MeshDD-Bot/.claude/CLAUDE.md

# MeshDD-Bot Project Memory

## Workflow Rules
- **Every commit** must include: version bump in `config.yaml` + CHANGELOG.md entry
- Version is in `config.yaml` (field `version:`), NOT in a separate version.py
- Changelog format: `## [x.y.z] - YYYY-MM-DD` with `### Added/Changed/Removed` sections

## Project Structure
- Config: `config/config.yaml` (live-reloaded via file watcher in `meshbot/config.py`)
- Bot: `meshbot/bot.py` - Meshtastic TCP, commands use `config.get("bot.command_prefix")`
- Auth: `meshbot/auth.py` - Session-Middleware, Passwort-Hashing, Auth-Routen, Admin-API, Email
- Web: `meshbot/webserver.py` - aiohttp + WebSocket + Auth-Integration
- DB: `meshbot/database.py` - SQLite via aiosqlite (nodes, messages, commands, users, tokens, email_logs)
- Scheduler: `meshbot/scheduler.py` - Cron-based job scheduler
- NINA: `meshbot/nina.py` - NINA-Warnmeldungen (Polling + WebSocket-Broadcast)
- Frontend: `static/` - Tabler CSS + Bootstrap 5.3 dark/light theme
- Shared JS: `static/js/app.js` - `initPage()`, Sidebar-Injection, Navbar, Theme, Auth-Check
- Entry: `main.py`

## Pages & Routes
- `/` - Dashboard (`static/index.html`, `static/js/dashboard.js`) - Public
- `/scheduler` - Scheduler (`static/scheduler.html`, `static/js/scheduler.js`) - Admin only
- `/nina` - NINA-Warnungen (`static/nina.html`, `static/js/nina.js`) - Admin only (Sidebar)
- `/map` - Leaflet map (`static/map.html`, `static/js/map.js`) - Public
- `/packets` - Paket-Log (`static/packets.html`, `static/js/packets.js`) - Public
- `/messages` - Nachrichtenverlauf (`static/messages.html`, `static/js/messages.js`) - Public
- `/settings` - Node config (`static/settings.html`, `static/js/settings.js`) - Admin only
- `/login` + `/register` - Auth (`static/login.html`, `static/js/login.js`)
- `/admin` - User management (`static/admin.html`, `static/js/admin.js`) - Admin only
- `/ws` - WebSocket endpoint

### Auth-Routen
`/auth/login`, `/auth/register`, `/auth/logout`, `/auth/verify`, `/auth/set-password`, `/auth/forgot-password`, `/auth/reset-password`

### API-Routen
| Endpunkt | Methode | Auth |
|----------|---------|------|
| `/api/nodes` | GET | Public |
| `/api/messages` | GET | Public |
| `/api/packets` | GET | Public |
| `/api/stats` | GET | Public |
| `/api/links` | GET | Public |
| `/api/send` | POST | User |
| `/api/node/config` | GET | Admin |
| `/api/scheduler/jobs` | GET | Public |
| `/api/scheduler/jobs` | POST | Admin |
| `/api/scheduler/jobs/{name}` | PUT/DELETE | Admin |
| `/api/nina/config` | GET/PUT | Admin |
| `/api/nina/alerts` | GET | Admin |
| `/api/auth/me` | GET | - |
| `/api/admin/users` | GET | Admin |
| `/api/admin/users/{id}/role` | PUT | Admin |
| `/api/admin/users/{id}/verify` | PUT | Admin |

## Rollen & Zugriffsrechte
| Bereich | Public | User | Admin |
|---------|--------|------|-------|
| `/`, `/map`, `/packets`, `/messages` | Ja | Ja | Ja |
| Dashboard Nachrichten senden (`/api/send`) | Nein | Ja | Ja |
| `/scheduler`, `/settings`, `/nina` | Nein | Nein | Ja |
| `/admin` | Nein | Nein | Ja |

## Frontend Layout Pattern
- Alle Seiten: Tabler CSS + Bootstrap 5.3, AdminLTE-Style (top-navbar 46px, sidebar 200px, content-wrapper)
- Sidebar wird per `app.js` (`_injectSidebar()`) dynamisch generiert – 8 Einträge:
  Dashboard, Scheduler (admin), NINA (admin), Karte, Pakete, Nachrichten (user), Einstellungen (admin), Benutzer (admin)
- Zugriffsklassen: `.sidebar-admin` (nur Admin), `.sidebar-user` (jeder eingeloggte User)
- Sichtbarkeit wird in `_updateSidebar(user)` per `style.display` gesteuert
- Jede Seite ruft `initPage({ onAuth })` aus `app.js` auf – übernimmt Auth-Check, Navbar, Sidebar, Theme
- Shared styles in `static/css/style.css`

## Key Details
- Meshtastic host configured in config.yaml, not env vars
- Bot start: `/home/peter/meshdd-bot/venv/bin/python main.py`
- Web port: 8081 (konfigurierbar via `web.port`)
- Forgejo remote with token in URL
- Current version: 0.08.16
- Protobuf objects converted via `google.protobuf.json_format.MessageToDict()`
- Auth: bcrypt (12 rounds), aiohttp-session EncryptedCookieStorage, aiosmtplib for emails
- SMTP fallback: if no smtp.host configured, verification links logged to console
- `web.online_threshold` (Default: 900 s): Online-Schwellwert für Nodes, zentral konfigurierbar
- `links:` in config.yaml: Liste mit `url` + `label`, wird über `/api/links` und Dashboard-Links-Card angezeigt