- Updated decodePubkeyText function to support JSON input for NIP-98 events, improving flexibility in pubkey formats.
- Enhanced processPubkey function to handle signed NIP-98 events directly, streamlining the login process.
- Normalized input handling by trimming whitespace and stripping newlines, ensuring robust pubkey validation.
These changes improve the user experience by allowing more diverse input formats for pubkeys and simplifying the login flow.
- Added ZapsModule to the application, integrating it into the main app and webhooks modules.
- Introduced a new method in BTCPayService for processing payments to Lightning addresses, improving zap payout functionality.
- Updated WebhooksService to handle zap payment events, allowing for seamless integration of zap transactions.
- Enhanced UI components to display zap-related information, including zaps count and avatar stacks, improving user engagement.
These changes enhance the overall zap payment experience and ensure better integration of zap functionalities across the application.
- Added conditional rendering for payment confirmation messages based on the presence of a verify URL.
- Introduced a manual confirmation button for providers that do not send automatic confirmations, improving user interaction.
- Implemented a new function, markAsPaid, to handle user confirmations and trigger success state for zaps to direct Lightning addresses.
These changes enhance the user experience by providing clearer instructions and feedback during the payment process.
- Removed conditional rendering for the Nostr login button, ensuring it is always displayed when the extension is available.
- Enhanced the Amber login flow with clearer messaging during the waiting phases for pubkey and signature.
- Added paste fallback options for users in case clipboard functionality fails, improving user experience during the login process.
These changes streamline the authentication experience and provide better feedback to users during the login phases.
- Enhanced the sendPaymentWithAddress method in BTCPayService and StrikeService to accept an optional comment parameter.
- Updated resolveLightningAddress to include the comment in the callback URL if supported by the LNURL-pay endpoint.
- Modified PaymentService to construct a descriptive comment for Lightning invoices, improving clarity for users.
These changes enhance the payment experience by allowing users to include contextual information with their transactions.
- ZapModal now polls LNURL verify URL for automatic payment detection
instead of requiring manual "Done" click
- Added lightning bolt celebration animation on zap success with
random fun quotes
- Show "Zapped by" section on film detail modal with profile pics,
amounts, and avatar pills (like Primal/Yakihonne)
- useNostr now subscribes to kind 9735 zap receipts per content,
parses sender pubkey from embedded zap request, and fetches profiles
- Fixed most-zapped algorithm to also parse the description tag in
zap receipts for content matching (NIP-57 embedded zap requests)
Co-authored-by: Cursor <cursoragent@cursor.com>
The /filmmakers/project/:id/owner endpoint returns a FilmmakerDTO
which doesn't include lightningAddress. Now correctly fetches the
owner's filmmaker ID first, then calls /filmmakers/:id/lightning-address
to get their actual lightning address for zap invoice generation.
Co-authored-by: Cursor <cursoragent@cursor.com>
- Introduced a new KeysModal component to display and manage nsec/npub for accounts with local private keys.
- Updated AppHeader and Profile views to include a "My Keys" button, conditionally rendered based on the presence of a private key.
- Enhanced the useAccounts composable to determine if the active account holds a local private key, enabling key management functionality.
These changes improve user access to their private key information and enhance the overall account management experience.
- Updated the WebhooksService to differentiate between 'InvoiceSettled' and 'InvoicePaymentSettled' events, ensuring accurate payment confirmation and logging.
- Enhanced the useAccounts composable to improve display name handling by skipping generic placeholder names and ensuring the most recent profile metadata is fetched from multiple relays.
- Modified the IndeehubApiService to handle JWT token refresh failures gracefully, allowing public endpoints to function without authentication.
- Updated content store logic to fetch all published projects from the public API, ensuring backstage content is visible to all users regardless of their active content source.
These changes improve the reliability of payment processing, enhance user profile representation, and ensure content visibility across the application.
- Added content store integration to re-fetch content after successful Amber login, ensuring backstage-published projects are merged into the active catalog.
- Updated comments for clarity regarding the login flow and account registration timing.
This change enhances the user experience by ensuring that the content is up-to-date immediately after authentication.
- Updated the AuthModal to reset the amberUnsignedEvent state during various phases of the login process.
- Improved handling of the unsigned NIP-98 event for better reuse during signing.
- Enhanced error handling to ensure the correct event data is used when authenticating with Amber.
These changes streamline the Amber login experience and improve state management for the signing process.
- Replaced robohash image source with user-defined profile picture in AppHeader.
- Enhanced name display with truncation for better UI consistency.
- Introduced caching and fetching of Nostr profile metadata in useAccounts.
- Added computed properties for active profile and profile picture to streamline user data retrieval.
This update improves the user experience by ensuring accurate profile representation and efficient data management.
