Web push notifications (#4942)

* WIP push notifications

* testing push

* cleanup for web-push bootstrapping

Author: timothycarambat

.github/workflows/dev-build.yaml

@@ -6,19 +6,19 @@ concurrency:
 
 on:
   push:
-    branches: ['onboarding-flag'] # put your current branch to create a build. Core team only.
+    branches: ["web-push-notifications-bootstrap"] # put your current branch to create a build. Core team only.
     paths-ignore:
-      - '**.md'
-      - 'cloud-deployments/*'
-      - 'images/**/*'
-      - '.vscode/**/*'
-      - '**/.env.example'
-      - '.github/ISSUE_TEMPLATE/**/*'
-      - '.devcontainer/**/*'
-      - 'embed/**/*' # Embed should be published to frontend (yarn build:publish) if any changes are introduced
-      - 'browser-extension/**/*' # Chrome extension is submodule
-      - 'server/utils/agents/aibitat/example/**/*' # Do not push new image for local dev testing of new aibitat images.
-      - 'extras/**/*' # Extra is just for news and other local content.
+      - "**.md"
+      - "cloud-deployments/*"
+      - "images/**/*"
+      - ".vscode/**/*"
+      - "**/.env.example"
+      - ".github/ISSUE_TEMPLATE/**/*"
+      - ".devcontainer/**/*"
+      - "embed/**/*" # Embed should be published to frontend (yarn build:publish) if any changes are introduced
+      - "browser-extension/**/*" # Chrome extension is submodule
+      - "server/utils/agents/aibitat/example/**/*" # Do not push new image for local dev testing of new aibitat images.
+      - "extras/**/*" # Extra is just for news and other local content.
 
 jobs:
   push_dev_build_to_dockerhub:
@@ -48,15 +48,15 @@ jobs:
         uses: docker/setup-buildx-action@v3
         with:
           version: v0.22.0
-      
+
       - name: Log in to Docker Hub
         uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
         # Only login to the Docker Hub if the repo is mintplex/anythingllm, to allow for forks to build on GHCR
-        if: steps.dockerhub.outputs.enabled == 'true' 
+        if: steps.dockerhub.outputs.enabled == 'true'
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
-   
+
       - name: Extract metadata (tags, labels) for Docker
         id: meta
         uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
@@ -82,7 +82,7 @@ jobs:
 
       # For Docker scout there are some intermediary reported CVEs which exists outside
       # of execution content or are unreachable by an attacker but exist in image.
-      # We create VEX files for these so they don't show in scout summary. 
+      # We create VEX files for these so they don't show in scout summary.
       - name: Collect known and verified CVE exceptions
         id: cve-list
         run: |
@@ -116,4 +116,4 @@ jobs:
               $tag
             done
           done
-        shell: bash
+        shell: bash

frontend/public/service-workers/push-notifications.js

@@ -0,0 +1,26 @@
+function parseEventData(event) {
+    try {
+      return event.data.json();
+    } catch (e) {
+      console.error('Failed to parse event data - is payload valid? .text():\n', event.data.text());
+      return null
+    }
+  }
+  
+  self.addEventListener('push', function (event) {
+    const payload = parseEventData(event);
+    if (!payload) return;
+  
+    // options: https://developer.mozilla.org/en-US/docs/Web/API/ServiceWorkerRegistration/showNotification#options
+    self.registration.showNotification(payload.title || 'AnythingLLM', {
+      ...payload,
+      icon: '/favicon.png',
+    });
+  });
+  
+  self.addEventListener('notificationclick', function (event) {
+    event.notification.close();
+    const { onClickUrl = null } = event.notification.data || {};
+    if (!onClickUrl) return;
+    event.waitUntil(clients.openWindow(onClickUrl));
+  });

