Relocated the "Show/Hide Geofences" toggle button from floating
position (top-right corner) to the main header toolbar.
**Changes:**
- Moved toggle button to header, positioned between Export and Admin buttons
- Converted showGeofences from local state to prop passed from parent
- Button now matches header design system (same styling as Export/Admin)
- Purple background when active, white when inactive
- Better UX: All controls now in one consistent location
**New Button Position:**
Export | Show/Hide Geofences | Admin | Logout
Much cleaner and more intuitive than the floating button!
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed navigation access so that all users with ADMIN role can see
and access the Geofences menu item, not just the 'admin' user.
**Changes:**
- Added "Geofences" to navigation menu
- Set roles: ['ADMIN'] - accessible to all ADMIN users
- Set superAdminOnly: false - not restricted to 'admin' username
Now any user with ADMIN role can:
- Access /admin/geofences (management)
- Access /admin/geofences/events (event history)
- See geofence widget on dashboard
- View geofences on map
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implemented visual representation of geofences on the main map view:
**New Component:**
- GeofenceLayer.tsx - Renders active geofences as circles with:
- Configurable opacity (15% fill, 80% border)
- Color matching from geofence settings
- Interactive popups showing zone details (name, device, radius, coordinates)
- Auto-refresh every 30 seconds
**Map Integration:**
- Added toggle button to show/hide geofences (top-right corner)
- Purple button when active, white when hidden
- Only displays active geofences (is_active = 1)
- Geofences render below markers for better visibility
**Features:**
- Real-time sync with geofence management
- Responsive to geofence changes (color, radius, status)
- Clean visual hierarchy with location markers on top
- Hover/click popups for detailed zone information
Users can now visually see their geofence zones on the map and
understand the spatial relationship between device locations and zones.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implemented complete frontend for the Geofence MVP feature:
**Pages:**
- /admin/geofences - Management page with create/edit/delete modals
- /admin/geofences/events - Event history with stats and filters
- Dashboard widget showing active geofences and recent events
**Features:**
- Create/Edit geofences with device selection, coordinates, radius, and color
- Toggle active/inactive status
- View enter/exit events with notification status
- Auto-refresh every 30 seconds
- Zone limit enforcement (5 for users, unlimited for admins)
- Stats cards showing total events, enters, exits, and notifications
**API:**
- GET /api/geofences/events - Fetch events with optional filters
All frontend components follow the existing admin panel design system
with gradient backgrounds, shadow effects, and responsive layouts.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
**Documentation:**
- Added docs/geofence-testing.md with comprehensive test guide
- Includes all test scripts, manual testing procedures
- Troubleshooting section for common issues
- Cleanup instructions
**Configuration:**
- Updated admin user email to joachim.hummel@gmail.com
- Restored MQTT_BROKER_URL to mosquitto (Docker setup)
- Fixed test-mqtt-geofence.js to use admin credentials
**Test Results:**
✅ Database & Logic Test - Working perfectly
✅ Email Notification Test - Email sent successfully
✅ MQTT Integration - Server connects, receives messages
⚠️ Full chain test - Works but duplicate detection prevents retests
**What's Working:**
- Geofence creation and management via API
- Distance calculations (Haversine formula)
- Enter/Exit event generation with state tracking
- SMTP email delivery with React Email templates
- MQTT subscriber integration
**Ready for Production:**
The geofencing MVP is fully functional and ready for real-world
testing with OwnTracks devices sending unique location updates.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The MQTT_PUBLIC_BROKER_URL environment variable was defined in .env but
wasn't being passed to the app container in docker-compose.yml, causing
emails to still show the internal broker URL (mqtt://mosquitto:1883)
instead of the public one (mqtt://192.168.10.118:1883).
Changes:
- Added MQTT_PUBLIC_BROKER_URL to docker-compose.yml environment section
- Fixed .env to use proper format: mqtt://192.168.10.118:1883
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The MQTT broker URL in credential emails was using the internal Docker
address (mqtt://mosquitto:1883) which is not accessible from external
OwnTracks apps. Added MQTT_PUBLIC_BROKER_URL environment variable to
configure the publicly accessible broker address for client apps.