- Added support for an optional 'format' query parameter in the streaming endpoint to allow raw file retrieval.
- Implemented a fallback mechanism in the VideoPlayer to automatically switch to raw file playback when HLS streaming fails.
- Improved error handling and logging for HLS playback issues, ensuring better user feedback and recovery attempts.
- Updated the Indeehub API service to accommodate the new format parameter in the streaming URL request.
- Updated the loader configuration in the HLS setup to ensure compatibility with TypeScript by casting KeyRewriteLoader to any. This change addresses type-checking issues while maintaining the functionality of key URL rewriting for HLS playback.
- Introduced recovery attempts for HLS errors to prevent infinite loops.
- Added detailed logging for HLS errors, including fragment URLs and response statuses.
- Implemented a custom loader to rewrite AES-128 key URLs to resolve against the app backend.
- Improved user feedback for playback errors based on recovery attempts.
Co-authored-by: Cursor <cursoragent@cursor.com>
- Updated Amber login button to reflect new three-phase process.
- Added handling for reading public key and signature from clipboard.
- Introduced new state management for Amber login phases.
- Enhanced user feedback during each phase with appropriate messaging.
- Refactored related functions for clarity and maintainability.
- "Go back" replaced with red italic "fuck you, I wanna be lame"
- After dismissing, sovereign trap no longer intercepts clicks
- Form fields become real inputs (email/password) for actual use
- sovereignDismissed state resets when modal reopens or closes
Co-authored-by: Cursor <cursoragent@cursor.com>
Cards now scale to match the Algos grid proportions at each breakpoint
(1/3, 1/4, 1/5, 1/6 of viewport) while remaining in a horizontally
scrolling flex row with nav buttons on desktop.
Co-authored-by: Cursor <cursoragent@cursor.com>
ContentRow and Browse My List sections now use a responsive CSS grid
instead of fixed-width cards in a horizontal scroll:
- Mobile: 2 columns grid
- md (768px): 3 columns
- lg (1024px): 4 columns
- xl (1280px): 5 columns
- 2xl (1536px): 6 columns
Cards fill the available width at every breakpoint, matching the
Algos/Trending tab grid layout for visual consistency.
Scroll nav buttons hidden on desktop (grid doesn't scroll).
Co-authored-by: Cursor <cursoragent@cursor.com>
Cards were feeling too large at 5 per row. Updated calc to fit 6
cards uniformly across ContentRow and Browse (My List sections).
Co-authored-by: Cursor <cursoragent@cursor.com>
Root cause: HLS content is AES-128 encrypted, but the key endpoint
required mandatory auth (HybridAuthGuard). HLS.js fetches the key
without auth headers, causing a silent 401 and playback failure.
Backend:
- Changed key.controller.ts to use OptionalHybridAuthGuard
- Free content (price <= 0) now serves keys without authentication
- Paid content still requires auth, returns 401 for anon requests
- Added Content entity injection to look up pricing
Frontend:
- Configured HLS.js xhrSetup to attach Bearer token on /key requests
- Uses nostr_token or auth_token from sessionStorage
- Ensures logged-in users can play paid encrypted content
Co-authored-by: Cursor <cursoragent@cursor.com>
- NAH! text now slides in from the left with a scale punch and glow
- Own your privacy phase slides in from the left with a smooth fade
- Close button restyled to match ContentDetailModal (circular, glassmorphism, blur)
Co-authored-by: Cursor <cursoragent@cursor.com>
- Modal now opens in register mode by default instead of login
- Removed the subtitle text under the heading
- Fake form fields update based on mode (Create a password vs Enter)
- Toggle text reads "Already have an account? Sign in" first
- Forgot password only shows in login mode
Co-authored-by: Cursor <cursoragent@cursor.com>
When users click on the legacy email/password form, the form zooms
out and a bold "NAH!" animates in. This transitions to an
"Own your privacy" message with a "Generate Sovereign Identity"
button that creates a new Nostr keypair, logs the user in, and
presents a red glassmorphism "Download your new identity" button
that saves the nsec/npub keypair to a text file.
Uses applesauce PrivateKeyAccount.fromKey() for proper account
registration and persistence.
Co-authored-by: Cursor <cursoragent@cursor.com>
Replaced the hero-info-button class with a dark glass morphism style
matching the nav buttons — dark translucent background, subtle inset
highlight, backdrop blur, and hover lift. Added an -or- divider
between the Nostr Extension and Amber login options.
Co-authored-by: Cursor <cursoragent@cursor.com>
Replace the flat #141414 grey background with a dark glass container
matching the header's floating-glass style — rgba(6,6,6,0.92) with
backdrop-filter blur, subtle white/6% border, and layered shadows.
Updated the hero gradient to blend seamlessly into the new base.
