Release

* Upgrade geodb plan to increase radius and page limit

* Speed location debounce

.env.example

@@ -1,20 +1,7 @@
-# Rename this file to `.env` and fill in the values.
 # You already have access to basic local functionality (UI, authentication, database read access).
 
-# Optional variables for the backend server functionality (modifying user data, etc.)
-
-# For database write access (dev).
-# A 16-character password with digits and letters.
-SUPABASE_DB_PASSWORD=09wATRREfAzyL5pc
-
-# For Firebase access.
-# Open a GitHub issue with your contribution ideas and an admin will give you the key.
-# TODO: find a way to give anyone moderate access to dev firebase.
-GOOGLE_APPLICATION_CREDENTIALS_DEV="[...].json"
-
-# The URL where your local backend server is running.
-# You can change the port if needed.
-NEXT_PUBLIC_API_URL=localhost:8088
+# openssl enc -aes-256-cbc -salt -pbkdf2 -iter 100000 -in backend/shared/src/googleApplicationCredentials-dev.json -out secrets/googleApplicationCredentials-dev.json.enc
+GOOGLE_CREDENTIALS_ENC_PWD=nP7s3274uzOG4c2t
 
 
 # Optional variables for full local functionality
@@ -23,10 +10,6 @@ NEXT_PUBLIC_API_URL=localhost:8088
 # Create a free account at https://rapidapi.com/wirefreethought/api/geodb-cities and get an API key.
 GEODB_API_KEY=
 
-# For analytics like page views, user actions, feature usage, etc.
-# Create a free account at https://posthog.com and get a project API key. Should start with "phc_".
-POSTHOG_KEY=
-
 # For sending emails (e.g. for user sign up, password reset, notifications, etc.).
 # Create a free account at https://resend.com and get an API key. Should start with "re_".
-RESEND_API_KEY=
+RESEND_KEY=

.github/FUNDING.yml

@@ -0,0 +1,15 @@
+# These are supported funding model platforms
+
+github: [CompassConnections] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: CompassMeet # Replace with a single Patreon username
+open_collective: compass-connection # Replace with a single Open Collective username
+ko_fi: compassconnections # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+polar: # Replace with a single Polar username
+buy_me_a_coffee: # Replace with a single Buy Me a Coffee username
+thanks_dev: # Replace with a single thanks.dev username
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

.gitignore

@@ -68,6 +68,7 @@ email-preview
 *.jpeg
 *.gif
 *.svg
+*.ico
 *.mp4
 *.mov
 *.avi
@@ -79,3 +80,10 @@ email-preview
 *.zip
 *.tar.gz
 *.rar
+/favicon_color.ico
+/backend/shared/src/googleApplicationCredentials-dev.json
+*.tfstate
+*.tfstate.backup
+*.terraform
+/backups/firebase/auth/data/
+/backups/firebase/storage/data/

README.md

@@ -1,7 +1,7 @@
 
 [![CI](https://github.com/CompassConnections/Compass/actions/workflows/ci.yml/badge.svg)](https://github.com/CompassConnections/Compass/actions/workflows/ci.yml)
 [![CD](https://github.com/CompassConnections/Compass/actions/workflows/cd.yml/badge.svg)](https://github.com/CompassConnections/Compass/actions/workflows/cd.yml)
-![Vercel](https://deploy-badge.vercel.app/vercel/bayesbond)
+![Vercel](https://deploy-badge.vercel.app/vercel/compass)
 
 # Compass
 
@@ -21,11 +21,28 @@ This repository contains the source code for [Compass](https://compassmeet.com)
 You can find a lot of interesting info in the [About page](https://www.compassmeet.com/about) and the [FAQ](https://www.compassmeet.com/faq) as well.
 A detailed description of the early vision is also available in this [blog post](https://martinbraquet.com/meeting-rational) (you can disregard the parts about rationality, as Compass shifted to a more general audience).
 
+<p style="text-align: center;">
+  <img src="https://firebasestorage.googleapis.com/v0/b/compass-130ba.firebasestorage.app/o/misc%2Fdemo_compass.gif?alt=media&token=e3ae4334-4e3f-4026-b121-c08b4b724cd1" alt="Compass Demo" width="600">
+</p>
+
 ## To Do
 
 No contribution is too small—whether it’s changing a color, resizing a button, tweaking a font, or improving wording. Bigger contributions like adding new profile fields, building modules, or improving onboarding are equally welcome. The goal is to make the platform better step by step, and every improvement counts. If you see something that could be clearer, smoother, or more engaging, **please jump in**!
 
-Here are some examples of things that would be very useful. If you want to help but don’t know where to start, just ask us on [Discord](https://discord.gg/8Vd7jzqjun).
+The complete, official list of tasks is available [here on ClickUp](https://sharing.clickup.com/90181043445/l/h/6-901810339879-1/bbfd32f4f4bf64b). If you are working on one task, just assign it to yourself and move its status to "in progress". If there is also a GitHub issue for that task, assign it to yourself as well.
+
+To have edit access to the ClickUp workspace, you need an admin to manually give you permission (one time thing). To do so, use your preferred option:
+- Ask or DM an admin on [Discord](https://discord.gg/8Vd7jzqjun)
+- Email hello@compassmeet.com
+- Raise an issue on GitHub
+
+If you want to add tasks without creating an account, you can simply email
+```
+a.t.901810339879.u-276866260.b847aba1-2709-4f17-b4dc-565a6967c234@tasks.clickup.com
+```
+Put the task title in the email subject and the task description in the email content.
+
+Here is a tailored selection of things that would be very useful. If you want to help but don’t know where to start, just ask us on [Discord](https://discord.gg/8Vd7jzqjun).
 
