feat(push): owner-only subscribe/unsubscribe endpoints + VAPID config (T10)

POST/DELETE /api/subscriptions gated to the configured owner; runtime
config carries the public VAPID key, owner email and the signing secret.
This commit is contained in:
Julien Calixte
2026-05-28 01:20:20 +02:00
parent 5016c5cd47
commit ea7384591c
4 changed files with 74 additions and 4 deletions

View File

@@ -6,6 +6,18 @@ export default defineNuxtConfig({
devtools: { enabled: true },
modules: ['@nuxt/eslint', '@nuxt/test-utils/module', 'nuxt-auth-utils'],
css: ['~/assets/css/main.css'],
runtimeConfig: {
// VAPID private key + subject for signing Web Push (server-only, T11).
vapidPrivateKey: '', // NUXT_VAPID_PRIVATE_KEY
vapidSubject: '', // NUXT_VAPID_SUBJECT
public: {
// VAPID public key the browser subscribes with (T10).
vapidPublicKey: '', // NUXT_PUBLIC_VAPID_PUBLIC_KEY
// The single owner allowed to enrol for push (G3). Not secret; gates both
// the server enrol endpoint and the client-side "Enable" button.
ownerEmail: '', // NUXT_PUBLIC_OWNER_EMAIL
},
},
// Tailwind v4 integrates as a Vite plugin (no @nuxtjs/tailwindcss module).
vite: {
plugins: [tailwindcss()],