Co-authored-by: Cursor <cursoragent@cursor.com>
Reordered the right-side header actions so the search icon appears
before the Sign In button when the user is not authenticated.
Co-authored-by: Cursor <cursoragent@cursor.com>
- Stream endpoint now accepts both content ID and project ID,
falling back to project lookup when content ID is not found
- Added /contents/:id/stream-debug diagnostic endpoint that checks
file existence in both private and public MinIO buckets
- Stream endpoint now verifies raw file exists before generating
presigned URL, returning a clear error if file is missing
- Added comprehensive logging throughout the stream pipeline
- VideoPlayer now logs stream URL, API responses, and playback errors
to browser console for easier debugging
- Bumped CACHEBUST for frontend (19), API (11), and ffmpeg-worker (13)
Co-authored-by: Cursor <cursoragent@cursor.com>
Cards used a fixed 280px width which showed ~6 on most desktops.
Algorithm filter tabs used a 5-column grid. This mismatch caused
layout jumping when switching tabs.
Now uses calc((100vw - 12rem) / 5) so exactly 5 cards are visible
on desktop for all scroll rows (Films, My List, Rentals, etc.),
matching the 5-column grid in filter views. Mobile stays at 200px.
Co-authored-by: Cursor <cursoragent@cursor.com>
Mobile browsers block navigator.clipboard.readText() unless called
inside a user gesture (tap/click). The old flow relied on the
visibilitychange event to auto-read the clipboard when the user
returned from Amber, which silently failed.
New flow:
1. User taps "Sign in with Amber" → opens Amber via Android intent
2. User approves in Amber → pubkey copied to clipboard
3. User returns to browser → sees "Complete Sign-in" button
4. User taps "Complete Sign-in" → clipboard read succeeds (user gesture)
5. Pubkey decoded, account registered, backend session created
Also handles npub/nprofile decoding and provides clear error messages
for empty clipboard, missing permissions, and non-Android devices.
Co-authored-by: Cursor <cursoragent@cursor.com>
vue-tsc flagged variables as unused since their template references are
inside HTML comments. Prefix with underscores and comment out the
related functions/imports so the production build passes cleanly.
Co-authored-by: Cursor <cursoragent@cursor.com>
These are dev/testing tools that shouldn't be visible in production.
Commented out for now so they can be re-enabled easily.
Co-authored-by: Cursor <cursoragent@cursor.com>
The rental check catch block was incorrectly setting hasActiveRental=true
for project owners when the API call failed (e.g. auth token not synced).
This showed a "Rented" badge with no time remaining and hid the rent button.
- Separate "owner can play" from "has active rental" via new isOwner computed
- canPlay now includes isOwner so owners always have playback access
- Catch block no longer fakes a rental — keeps the badge accurate
- New purple "Your project" badge for owners (distinct from green "Rented")
Co-authored-by: Cursor <cursoragent@cursor.com>
- Revised .env.portainer to update sensitive credentials and streamline comments for clarity.
- Adjusted docker-compose.yml to remove unnecessary variable references, enhancing readability and maintainability.
- Updated VideoPlayer component to improve type handling and refactor seeking logic for better performance.
- Enhanced library service to include providerId in the rentContent method for improved data handling.
- Refactored auth store to integrate account management functionality.
- Cleaned up ProjectEditor and Settings views by removing unused computed properties and refining method types.
- Updated docker-compose.yml to include environment variable support for services, enhancing flexibility in configuration.
- Refactored Dockerfile to utilize build arguments for VITE environment variables, allowing for better customization during builds.
- Improved Nginx configuration to handle larger video uploads by increasing client_max_body_size to 5GB.
- Enhanced backend Dockerfile to include wget for health checks and improved startup logging for database migrations.
- Added validation for critical environment variables in the backend to ensure necessary configurations are present before application startup.
- Updated content streaming logic to support direct HLS URL construction, improving streaming reliability and user experience.
- Refactored various components and services to streamline access checks and improve error handling during content playback.
- Integrated HLS.js version 1.6.15 into the project for improved video streaming capabilities.
- Updated the ContentsController to check for HLS manifest availability and fall back to presigned URLs for original files if not found.
- Enhanced the VideoPlayer component to handle loading and error states more effectively, improving user experience during streaming.
- Refactored content service methods to return detailed streaming information, including HLS and DASH manifest URLs.
- Updated the BTCPay service to support internal Lightning invoices with private route hints, improving payment routing for users with private channels.
- Added reconciliation methods for pending rents and subscriptions to ensure missed payments are processed on startup.
- Enhanced the rental and subscription services to handle payments in satoshis, aligning with Lightning Network standards.
- Improved the rental modal and content detail components to display rental status and pricing more clearly, including a countdown for rental expiration.