 - [x] Authentication (user/password and Google Sign In)
 - [x] Set up PostgreSQL in Production with supabase
@@ -49,16 +66,16 @@ Everything is open to anyone for collaboration, but the following ones are parti
 
 - [x] Clean up learn more page
 - [x] Add dark theme
-- [ ] Add profile features (intellectual interests, cause areas, personality type, conflict style, etc.)
-- [ ] Add filters to search through remaining profile features (politics, religion, education level, etc.)
-- [ ] Cover with tests (very important, just the test template and framework are ready)
+- [ ] Add profile fields (intellectual interests, cause areas, personality type, conflict style, timezone, etc.)
+- [ ] Add filters to search through remaining profile fields (politics, religion, education level, etc.)
+- [ ] Cover with tests (crucial, just the test template and framework are ready)
 - [ ] Make the app more user-friendly and appealing (UI/UX)
 - [ ] Clean up terms and conditions (convert to Markdown)
 - [ ] Clean up privacy notice (convert to Markdown)
 - [ ] Add other authentication methods (GitHub, Facebook, Apple, phone, etc.)
 - [ ] Add email verification
 - [ ] Add password reset
-- [ ] Add automated welcome email
+- [x] Add automated welcome email
 - [ ] Security audit and penetration testing
 - [ ] Make `deploy-api.sh` run automatically on push to `main` branch
 - [ ] Create settings page (change email, password, delete account, etc.)
@@ -100,20 +117,17 @@ yarn install
 
 ### Environment Variables
 
+Almost all the features will work out of the box, so you can skip this step and come back later if you need to test the following services: email, geolocation.
+
 We can't make the following information public, for security and privacy reasons:
 - Database, otherwise anyone could access all the user data (including private messages)
 - Firebase, otherwise anyone could remove users or modify the media files
-- Email, analytics, and location services, otherwise anyone could use our paid plan
+- Email, analytics, and location services, otherwise anyone could use the service plans Compass paid for and run up the bill.
 
-We separate all those services between production and local development, so that you can code freely without impacting the functioning of the platform.
+That's why we separate all those services between production and development environments, so that you can code freely without impacting the functioning of the deployed platform.
 Contributors should use the default keys for local development. Production uses a separate environment with stricter rules and private keys that are not shared.
 
-Most of the code will work out of the box. All you need to do is creating an `.env` file as a copy of `.env.example`:
-```bash
-cp .env.example .env
-```
-
-If you do need one of the few remaining services, you need to store your own secrets as environment variables. To do so, simply open `.env` and fill in the variables according to the instructions in the file.
+If you do need one of the few remaining services, you need to set them up and store your own secrets as environment variables. To do so, simply open `.env` and fill in the variables according to the instructions in the file.
 
 ### Tests
 
@@ -132,11 +146,23 @@ yarn dev
 
 Once the server is running, visit http://localhost:3000 to start using the app. You can sign up and visit the profiles; you should see a few synthetic profiles.
 
+Note: it's normal if page loading locally is much slower than the deployed version. It can take up to 10 seconds, it would be great to improve that though!
+
 ### Contributing
 
 Now you can start contributing by making changes and submitting pull requests!
 
-See [development.md](docs/development.md) for additional instructions, such as adding new profile features.
+We recommend using a good code editor (VSCode, WebStorm, Cursor, etc.) with Typescript support and a good AI assistant (GitHub Copilot, etc.) to make your life easier. To debug, you can use the browser developer tools (F12), specifically:
+- Components tab to see the React component tree and props (you need to install the [React Developer Tools](https://react.dev/learn/react-developer-tools) extension)
+- Console tab for errors and logs
+- Network tab to see the requests and responses
+- Storage tab to see cookies and local storage
+
+You can also add `console.log()` statements in the code.
+
+If you are new to Typescript or the open-source space, you could start with small changes, such as tweaking some web components or improving wording in some pages. You can find those files in `web/public/md/`.
+
+See [development.md](docs/development.md) for additional instructions, such as adding new profile fields.
 
 ### Submission
 

SECURITY.md

@@ -8,5 +8,5 @@
 
 ## Reporting a Vulnerability
 
-Contact the development team at compass.meet.info@gmail.com to report a vulnerability. You should receive updates within a week.
+Contact the development team at hello@compassmeet.com to report a vulnerability. You should receive updates within a week.
 

_old/app/manifesto/page.tsx

@@ -1,6 +1,5 @@
 'use client';
 
