feat(messages): end-to-end encrypted real-time direct messaging backend

Private user-to-user messages are end-to-end encrypted: the server only ever
stores ciphertext + iv and acts as a key directory (public keys) plus an opaque
store for each user's private key, wrapped client-side with a passphrase the
server never sees — so not even an admin can read a conversation. A separate
kind=system message (plaintext, no sender) powers a server-authored Siftlode
welcome shown on first open, reusable later for announcements.

- models: rework Message (kind, nullable sender/body, ciphertext+iv) + MessageKey;
  migrations 0026 (table) + 0027 (E2EE rework).
- routes/messages.py: key directory/blob endpoints, ciphertext send, conversations
  + threads (system + user), lazy welcome, all gated by require_human.
- realtime.py: in-process WebSocket connection registry; /ws delivers sent
  messages to a user's open tabs instantly (sync-callable push, single-process).
This commit is contained in:
npeter83 2026-06-25 22:05:35 +02:00
parent c84f5d5fe5
commit 002a79949b
6 changed files with 625 additions and 0 deletions

View file

@ -0,0 +1,56 @@
"""user-to-user messages
Revision ID: 0026_messages
Revises: 0025_install_wizard
Create Date: 2026-06-25
Adds the `messages` table for direct user-to-user messaging (notification module phase 2).
A conversation is the set of rows between two users; both FKs cascade so a GDPR account
erasure removes that user's messages.
"""
from typing import Sequence, Union
import sqlalchemy as sa
from alembic import op
revision: str = "0026_messages"
down_revision: Union[str, None] = "0025_install_wizard"
branch_labels: Union[str, Sequence[str], None] = None
depends_on: Union[str, Sequence[str], None] = None
def upgrade() -> None:
op.create_table(
"messages",
sa.Column("id", sa.Integer(), primary_key=True),
sa.Column(
"sender_id",
sa.Integer(),
sa.ForeignKey("users.id", ondelete="CASCADE"),
nullable=False,
),
sa.Column(
"recipient_id",
sa.Integer(),
sa.ForeignKey("users.id", ondelete="CASCADE"),
nullable=False,
),
sa.Column("body", sa.Text(), nullable=False),
sa.Column("read_at", sa.DateTime(timezone=True), nullable=True),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
op.create_index("ix_messages_sender_id", "messages", ["sender_id"])
op.create_index("ix_messages_recipient_id", "messages", ["recipient_id"])
op.create_index("ix_messages_created_at", "messages", ["created_at"])
def downgrade() -> None:
op.drop_index("ix_messages_created_at", table_name="messages")
op.drop_index("ix_messages_recipient_id", table_name="messages")
op.drop_index("ix_messages_sender_id", table_name="messages")
op.drop_table("messages")

View file

@ -0,0 +1,68 @@
"""end-to-end encrypted messages + system messages
Revision ID: 0027_message_e2ee
Revises: 0026_messages
Create Date: 2026-06-25
Reworks direct messaging for end-to-end encryption. The `messages` table now stores ciphertext
(+ iv) for private user-to-user messages instead of plaintext `body`; `body` is kept (nullable)
for server-authored `kind="system"` messages (welcome / announcements). Adds `message_keys` to
hold each user's public key + passphrase-wrapped private key (the server can never decrypt).
Any pre-existing rows were plaintext with no keys, so they're dropped (the feature is unshipped;
prod has none).
"""
from typing import Sequence, Union
import sqlalchemy as sa
from alembic import op
revision: str = "0027_message_e2ee"
down_revision: Union[str, None] = "0026_messages"
branch_labels: Union[str, Sequence[str], None] = None
depends_on: Union[str, Sequence[str], None] = None
def upgrade() -> None:
# Old rows were plaintext with no E2EE keys — can't be migrated; drop them.
op.execute("DELETE FROM messages")
op.add_column(
"messages",
sa.Column("kind", sa.String(length=16), nullable=False, server_default="user"),
)
op.add_column("messages", sa.Column("ciphertext", sa.Text(), nullable=True))
op.add_column("messages", sa.Column("iv", sa.String(length=32), nullable=True))
# System messages have no human sender and carry plaintext `body`.
op.alter_column("messages", "sender_id", existing_type=sa.Integer(), nullable=True)
op.alter_column("messages", "body", existing_type=sa.Text(), nullable=True)
op.create_table(
"message_keys",
sa.Column(
"user_id",
sa.Integer(),
sa.ForeignKey("users.id", ondelete="CASCADE"),
primary_key=True,
),
sa.Column("public_key", sa.Text(), nullable=False),
sa.Column("wrapped_private_key", sa.Text(), nullable=False),
sa.Column("salt", sa.String(length=64), nullable=False),
sa.Column("wrap_iv", sa.String(length=32), nullable=False),
sa.Column("key_check", sa.Text(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
def downgrade() -> None:
op.drop_table("message_keys")
op.execute("DELETE FROM messages")
op.alter_column("messages", "body", existing_type=sa.Text(), nullable=False)
op.alter_column("messages", "sender_id", existing_type=sa.Integer(), nullable=False)
op.drop_column("messages", "iv")
op.drop_column("messages", "ciphertext")
op.drop_column("messages", "kind")