- Refactored various components to streamline user experience and ensure accurate rental access checks.
- Added a new `api` service for the NestJS backend, including health checks and dependencies on PostgreSQL, Redis, and MinIO.
- Introduced PostgreSQL and Redis services with health checks and configurations for data persistence.
- Added MinIO for S3-compatible object storage and a one-shot service to initialize required buckets.
- Updated the Nginx configuration to proxy requests to the new backend API and MinIO storage.
- Enhanced the Dockerfile to support the new API environment variables and configurations.
- Updated the `package.json` and `package-lock.json` to include new dependencies for QR code generation and other utilities.
Co-authored-by: Cursor <cursoragent@cursor.com>
- Updated the `seedComments` function to return an array of published comment event IDs for tracking.
- Introduced `seedCommentReactions` to seed upvotes and downvotes on comments, improving interaction visibility.
- Enhanced the `App.vue` and `MobileNav.vue` components to support a mobile search overlay, allowing users to search films seamlessly.
- Added a new `MobileSearch` component for better search experience on mobile devices.
- Implemented a search feature in `AppHeader.vue` with dropdown results for improved content discovery.
Co-authored-by: Cursor <cursoragent@cursor.com>
- Added new composable `usecontentdiscovery` and `contentsource` to support additional content sources in the application.
- Removed unused `isAmberSupported` from the AuthModal component to streamline the authentication process.
Co-authored-by: Cursor <cursoragent@cursor.com>
- Introduced a new content source toggle in the profile and app header to switch between IndeeHub and TopDoc films.
- Updated the content fetching logic to dynamically load content based on the selected source.
- Enhanced the seeding process to include a combined catalog of IndeeHub and TopDoc films, ensuring diverse content availability.
- Improved user interaction by preventing duplicate reactions and ensuring a smoother voting experience across comments and content.
- Added support for Amber login (NIP-55) for Android users, integrating it into the existing authentication flow.
Co-authored-by: Cursor <cursoragent@cursor.com>
The app had two disconnected auth systems:
- Auth store (useAuth): controls isAuthenticated, subscription, My List
- Account manager (useAccounts): controls isNostrLoggedIn, comments
Previously each login path only populated one system:
- Persona login → Nostr only (no subscription/My List)
- AuthModal Nostr → Auth store only (no commenting)
- Extension login → Nostr only (no subscription/My List)
Now every login path bridges both systems:
- Persona/extension login also calls auth store loginWithNostr
- AuthModal Nostr login also registers extension in accountManager
- Logout already cleared both (no change needed)
Co-authored-by: Cursor <cursoragent@cursor.com>
- Wrap inline algo buttons in a hidden/flex container so the
parent div controls visibility instead of per-button classes
(scoped .nav-button display:inline-block was overriding
Tailwind's hidden class)
- Add flex-shrink-0 to logo link so it never gets squeezed out
on narrower desktop screens
- Reduce logo-to-nav gap on md screens (gap-4) to prevent
overflow, widen to gap-10 at lg+
Co-authored-by: Cursor <cursoragent@cursor.com>
- Top-level comments keep their existing layout (avatar, name,
timestamp, text, action bar)
- Replies now render in a rounded glass bubble with subtle
background and border, chat-message style (flat top-left
corner, rounded on the other three)
- Smaller avatars and more compact action buttons for replies
- Reply form pulled outside the comment layout for cleaner
nesting at all depths
- Better spacing between comment threads
Co-authored-by: Cursor <cursoragent@cursor.com>
- Top-level comments render as glass-card bubbles with subtle
border, backdrop blur, and hover highlight
- Replies use a lighter, more compact bubble variant
- Threaded replies connected by a vertical line on the left
instead of raw margin indentation
- Action buttons (upvote, downvote, reply, expand) styled as
pill-shaped micro-buttons inside each bubble
- Reply form nests inline within the parent bubble
- Proper spacing and responsive padding at all nesting depths
Co-authored-by: Cursor <cursoragent@cursor.com>
- Clicking My List when not logged in now opens the auth modal
directly instead of navigating to a page with a sign-in button
- After successful login, auto-redirects to /library (My List)
- Works on both desktop header and mobile tab bar
- App.vue tracks a pending redirect path so the post-login
navigation happens seamlessly
- Direct URL navigation to /library when not logged in also
triggers the modal and redirects back to Films
Co-authored-by: Cursor <cursoragent@cursor.com>
- Replace broken shield SVG in auth modal Nostr login button
with a proper key icon (matches Nostr's key-based identity)
- Show algorithm filter buttons inline on xl+ screens (1280px+)
where there's room for all of them
- Collapse into "Algos" dropdown on md–xl screens to prevent
overflow when the header is too narrow
Co-authored-by: Cursor <cursoragent@cursor.com>