-import {aColor, supportEmail} from "@/lib/client/constants";
 import Image from 'next/image';
 
 export default function PrivacyPage() {

_old/lib/client/constants.tsx

@@ -0,0 +1,2 @@
+'use client';
+

backend/api/README.md

@@ -54,6 +54,9 @@ gcloud projects add-iam-policy-binding compass-130ba \
     --member="serviceAccount:253367029065-compute@developer.gserviceaccount.com" \
     --role="roles/secretmanager.secretAccessor"
 gcloud run services list
+gcloud compute backend-services update api-backend \
+  --global \
+  --timeout=600s
 ```
 
 Set up the saved search notifications job:
@@ -158,5 +161,4 @@ docker rmi -f $(docker images -aq)
 
 ### Documentation
 
-The API docs are available at https://api.compassmeet.com. They are defined in [openapi.json](openapi.json).
-Just a few endpoints are mentioned in that JSON doc. Feel free to help by adding the remaining ones!
+The API doc is available at https://api.compassmeet.com. It's dynamically prepared in [app.ts](src/app.ts).

backend/api/main.tf

@@ -185,29 +185,29 @@ resource "google_compute_url_map" "api_url_map" {
   path_matcher {
     name            = "allpaths"
     default_service = google_compute_backend_service.api_backend.self_link
-
-    # Priority 0: passthrough /v0/* requests
-    route_rules {
-      priority = 1
-      match_rules {
-        prefix_match = "/v0"
-      }
-      service = google_compute_backend_service.api_backend.self_link
-    }
-
-    # Priority 1: rewrite everything else to /v0
-    route_rules {
-      priority = 2
-      match_rules {
-        prefix_match = "/"
-      }
-      route_action {
-        url_rewrite {
-          path_prefix_rewrite = "/v0/"
-        }
-      }
-      service = google_compute_backend_service.api_backend.self_link
-    }
+  #
+  #   # Priority 0: passthrough /v0/* requests
+  #   route_rules {
+  #     priority = 1
+  #     match_rules {
+  #       prefix_match = "/v0"
+  #     }
+  #     service = google_compute_backend_service.api_backend.self_link
+  #   }
+  #
+  #   # Priority 1: rewrite everything else to /v0
+  #   route_rules {
+  #     priority = 2
+  #     match_rules {
+  #       prefix_match = "/"
+  #     }
+  #     route_action {
+  #       url_rewrite { # This may break websockets (the Upgrade and Connection headers must pass through untouched).
+  #         path_prefix_rewrite = "/v0/"
+  #       }
+  #     }
+  #     service = google_compute_backend_service.api_backend.self_link
+  #   }
   }
 }
 

backend/api/openapi.json

@@ -1,29 +0,0 @@
-{
-  "openapi": "3.0.0",
-  "info": {
-    "title": "Compass API",
-    "version": "1.0.0"
-  },
-  "paths": {
-    "/health": {
-      "get": {
-        "summary": "Health",
-        "responses": {
-          "200": {
-            "description": "OK"
-          }
-        }
-      }
-    },
-    "/get-profiles": {
-      "get": {
-        "summary": "List profiles",
-        "responses": {
-          "200": {
-            "description": "OK"
-          }
-        }
-      }
-    }
-  }
-}

backend/api/package.json

@@ -4,21 +4,23 @@
   "version": "1.0.0",
   "private": true,
   "scripts": {
+    "watch:serve": "tsx watch src/serve.ts",
     "watch:compile": "npx concurrently \"tsc -b --watch --preserveWatchOutput\" \"(cd ../../common && tsc-alias --watch)\" \"(cd ../shared && tsc-alias --watch)\" \"(cd ../email && tsc-alias --watch)\" \"tsc-alias --watch\"",
-    "watch:serve": "nodemon -r tsconfig-paths/register --watch lib --ignore 'lib/**/*.map' src/serve.ts",
-    "dev": "npx concurrently -n COMPILE,SERVER -c cyan,green \"yarn watch:compile\" \"yarn watch:serve\"",
+    "dev": "yarn watch:serve",
+    "prod": "npx concurrently -n COMPILE,SERVER -c cyan,green \"yarn watch:compile\" \"yarn watch:serve\"",
     "build": "yarn compile && yarn dist:clean && yarn dist:copy",
     "build:fast": "yarn compile && yarn dist:copy",
+    "clean": "rm -rf lib && (cd ../../common && rm -rf lib) && (cd ../shared && rm -rf lib) && (cd ../email && rm -rf lib)",
     "compile": "tsc -b && tsc-alias && (cd ../../common && tsc-alias) && (cd ../shared && tsc-alias) && (cd ../email && tsc-alias)",
     "debug": "nodemon -r tsconfig-paths/register --watch src -e ts --watch ../../common/src --watch ../shared/src --exec \"yarn build && node --inspect-brk src/serve.ts\"",
     "dist": "yarn dist:clean && yarn dist:copy",
     "dist:clean": "rm -rf dist && mkdir -p dist/common/lib dist/backend/shared/lib dist/backend/api/lib dist/backend/email/lib",
-    "dist:copy": "rsync -a --delete ../../common/lib/ dist/common/lib && rsync -a --delete ../shared/lib/ dist/backend/shared/lib && rsync -a --delete ../email/lib/ dist/backend/email/lib && rsync -a --delete  ./lib/* dist/backend/api/lib && cp ../../yarn.lock dist && cp package.json dist && cp openapi.json dist",
+    "dist:copy": "rsync -a --delete ../../common/lib/ dist/common/lib && rsync -a --delete ../shared/lib/ dist/backend/shared/lib && rsync -a --delete ../email/lib/ dist/backend/email/lib && rsync -a --delete  ./lib/* dist/backend/api/lib && cp ../../yarn.lock dist && cp package.json dist && cp package.json dist/backend/api",
