feat: integrate Matrix chat (Option 2 - credentials stored in Supabase)

- Add matrix-js-sdk, marked, highlight.js, twemoji, @tanstack/svelte-virtual deps - Copy Matrix core layer: /matrix/, /stores/matrix.ts, /cache/, /services/ - Copy Matrix components: matrix/, message/, chat-layout/, chat-settings/ - Copy UI components: EmojiPicker, Twemoji, ImagePreviewModal, VirtualList - Copy utils: emojiData, twemoji, twemojiGlobal - Replace lucide-svelte with Material Symbols in SyncRecoveryBanner - Extend Avatar with xs size and status indicator prop - Fix ui.ts store conflict: re-export toasts from toast.svelte.ts - Add migration 020_matrix_credentials for storing Matrix tokens per user/org - Add /api/matrix-credentials endpoint (GET/POST/DELETE) - Create [orgSlug]/chat page with Matrix login form + full chat UI - Add Chat to sidebar navigation
2026-02-07 01:44:06 +02:00
parent e55881b38b
commit d1ce5d0951
62 changed files with 11432 additions and 41 deletions
--- a/supabase/migrations/020_matrix_credentials.sql
+++ b/supabase/migrations/020_matrix_credentials.sql
@@ -0,0 +1,52 @@
+-- Matrix credentials storage for chat integration
+-- Stores Matrix access tokens per user per org, so users auto-connect to chat after Supabase login
+
+CREATE TABLE IF NOT EXISTS matrix_credentials (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    user_id UUID NOT NULL REFERENCES auth.users(id) ON DELETE CASCADE,
+    org_id UUID NOT NULL REFERENCES organizations(id) ON DELETE CASCADE,
+    homeserver_url TEXT NOT NULL,
+    matrix_user_id TEXT NOT NULL,
+    access_token TEXT NOT NULL,
+    device_id TEXT,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT now(),
+    UNIQUE(user_id, org_id)
+);
+
+-- RLS policies
+ALTER TABLE matrix_credentials ENABLE ROW LEVEL SECURITY;
+
+-- Users can only read their own credentials
+CREATE POLICY "Users can read own matrix credentials"
+    ON matrix_credentials FOR SELECT
+    USING (auth.uid() = user_id);
+
+-- Users can insert their own credentials
+CREATE POLICY "Users can insert own matrix credentials"
+    ON matrix_credentials FOR INSERT
+    WITH CHECK (auth.uid() = user_id);
+
+-- Users can update their own credentials
+CREATE POLICY "Users can update own matrix credentials"
+    ON matrix_credentials FOR UPDATE
+    USING (auth.uid() = user_id);
+
+-- Users can delete their own credentials
+CREATE POLICY "Users can delete own matrix credentials"
+    ON matrix_credentials FOR DELETE
+    USING (auth.uid() = user_id);
+
+-- Auto-update updated_at
+CREATE OR REPLACE FUNCTION update_matrix_credentials_updated_at()
+RETURNS TRIGGER AS $$
+BEGIN
+    NEW.updated_at = now();
+    RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+CREATE TRIGGER matrix_credentials_updated_at
+    BEFORE UPDATE ON matrix_credentials
+    FOR EACH ROW
+    EXECUTE FUNCTION update_matrix_credentials_updated_at();