frontend/src/hooks/useWebPushNotifications.js

@@ -0,0 +1,123 @@
+import { useEffect } from "react";
+import { API_BASE } from "@/utils/constants";
+import { baseHeaders } from "@/utils/request";
+
+const PUSH_PUBKEY_URL = `${API_BASE}/web-push/pubkey`;
+const PUSH_USER_SUBSCRIBE_URL = `${API_BASE}/web-push/subscribe`;
+
+// If you update the service worker, increment this version or else
+// the service worker will not be updated with new changes -
+// Its version ID is independent of the app version to prevent reloading
+// or cache busting when not needed.
+const SW_VERSION = "1.0.0";
+
+function log(message, ...args) {
+  if (typeof message === "object") message = JSON.stringify(message, null, 2);
+  console.log(`[useWebPushNotifications] ${message}`, ...args);
+}
+
+/**
+ * Subscribes to push notifications for the current client - can be called multiple times without re-subscribing
+ * or generating infinite tokens.
+ * @returns {void}
+ */
+export async function subscribeToPushNotifications() {
+  try {
+    if (!("serviceWorker" in navigator) || !("PushManager" in window)) {
+      log("Push notifications not supported");
+      return;
+    }
+
+    // Check current permission status
+    const permission = await Notification.requestPermission();
+    if (permission !== "granted") {
+      log("Notification permission not granted");
+      return;
+    }
+
+    const publicKey = await fetch(PUSH_PUBKEY_URL, { headers: baseHeaders() })
+      .then((res) => res.json())
+      .then(({ publicKey }) => {
+        if (!publicKey) throw new Error("No public key found or generated");
+        return publicKey;
+      })
+      .catch(() => null);
+
+    if (!publicKey) return log("No public key found or generated");
+
+    const swReg = await navigator.serviceWorker.register(
+      `/service-workers/push-notifications.js?v=${SW_VERSION}`
+    );
+
+    // Check for updates
+    swReg.addEventListener("updatefound", () => {
+      const newWorker = swReg.installing;
+      log("Service worker update found");
+
+      newWorker.addEventListener("statechange", () => {
+        if (
+          newWorker.state === "installed" &&
+          navigator.serviceWorker.controller
+        ) {
+          // New service worker is installed and ready
+          log("New service worker installed, ready to activate");
+
+          // Optionally show a notification to the user
+          if (confirm("A new version is available. Reload to update?")) {
+            window.location.reload();
+          }
+        }
+      });
+    });
+
+    // Handle service worker updates
+    navigator.serviceWorker.addEventListener("controllerchange", () => {
+      log("Service worker controller changed");
+    });
+
+    if (swReg.installing) {
+      await new Promise((resolve) => {
+        swReg.installing.addEventListener("statechange", () => {
+          if (swReg.installing?.state === "activated") resolve();
+        });
+      });
+    } else if (swReg.waiting) {
+      await new Promise((resolve) => {
+        swReg.waiting.addEventListener("statechange", () => {
+          if (swReg.waiting?.state === "activated") resolve();
+        });
+      });
+    }
+
+    const subscription = await swReg.pushManager.subscribe({
+      userVisibleOnly: true,
+      applicationServerKey: urlBase64ToUint8Array(publicKey),
+    });
+    await fetch(PUSH_USER_SUBSCRIBE_URL, {
+      method: "POST",
+      body: JSON.stringify(subscription),
+      headers: baseHeaders(),
+    });
+  } catch (error) {
+    log("Error subscribing to push notifications", error);
+  }
+}
+
+/**
+ * Hook that registers a service worker for push notifications.
+ * @returns {void}
+ */
+export default function useWebPushNotifications() {
+  useEffect(() => {
+    subscribeToPushNotifications();
+  }, []);
+}
+
+function urlBase64ToUint8Array(base64String) {
+  const padding = "=".repeat((4 - (base64String.length % 4)) % 4);
+  const base64 = (base64String + padding)
+    .replace(/\-/g, "+")
+    .replace(/_/g, "/");
+  const rawData = atob(base64);
+  return new Uint8Array([...rawData].map((char) => char.charCodeAt(0)));
+}

server/.gitignore

@@ -15,6 +15,7 @@ storage/plugins/agent-flows/*
 storage/plugins/office-extensions/*
 storage/plugins/anythingllm_mcp_servers.json
 !storage/documents/DOCUMENTS.md
+storage/push-notifications/*
 storage/direct-uploads
 logs/server.log
 *.db

server/endpoints/webPush.js

@@ -0,0 +1,27 @@
+const { reqBody } = require("../utils/http");
+const { validatedRequest } = require("../utils/middleware/validatedRequest");
+const { pushNotificationService } = require("../utils/PushNotifications");
+
+function webPushEndpoints(app) {
+  if (!app) return;
+
+  app.post(
+    "/web-push/subscribe",
+    [validatedRequest],
+    async (request, response) => {
+      const subscription = reqBody(request);
+      await pushNotificationService.registerSubscription(
+        response.locals.user,
+        subscription
+      );
+      response.status(201).json({});
+    }
+  );
+
+  app.get("/web-push/pubkey", [validatedRequest], (_request, response) => {
+    const publicKey = pushNotificationService.publicVapidKey;
+    response.status(200).json({ publicKey });
+  });
+}
+
+module.exports = { webPushEndpoints };

server/index.js

@@ -29,6 +29,7 @@ const { communityHubEndpoints } = require("./endpoints/communityHub");
 const { agentFlowEndpoints } = require("./endpoints/agentFlows");
 const { mcpServersEndpoints } = require("./endpoints/mcpServers");
 const { mobileEndpoints } = require("./endpoints/mobile");
+const { webPushEndpoints } = require("./endpoints/webPush");
 const { httpLogger } = require("./middleware/httpLogger");
 const app = express();
 const apiRouter = express.Router();
@@ -79,7 +80,7 @@ communityHubEndpoints(apiRouter);
 agentFlowEndpoints(apiRouter);
 mcpServersEndpoints(apiRouter);
 mobileEndpoints(apiRouter);
-
+webPushEndpoints(apiRouter);
 // Externally facing embedder endpoints
 embeddedEndpoints(apiRouter);
 

server/models/user.js

@@ -87,7 +87,7 @@ const User = {
   },
 
   filterFields: function (user = {}) {
-    const { password, ...rest } = user;
+    const { password, web_push_subscription_config, ...rest } = user;
     return { ...rest };
   },
   _identifyErrorAndFormatMessage: function (error) {
@@ -217,9 +217,14 @@ const User = {
     }
   },
 