     "watch": "tsc -w",
     "verify": "yarn --cwd=../.. verify",
     "verify:dir": "npx eslint . --max-warnings 0",
     "regen-types": "cd ../supabase && make ENV=prod regen-types",
-    "regen-types-dev": "cd ../supabase && make ENV=dev regen-types"
+    "regen-types-dev": "cd ../supabase && make ENV=dev regen-types-dev"
   },
   "engines": {
     "node": ">=20.0.0"
@@ -44,29 +46,32 @@
     "colors": "1.4.0",
     "cors": "2.8.5",
     "dayjs": "1.11.4",
-    "express": "4.18.1",
+    "express": "5.0.0",
     "firebase-admin": "13.5.0",
     "gcp-metadata": "6.1.0",
     "jsonwebtoken": "9.0.0",
     "lodash": "4.17.21",
+    "openapi-types": "12.1.3",
     "pg-promise": "11.4.1",
     "posthog-node": "4.11.0",
+    "react": "18.2.0",
+    "react-dom": "18.2.0",
     "resend": "4.1.2",
     "string-similarity": "4.0.4",
     "swagger-jsdoc": "6.2.8",
     "swagger-ui-express": "5.0.1",
     "tsconfig-paths": "4.2.0",
     "twitter-api-v2": "1.15.0",
-    "ws": "8.17.0",
-    "react": "18.2.0",
-    "react-dom": "18.2.0",
-    "zod": "3.21.4"
+    "web-push": "3.6.7",
+    "ws": "8.17.1",
+    "zod": "3.22.3"
   },
   "devDependencies": {
     "@types/cors": "2.8.17",
     "@types/react": "18.3.5",
     "@types/react-dom": "18.3.0",
     "@types/swagger-ui-express": "4.1.8",
+    "@types/web-push": "3.6.4",
     "@types/ws": "8.5.10"
   }
 }

backend/api/src/app.ts

@@ -12,6 +12,7 @@ import {blockUser, unblockUser} from './block-user'
 import {getCompatibleProfilesHandler} from './compatible-profiles'
 import {createComment} from './create-comment'
 import {createCompatibilityQuestion} from './create-compatibility-question'
+import {setCompatibilityAnswer} from './set-compatibility-answer'
 import {createProfile} from './create-profile'
 import {createUser} from './create-user'
 import {getCompatibilityQuestions} from './get-compatibililty-questions'
@@ -19,7 +20,6 @@ import {getLikesAndShips} from './get-likes-and-ships'
 import {getProfileAnswers} from './get-profile-answers'
 import {getProfiles} from './get-profiles'
 import {getSupabaseToken} from './get-supabase-token'
-import {getDisplayUser, getUser} from './get-user'
 import {getMe} from './get-me'
 import {hasFreeLike} from './has-free-like'
 import {health} from './health'
@@ -40,7 +40,7 @@ import {getCurrentPrivateUser} from './get-current-private-user'
 import {createPrivateUserMessage} from './create-private-user-message'
 import {
   getChannelMemberships,
-  getChannelMessages,
+  getChannelMessagesEndpoint,
   getLastSeenChannelTime,
   setChannelLastSeenTime,
 } from 'api/get-private-messages'
@@ -50,10 +50,28 @@ import {leavePrivateUserMessageChannel} from './leave-private-user-message-chann
 import {updatePrivateUserMessageChannel} from './update-private-user-message-channel'
 import {getNotifications} from './get-notifications'
 import {updateNotifSettings} from './update-notif-setting'
+import {setLastOnlineTime} from './set-last-online-time'
 import swaggerUi from "swagger-ui-express"
-import * as fs from "fs"
 import {sendSearchNotifications} from "api/send-search-notifications";
+import {sendDiscordMessage} from "common/discord/core";
+import {getMessagesCount} from "api/get-messages-count";
+import {createVote} from "api/create-vote";
+import {vote} from "api/vote";
+import {contact} from "api/contact";
+import {saveSubscription} from "api/save-subscription";
+import {createBookmarkedSearch} from './create-bookmarked-search'
+import {deleteBookmarkedSearch} from './delete-bookmarked-search'
+import {OpenAPIV3} from 'openapi-types';
+import {version as pkgVersion} from './../package.json'
+import {z, ZodFirstPartyTypeKind, ZodTypeAny} from "zod";
+import {getUser} from "api/get-user";
 
+// const corsOptions: CorsOptions = {
+//   origin: ['*'], // Only allow requests from this domain
+//   methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
+//   allowedHeaders: ['Content-Type', 'Authorization'],
+//   credentials: true, // if you use cookies or auth headers
+// };
 const allowCorsUnrestricted: RequestHandler = cors({})
 
 function cacheController(policy?: string): RequestHandler {
@@ -101,33 +119,200 @@ const apiErrorHandler: ErrorRequestHandler = (error, _req, res, _next) => {
 export const app = express()
 app.use(requestMonitoring)
 
-const swaggerDocument = JSON.parse(fs.readFileSync("./openapi.json", "utf-8"))
-swaggerDocument.info = {
-  ...swaggerDocument.info,
-  description: "Compass is a free, open-source platform to help people form deep, meaningful, and lasting connections — whether platonic, romantic, or collaborative. It’s made possible by contributions from the community, including code, ideas, feedback, and donations. Unlike typical apps, Compass prioritizes values, interests, and personality over swipes and ads, giving you full control over who you discover and how you connect.",
-  version: "1.0.0",
-  contact: {
-    name: "Compass",
-    email: "compass.meet.info@gmail.com",
-    url: "https://compassmeet.com"
+const schemaCache = new WeakMap<ZodTypeAny, any>();
+
+export function zodToOpenApiSchema(