Changes:
- Add MQTT_PUBLIC_BROKER_URL to .env.example with documentation
- Update send-credentials route to use public URL with fallback
- Maintain backward compatibility with existing MQTT_BROKER_URL
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove obsolete reference to scripts/add-mqtt-tables.js
- MQTT tables are now created in init-database.js
- Fixes Docker build failure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove max reconnect attempts limit (was 10)
- MQTT subscriber now retries indefinitely until connection succeeds
- Reduce log spam by logging only first 10 attempts, then every 10th
- Prevents permanent connection loss after temporary network issues
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Move types/location.ts to lib/types.ts
- Update all imports from @/types/location to @/lib/types
- Remove empty types/ directory
- Better aligns with Next.js conventions
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add scripts/sync-mqtt-config.ts for standalone sync execution
- Update change-mqtt-admin-password.sh to use tsx to execute sync
- Now properly regenerates password.txt with new hashed password
- Mosquitto config is automatically reloaded after sync
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Remove automatic sync that required authentication. Users should either:
- Log into Admin Panel and click 'Sync MQTT Config'
- Or restart Mosquitto container to apply changes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Changed allow_anonymous from true to false in mosquitto.conf to prevent unauthorized access to the MQTT broker. Authentication is now required for all connections.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Replace placeholder graphics with actual screenshots for both security dashboard and admin panel. Simplify image display with consistent styling.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Downloaded admin panel screenshot from pCloud and saved to public folder
- Replaced placeholder icon with actual screenshot in homepage demo section
- Implemented responsive image display: full screenshot on desktop (object-contain), cropped view on mobile (object-cover)
- Image hosted locally for better performance and reliability
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add logout functionality to map page header:
- Import signOut from next-auth/react
- Add Logout button next to Admin button
- Use same red gradient styling as admin layout
- Redirect to /login after logout
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add closing div tags for relative wrapper elements:
- Close relative div in devices page card structure
- Close relative div in users page card structure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add gradient hero section with welcome message
- Redesign stat cards with colorful gradients and hover effects
- Update system status cards with color-coded backgrounds
- Enhance database statistics section with modern cards
- Modernize device list table with gradient headers
- Improve database maintenance section with better visual hierarchy
- Add gradient background to entire admin layout
- Update header with glassmorphism effect and modern badges
- Enhance navigation with improved active states and transitions
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
CRITICAL FIX: The OwnTracks app publishes to owntracks/<username>/<device_id>,
not owntracks/owntrack/<device_id>. This was causing data delivery failures
and privacy violations.
Changes:
- Fix ACL topic pattern: owntracks/<username>/# (was: owntracks/owntrack/<device_id>)
- Backend now uses MQTT_ADMIN_USERNAME for global subscription
- Update UI forms and placeholders with correct pattern
- Update email template with correct topic format
- Enable Mosquitto ACL file for user isolation
- Add migration script for existing ACL rules
- Update documentation (README, GEMINI.md)
Privacy & Security:
- Each user isolated at MQTT broker level via ACL
- Backend subscribes with admin credentials to owntracks/+/+
- Web UI filters data by parent_user_id for additional security
- GDPR compliant multi-layer defense in depth
Files changed:
- lib/mqtt-db.ts - Updated createDefaultRule() to use username
- app/api/mqtt/credentials/route.ts - Pass username to ACL creation
- app/admin/mqtt/page.tsx - UI forms and state management
- emails/mqtt-credentials.tsx - Email template topic pattern
- lib/mqtt-subscriber.ts - Use admin credentials from env
- mosquitto/config/mosquitto.conf - Enable ACL enforcement
- README.md, GEMINI.md - Documentation updates
- scripts/fix-acl-topic-patterns.js - Migration script
- MQTT_TOPIC_FIX.md - Detailed implementation guide
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Redesign header with consistent button heights and spacing
- Move all controls to single compact row on desktop
- Add proper visual hierarchy with subtle shadows and borders
- Implement modern color scheme (gray-50/200/300/700/900)
- Optimize spacing to maximize map visibility
- Improve responsive layout for mobile devices
- Add smooth transitions and hover states
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Changed hardcoded MQTT_BROKER_URL to read from .env file with fallback to mqtt://mosquitto:1883. This allows using external MQTT brokers like mqtt://tracking.unixweb.de:1883 by simply updating the .env file.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added documentation for:
- parent_user_id column in User table (hierarchical user management)
- mqtt_credentials table with device authentication
- mqtt_acl_rules table for topic permissions
- mqtt_sync_status table for broker synchronization
- All new database indexes
- Updated ER diagram with new relationships
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added MQTT credentials, ACL rules, and sync status tables for broker integration. Added parent_user_id column to User table for hierarchical user management.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