-  // Explicit direct update of user object.
-  // Only use this method when directly setting a key value
-  // that takes no user input for the keys being modified.
+  /**
+   * Explicit direct update of user object.
+   * Only use this method when directly setting a key value
+   * that takes no user input for the keys being modified.
+   * @param {number} id - The id of the user to update.
+   * @param {Object} data - The data to update the user with.
+   * @returns {Promise<Object>} The updated user object.
+   */
   _update: async function (id = null, data = {}) {
     if (!id) throw new Error("No user id provided for update");
 
@@ -235,6 +240,26 @@ const User = {
     }
   },
 
+  /**
+   * Get all users that match the given clause without filtering the fields.
+   * Internal use only - do not use this method for user-input flows
+   * @param {Object} clause - The clause to filter the users by.
+   * @param {number|null} limit - The maximum number of users to return.
+   * @returns {Promise<Array<User>>} The users that match the given clause.
+   */
+  _where: async function (clause = {}, limit = null) {
+    try {
+      const users = await prisma.users.findMany({
+        where: clause,
+        ...(limit !== null ? { take: limit } : {}),
+      });
+      return users;
+    } catch (error) {
+      console.error(error.message);
+      return [];
+    }
+  },
+
   /**
    * Returns a user object based on the clause provided.
    * @param {Object} clause - The clause to use to find the user.

server/package.json

@@ -84,6 +84,7 @@
     "uuid": "^9.0.0",
     "uuid-apikey": "^1.5.3",
     "weaviate-ts-client": "^1.4.0",
+    "web-push": "^3.6.7",
     "winston": "^3.13.0"
   },
   "resolutions": {

server/prisma/migrations/20260130040204_init/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "users" ADD COLUMN "web_push_subscription_config" TEXT;

server/prisma/schema.prisma

@@ -58,32 +58,33 @@ model system_settings {
 }
 
 model users {
-  id                          Int                           @id @default(autoincrement())
-  username                    String?                       @unique
-  password                    String
-  pfpFilename                 String?
-  role                        String                        @default("default")
-  suspended                   Int                           @default(0)
-  seen_recovery_codes         Boolean?                      @default(false)
-  createdAt                   DateTime                      @default(now())
-  lastUpdatedAt               DateTime                      @default(now())
-  dailyMessageLimit           Int?
-  bio                         String?                       @default("")
-  workspace_chats             workspace_chats[]
-  workspace_users             workspace_users[]
-  embed_configs               embed_configs[]
-  embed_chats                 embed_chats[]
-  threads                     workspace_threads[]
-  recovery_codes              recovery_codes[]
-  password_reset_tokens       password_reset_tokens[]
-  workspace_agent_invocations workspace_agent_invocations[]
-  slash_command_presets       slash_command_presets[]
-  browser_extension_api_keys  browser_extension_api_keys[]
-  temporary_auth_tokens       temporary_auth_tokens[]
-  system_prompt_variables     system_prompt_variables[]
-  prompt_history              prompt_history[]
-  desktop_mobile_devices      desktop_mobile_devices[]
-  workspace_parsed_files      workspace_parsed_files[]
+  id                           Int                           @id @default(autoincrement())
+  username                     String?                       @unique
+  password                     String
+  pfpFilename                  String?
+  role                         String                        @default("default")
+  suspended                    Int                           @default(0)
+  seen_recovery_codes          Boolean?                      @default(false)
+  createdAt                    DateTime                      @default(now())
+  lastUpdatedAt                DateTime                      @default(now())
+  dailyMessageLimit            Int?
+  bio                          String?                       @default("")
+  web_push_subscription_config String?
+  workspace_chats              workspace_chats[]
+  workspace_users              workspace_users[]
+  embed_configs                embed_configs[]
+  embed_chats                  embed_chats[]
+  threads                      workspace_threads[]
+  recovery_codes               recovery_codes[]
+  password_reset_tokens        password_reset_tokens[]
+  workspace_agent_invocations  workspace_agent_invocations[]
+  slash_command_presets        slash_command_presets[]
+  browser_extension_api_keys   browser_extension_api_keys[]
+  temporary_auth_tokens        temporary_auth_tokens[]
+  system_prompt_variables      system_prompt_variables[]
+  prompt_history               prompt_history[]
+  desktop_mobile_devices       desktop_mobile_devices[]
+  workspace_parsed_files       workspace_parsed_files[]
 }
 
 model recovery_codes {