+  zodObj: ZodTypeAny,
+  nameHint?: string
+): any {  // Prevent infinite recursion
+  if (schemaCache.has(zodObj)) {
+    return schemaCache.get(zodObj);
   }
-};
+
+  const def: any = (zodObj as any)._def;
+  const typeName = def.typeName as ZodFirstPartyTypeKind;
+
+  // Placeholder so recursive references can point here
+  const placeholder: any = {};
+  schemaCache.set(zodObj, placeholder);
+
+  let schema: any;
+
+  switch (typeName) {
+    case 'ZodString':
+      schema = { type: 'string' };
+      break;
+    case 'ZodNumber':
+      schema = { type: 'number' };
+      break;
+    case 'ZodBoolean':
+      schema = { type: 'boolean' };
+      break;
+    case 'ZodEnum':
+      schema = { type: 'string', enum: def.values };
+      break;
+    case 'ZodArray':
+      schema = { type: 'array', items: zodToOpenApiSchema(def.type) };
+      break;
+    case 'ZodObject': {
+      const shape = def.shape();
+      const properties: Record<string, any> = {};
+      const required: string[] = [];
+
+      for (const key in shape) {
+        const child = shape[key];
+        properties[key] = zodToOpenApiSchema(child, key);
+        if (!child.isOptional()) required.push(key);
+      }
+
+      schema = {
+        type: 'object',
+        properties,
+        ...(required.length ? { required } : {}),
+      };
+      break;
+    }
+    case 'ZodRecord':
+      schema = {
+        type: 'object',
+        additionalProperties: zodToOpenApiSchema(def.valueType),
+      };
+      break;
+    case 'ZodIntersection': {
+      const left = zodToOpenApiSchema(def.left);
+      const right = zodToOpenApiSchema(def.right);
+      schema = { allOf: [left, right] };
+      break;
+    }
+    case 'ZodLazy':
+      // Recursive schema: use a $ref placeholder name
+      schema = {
+        $ref: `#/components/schemas/${nameHint ?? 'RecursiveType'}`,
+      };
+      break;
+    case 'ZodUnion':
+      schema = {
+        oneOf: def.options.map((opt: ZodTypeAny) => zodToOpenApiSchema(opt)),
+      };
+      break;
+    default:
+      schema = { type: 'string' }; // fallback for unhandled
+  }
+
+  Object.assign(placeholder, schema);
+  return schema;
+}
+
+function generateSwaggerPaths(api: typeof API) {
+  const paths: Record<string, any> = {};
+
+  for (const [route, config] of Object.entries(api)) {
+    const pathKey = '/' + route.replace(/_/g, '-'); // optional: convert underscores to dashes
+    const method = config.method.toLowerCase();
+    const summary = (config as any).summary ?? route;
+
+    // Include props in request body for POST/PUT
+    const operation: any = {
+      summary,
+      tags: [(config as any).tag ?? 'API'],
+      responses: {
+        200: {
+          description: 'OK',
+          content: {
+            'application/json': {
+              schema: {type: 'object'}, // could be improved by introspecting returns
+            },
+          },
+        },
+      },
+    };
+
+    // Include props in request body for POST/PUT
+    if (config.props && ['post', 'put', 'patch'].includes(method)) {
+      operation.requestBody = {
+        required: true,
+        content: {
+          'application/json': {
+            schema: zodToOpenApiSchema(config.props),
+          },
+        },
+      };
+    }
+
+    // Include props as query parameters for GET/DELETE
+    if (config.props && ['get', 'delete'].includes(method)) {
+      const shape = (config.props as z.ZodObject<any>)._def.shape();
+      operation.parameters = Object.entries(shape).map(([key, zodType]) => {
+        const typeMap: Record<string, string> = {
+          ZodString: 'string',
+          ZodNumber: 'number',
+          ZodBoolean: 'boolean',
+        };
+        const t = zodType as z.ZodTypeAny; // assert type to ZodTypeAny
+        return {
+          name: key,
+          in: 'query',
+          required: !(t.isOptional ?? false),
+          schema: {type: typeMap[t._def.typeName] ?? 'string'},
+        };
+      });
+    }
+
+    paths[pathKey] = {
+      [method]: operation,
+    }
+
+    if (config.authed) {
+      operation.security = [{BearerAuth: []}];
+    }
+  }
+
+  return paths;
+}
+
+
+const swaggerDocument: OpenAPIV3.Document = {
+  openapi: "3.0.0",
+  info: {
+    title: "Compass API",
+    description: "Compass is a free, open-source platform to help people form deep, meaningful, and lasting connections — whether platonic, romantic, or collaborative. It’s made possible by contributions from the community, including code, ideas, feedback, and donations. Unlike typical apps, Compass prioritizes values, interests, and personality over swipes and ads, giving you full control over who you discover and how you connect.",
+    version: pkgVersion,
+    contact: {
+      name: "Compass",
+      email: "hello@compassmeet.com",
+      url: "https://compassmeet.com"
+    }
+  },
+  paths: generateSwaggerPaths(API),
+  components: {
+    securitySchemes: {
+      BearerAuth: {
+        type: 'http',
+        scheme: 'bearer',
+        bearerFormat: 'JWT',
+      },
+    },
+  }
+} as OpenAPIV3.Document;
