated to support both grant and revoke
- Admin panel auto-refreshes user/ban/mute lists after any action
 2026-04-12 14:41:42 -05:00
3nd3r 887482d3db Add role-based admin panel with root/admin/mod/user hierarchy 
- User model: new 'role' column (root > admin > mod > user)
- End3r (id=2) set as 'root' (GOD admin)
- Admin panel modal: Users tab (search, set roles, verify, grant AI),
  Bans tab (list/unban), Mutes tab (list/unmute)
- Role-based permission checks: root can set admins, admins set mods,
  mods can kick/ban/mute/verify
- Shield icon in header (visible to mod+) opens admin panel
- Nicklist shows role icons: crown (root), swords (admin), shield (mod)
- Context menu: added Mute/Unmute action
- Live role_updated event pushes role changes to online users
- role_power hierarchy prevents privilege escalation
 2026-04-12 14:39:43 -05:00
3nd3r 064f6bf0ba Add 10 color themes to Chat settings 
Themes: Midnight Purple (default), Crimson Noir, Ocean Deep, Ember,
Neon Green, Cyberpunk, Rose Gold, Arctic, Daylight, Midnight Blue

- Convert hardcoded rgba accent colors to CSS custom properties
- Add data-theme attribute switching with CSS variable overrides
- Theme picker grid with gradient swatches in Settings > Chat tab
- Theme preference persisted in localStorage
 2026-04-12 14:28:06 -05:00
3nd3r d5e942d06d Add settings panel with Account, Chat, Violet, and Premium tabs 
- Gear icon in header opens settings modal
- Account: view username/email, change password (server-side bcrypt)
- Chat: font size slider, 12h/24h timestamps, enter-to-send toggle, sounds toggle
- Violet: view AI access status, reset conversation memory
- Premium: feature showcase with upgrade CTA (payment coming soon)
- All chat prefs saved to localStorage
- Font size applied via CSS custom property
- Timestamp format conversion (24h server -> 12h client option)
- Icon button styling for gear and hamburger menu
 2026-04-12 14:17:52 -05:00
3nd3r 8cd76ff72d Add per-user conversation memory for Violet AI 
- VioletHistory model: stores plaintext turns (user/assistant) per user_id
- AI worker loads last 20 turns into Ollama prompt for context
- Saves both user message and AI response after each exchange
- /reset command in Violet PM clears conversation memory
- Fix ai_limit_reached: emit ai_response event instead of raw pm_message
- ai_response handler uses correct PM room and supports plaintext text field
- Remove debug print statements
 2026-04-12 13:58:44 -05:00
3nd3r 389415f04d Fix Violet PM: echo user message + add session restore on refresh 2026-04-12 13:33:46 -05:00
3nd3r 1d6413cfd6 Switch Violet model to sadiq-bd/llama3.2-3b-uncensored (installed) 2026-04-12 13:25:28 -05:00
3nd3r 8214f9c244 Enter key sends messages; admins can chat with Violet 
- Add keydown listener: Enter submits, Shift+Enter inserts newline
- Allow admin users (even guests) to PM Violet
 2026-04-12 13:03:34 -05:00
3nd3r 496701c713 Fix #9: Fix context menu breaking after first use 
- Remove cloneNode/replaceWith pattern that orphaned the reference
- Re-bind onclick handlers directly on the existing DOM node
- Context menu now works reliably on every right-click
 2026-04-12 12:56:33 -05:00
3nd3r 46ba1d7273 Fix #6: Add missing DOM elements, fix null references 
- Add violet-trial-badge span to index.html header
- Add null guard in updateVioletBadge() for safety
- Remove dead $('tab-ai-violet') reference (Violet tab is dynamic)
- Fix duplicate trialBadge declaration and restore hidden logic
 2026-04-12 12:55:20 -05:00
3nd3r cdfbb666b9 Fix #5: Fix broken E2E encryption for user-to-user PMs 
- User-to-user PMs now use a server-derived shared room key (HMAC-SHA256)
  instead of each user's personal PBKDF2 key (which differed per user,
  making cross-user decryption impossible)
- Server sends room_key in pm_ready, pm_invite, and pm/history responses
- crypto.js: add importKeyBase64() for importing server-provided keys
- chat.js: use sharedKey for encrypt/decrypt in user-to-user PMs
- Violet AI transit encryption still uses personal key (unchanged)
- PM history decryption now handles errors gracefully per-message
- Encodes otherUser in history URL to prevent injection
 2026-04-12 12:54:09 -05:00
3nd3r be3503b31b Fix #3: Remove client-exploitable payment endpoint 
- Payment endpoint no longer uses @_require_auth (not client-callable)
- Identifies user from webhook payload user_id instead of client JWT
- Removed hardcoded payment secret from chat.js
- Client now shows placeholder message directing to admin
- Webhook secret + user_id must come from payment provider server
 2026-04-12 12:51:31 -05:00
Antigravity c514c5fb73 Fix Lobby tab switching and message submission logic 2026-04-12 18:15:44 +01:00
ComputerTech ad510c57e1 Initial commit: SexyChat (Aphrodite) v1.0 2026-04-12 17:55:40 +01:00