+
 
 const rootPath = pathWithPrefix("/")
 app.get(rootPath, swaggerUi.setup(swaggerDocument))
 app.use(rootPath, swaggerUi.serve)
 
-app.options('*', allowCorsUnrestricted)
+// Triggers Missing parameter name at index 3: *; visit https://git.new/pathToRegexpError for info
+// May not be necessary
+// app.options('*', allowCorsUnrestricted)
 
 const handlers: { [k in APIPath]: APIHandler<k> } = {
   health: health,
   'get-supabase-token': getSupabaseToken,
   'get-notifications': getNotifications,
   'mark-all-notifs-read': markAllNotifsRead,
-  'user/:username': getUser,
-  'user/:username/lite': getDisplayUser,
+  // 'user/:username': getUser,
+  // 'user/:username/lite': getDisplayUser,
   'user/by-id/:id': getUser,
-  'user/by-id/:id/lite': getDisplayUser,
+  // 'user/by-id/:id/lite': getDisplayUser,
   'user/by-id/:id/block': blockUser,
   'user/by-id/:id/unblock': unblockUser,
   'search-users': searchUsers,
@@ -153,6 +338,10 @@ const handlers: { [k in APIPath]: APIHandler<k> } = {
   'create-comment': createComment,
   'hide-comment': hideComment,
   'create-compatibility-question': createCompatibilityQuestion,
+  'set-compatibility-answer': setCompatibilityAnswer,
+  'create-vote': createVote,
+  'vote': vote,
+  'contact': contact,
   'compatible-profiles': getCompatibleProfilesHandler,
   'search-location': searchLocation,
   'search-near-city': searchNearCity,
@@ -161,9 +350,14 @@ const handlers: { [k in APIPath]: APIHandler<k> } = {
   'update-private-user-message-channel': updatePrivateUserMessageChannel,
   'leave-private-user-message-channel': leavePrivateUserMessageChannel,
   'get-channel-memberships': getChannelMemberships,
-  'get-channel-messages': getChannelMessages,
+  'get-channel-messages': getChannelMessagesEndpoint,
   'get-channel-seen-time': getLastSeenChannelTime,
   'set-channel-seen-time': setChannelLastSeenTime,
+  'get-messages-count': getMessagesCount,
+  'set-last-online-time': setLastOnlineTime,
+  'save-subscription': saveSubscription,
+  'create-bookmarked-search': createBookmarkedSearch,
+  'delete-bookmarked-search': deleteBookmarkedSearch,
 }
 
 Object.entries(handlers).forEach(([path, handler]) => {
@@ -191,8 +385,6 @@ Object.entries(handlers).forEach(([path, handler]) => {
   }
 })
 
-// console.log('COMPASS_API_KEY:', process.env.COMPASS_API_KEY)
-
 // Internal Endpoints
 app.post(pathWithPrefix("/internal/send-search-notifications"),
   async (req, res) => {
@@ -206,6 +398,10 @@ app.post(pathWithPrefix("/internal/send-search-notifications"),
       return res.status(200).json(result)
     } catch (err) {
       console.error("Failed to send notifications:", err);
+      await sendDiscordMessage(
+        "Failed to send [daily notifications](https://console.cloud.google.com/cloudscheduler?project=compass-130ba) for bookmarked searches...",
+        "health"
+      )
       return res.status(500).json({error: "Internal server error"});
     }
   }

backend/api/src/compatible-profiles.ts

@@ -1,11 +1,11 @@
 import { groupBy, sortBy } from 'lodash'
 import { APIError, type APIHandler } from 'api/helpers/endpoint'
-import { getCompatibilityScore } from 'common/love/compatibility-score'
+import { getCompatibilityScore } from 'common/profiles/compatibility-score'
 import {
   getProfile,
   getCompatibilityAnswers,
   getGenderCompatibleProfiles,
-} from 'shared/love/supabase'
+} from 'shared/profiles/supabase'
 import { log } from 'shared/utils'
 
 export const getCompatibleProfilesHandler: APIHandler<

backend/api/src/contact.ts

@@ -0,0 +1,41 @@
+import {APIError, APIHandler} from './helpers/endpoint'
+import {createSupabaseDirectClient} from 'shared/supabase/init'
+import {insert} from 'shared/supabase/utils'
+import {tryCatch} from 'common/util/try-catch'
+import {sendDiscordMessage} from "common/discord/core";
+import {jsonToMarkdown} from "common/md";
+
+// Stores a contact message into the `contact` table
+// Web sends TipTap JSON in `content`; we store it as string in `description`.
+// If optional content metadata is provided, we include it; otherwise we fall back to user-centric defaults.
+export const contact: APIHandler<'contact'> = async (
+  {content, userId},
+  _auth
+) => {
+  const pg = createSupabaseDirectClient()
+
+  const {error} = await tryCatch(
+    insert(pg, 'contact', {
+      user_id: userId,
+      content: JSON.stringify(content),
+    })
+  )
+
+  if (error) throw new APIError(500, 'Failed to submit contact message')
+
+  const continuation = async () => {
+    try {
+      const md = jsonToMarkdown(content)
+      const message: string = `**New Contact Message**\n${md}`
+      await sendDiscordMessage(message, 'contact')
+    } catch (e) {
+      console.error('Failed to send discord contact', e)
+    }
+  }
+
+  return {
+    success: true,
+    result: {},
+    continue: continuation,
+  }
+}

backend/api/src/create-bookmarked-search.ts

@@ -0,0 +1,23 @@
+import {APIHandler} from './helpers/endpoint'
+import {createSupabaseDirectClient} from 'shared/supabase/init'
+
+export const createBookmarkedSearch: APIHandler<'create-bookmarked-search'> = async (
+  props,
+  auth
+) => {
+  const creator_id = auth.uid
+  const {search_filters, location = null, search_name = null} = props
+
+  const pg = createSupabaseDirectClient()
+
+  const inserted = await pg.one(
+    `
+      INSERT INTO bookmarked_searches (creator_id, search_filters, location, search_name)
+      VALUES ($1, $2, $3, $4)
+      RETURNING *
+    `,
+    [creator_id, search_filters, location, search_name]
+  )
+
+  return inserted
+}

backend/api/src/create-compatibility-question.ts

@@ -13,7 +13,7 @@ export const createCompatibilityQuestion: APIHandler<
   const pg = createSupabaseDirectClient()
 
   const { data, error } = await tryCatch(
-    insert(pg, 'love_questions', {
+    insert(pg, 'compatibility_prompts', {
       creator_id: creator.id,
       question,
       answer_type: 'compatibility_multiple_choice',

backend/api/src/create-notification.ts

@@ -0,0 +1,76 @@
+import {createSupabaseDirectClient, SupabaseDirectClient} from 'shared/supabase/init'
+import {Notification} from 'common/notifications'
+import {insertNotificationToSupabase} from 'shared/supabase/notifications'
+import {tryCatch} from "common/util/try-catch";
+import {Row} from "common/supabase/utils";
+
+export const createShareNotifications = async () => {
+  const createdTime = Date.now();
+  const id = `share-${createdTime}`
+  const notification: Notification = {
+    id,
+    userId: 'todo',
+    createdTime: createdTime,
+    isSeen: false,
+    sourceType: 'info',
+    sourceUpdateType: 'created',
+    sourceSlug: '/contact',
+    sourceUserAvatarUrl: 'https://firebasestorage.googleapis.com/v0/b/compass-130ba.firebasestorage.app/o/misc%2Ficon-outreach-outstrip-outreach-272151502.jpg?alt=media&token=6d6fcecb-818c-4fca-a8e0-d2d0069b9445',
+    title: 'Give us tips to reach more people',
+    sourceText: '250 members already! Tell us where and how we can best share Compass.',
+  }
+  return await createNotifications(notification)
+}
+
+export const createVoteNotifications = async () => {
+  const createdTime = Date.now();
+  const id = `vote-${createdTime}`
+  const notification: Notification = {
+    id,
+    userId: 'todo',
+    createdTime: createdTime,
+    isSeen: false,
+    sourceType: 'info',
+    sourceUpdateType: 'created',
+    sourceSlug: '/vote',
+    sourceUserAvatarUrl: 'https://firebasestorage.googleapis.com/v0/b/compass-130ba.firebasestorage.app/o/misc%2Fvote-icon-design-free-vector.jpg?alt=media&token=f70b6d14-0511-49b2-830d-e7cabf7bb751',
+    title: 'New Proposals & Votes Page',
+    sourceText: 'Create proposals and vote on other people\'s suggestions!',
+  }
+  return await createNotifications(notification)
+}
+
+export const createNotifications = async (notification: Notification) => {
+  const pg = createSupabaseDirectClient()
+  const {data: users, error} = await tryCatch(
+    pg.many<Row<'users'>>('select * from users')
+  )
+
+  if (error) {
+    console.error('Error fetching users', error)
+    return
+  }
+
+  if (!users) {
+    console.error('No users found')
+    return
+  }
+
+  for (const user of users) {
+    try {
+      await createNotification(user, notification, pg)
+    } catch (e) {
+      console.error('Failed to create notification', e, user)
+    }
+  }
+
+  return {
+    success: true,
+  }
+}
+
+export const createNotification = async (user: Row<'users'>, notification: Notification, pg: SupabaseDirectClient) => {
+  notification.userId = user.id
+  console.log('notification', user.username)
+  return await insertNotificationToSupabase(notification, pg)
+}

backend/api/src/create-private-user-message-channel.ts

@@ -2,7 +2,7 @@ import { APIError, APIHandler } from 'api/helpers/endpoint'
 import { filterDefined } from 'common/util/array'
 import { uniq } from 'lodash'
 import { createSupabaseDirectClient } from 'shared/supabase/init'
-import { addUsersToPrivateMessageChannel } from 'api/junk-drawer/private-messages'
+import { addUsersToPrivateMessageChannel } from 'api/helpers/private-messages'
 import { getPrivateUser, getUser } from 'shared/utils'
 
 export const createPrivateUserMessageChannel: APIHandler<

backend/api/src/create-private-user-message.ts

@@ -1,23 +1,25 @@
-import { APIError, APIHandler } from 'api/helpers/endpoint'
-import { getUser } from 'shared/utils'
-import { createSupabaseDirectClient } from 'shared/supabase/init'
-import { MAX_COMMENT_JSON_LENGTH } from 'api/create-comment'
-import { createPrivateUserMessageMain } from 'api/junk-drawer/private-messages'
+import {APIError, APIHandler} from 'api/helpers/endpoint'
+import {getUser} from 'shared/utils'
+import {createSupabaseDirectClient} from 'shared/supabase/init'
+import {MAX_COMMENT_JSON_LENGTH} from 'api/create-comment'
+import {createPrivateUserMessageMain} from 'api/helpers/private-messages'
 
 export const createPrivateUserMessage: APIHandler<
   'create-private-user-message'
 > = async (body, auth) => {
-  const { content, channelId } = body
+  const {content, channelId} = body
   if (JSON.stringify(content).length > MAX_COMMENT_JSON_LENGTH) {
     throw new APIError(
       400,
       `Message JSON should be less than ${MAX_COMMENT_JSON_LENGTH}`
     )
   }
-  const pg = createSupabaseDirectClient()
+
   const creator = await getUser(auth.uid)
   if (!creator) throw new APIError(401, 'Your account was not found')
   if (creator.isBannedFromPosting) throw new APIError(403, 'You are banned')
+
+  const pg = createSupabaseDirectClient()
   return await createPrivateUserMessageMain(
     creator,
     channelId,

backend/api/src/create-profile.ts

@@ -2,11 +2,13 @@ import { APIError, APIHandler } from 'api/helpers/endpoint'
 import { createSupabaseDirectClient } from 'shared/supabase/init'
 import { log, getUser } from 'shared/utils'
 import { HOUR_MS } from 'common/util/time'
-import { removePinnedUrlFromPhotoUrls } from 'shared/love/parse-photos'
+import { removePinnedUrlFromPhotoUrls } from 'shared/profiles/parse-photos'
 import { track } from 'shared/analytics'
 import { updateUser } from 'shared/supabase/users'
 import { tryCatch } from 'common/util/try-catch'
 import { insert } from 'shared/supabase/utils'
+import {sendDiscordMessage} from "common/discord/core";
+import {jsonToMarkdown} from "common/md";
 
 export const createProfile: APIHandler<'create-profile'> = async (body, auth) => {
   const pg = createSupabaseDirectClient()
@@ -28,7 +30,7 @@ export const createProfile: APIHandler<'create-profile'> = async (body, auth) =>
     updateUser(pg, auth.uid, { avatarUrl: body.pinned_url })
   }
 
-  console.log('body', body)
+  console.debug('body', body)
 
   const { data, error } = await tryCatch(
     insert(pg, 'profiles', { user_id: auth.uid, ...body })
@@ -40,7 +42,51 @@ export const createProfile: APIHandler<'create-profile'> = async (body, auth) =>
   }
 
   log('Created user', data)
-  await track(user.id, 'create profile', { username: user.username })
 
-  return data
+  const continuation = async () => {
+    try {
+      await track(auth.uid, 'create profile', {username: user.username})
+    } catch (e) {
+      console.error('Failed to track create profile', e)
+    }
+    try {
+      let message: string = `[**${user.name}**](https://www.compassmeet.com/${user.username}) just created a profile`
+      if (body.bio) {
+        const bioText = jsonToMarkdown(body.bio)
+        if (bioText) message += `\n${bioText}`
+      }
+      await sendDiscordMessage(message, 'members')
+    } catch (e) {
+      console.error('Failed to send discord new profile', e)
+    }
+    try {
+      const nProfiles = await pg.one<number>(
+        `SELECT count(*) FROM profiles`,
+        [],
+        (r) => Number(r.count)
+      )
+
+      const isMilestone = (n: number) => {
+        return (
+          [15, 20, 30, 40].includes(n) || // early milestones
+          n % 50 === 0
+        )
+      }
+      console.debug(nProfiles, isMilestone(nProfiles))
+      if (isMilestone(nProfiles)) {
+        await sendDiscordMessage(
+          `We just reached **${nProfiles}** total profiles! 🎉`,
+          'general',
+        )
+      }
+
+    } catch (e) {
+      console.error('Failed to send discord user milestone', e)
+    }
+  }
+
+  return {
+    result: data,
+    continue: continuation,
+  }
 }

backend/api/src/create-user.ts

@@ -1,27 +1,27 @@
 import * as admin from 'firebase-admin'
-import { PrivateUser } from 'common/user'
-import { randomString } from 'common/util/random'
-import { cleanDisplayName, cleanUsername } from 'common/util/clean-username'
-import { getIp, track } from 'shared/analytics'
-import { APIError, APIHandler } from './helpers/endpoint'
-import { getDefaultNotificationPreferences } from 'common/user-notification-preferences'
-import { removeUndefinedProps } from 'common/util/object'
-import { generateAvatarUrl } from 'shared/helpers/generate-and-update-avatar-urls'
-import { getStorage } from 'firebase-admin/storage'
-import { DEV_CONFIG } from 'common/envs/dev'
-import { PROD_CONFIG } from 'common/envs/prod'
-import { RESERVED_PATHS } from 'common/envs/constants'
-import { log, isProd, getUser, getUserByUsername } from 'shared/utils'
-import { createSupabaseDirectClient } from 'shared/supabase/init'
-import { insert } from 'shared/supabase/utils'
-import { convertPrivateUser, convertUser } from 'common/supabase/users'
+import {PrivateUser} from 'common/user'
+import {randomString} from 'common/util/random'
+import {cleanDisplayName, cleanUsername} from 'common/util/clean-username'
+import {getIp, track} from 'shared/analytics'
+import {APIError, APIHandler} from './helpers/endpoint'
+import {getDefaultNotificationPreferences} from 'common/user-notification-preferences'
+import {removeUndefinedProps} from 'common/util/object'
+import {generateAvatarUrl} from 'shared/helpers/generate-and-update-avatar-urls'
+import {IS_LOCAL, RESERVED_PATHS} from 'common/envs/constants'
+import {getUser, getUserByUsername, log} from 'shared/utils'
+import {createSupabaseDirectClient} from 'shared/supabase/init'
+import {insert} from 'shared/supabase/utils'
+import {convertPrivateUser, convertUser} from 'common/supabase/users'
+import {getBucket} from "shared/firebase-utils";
+import {sendWelcomeEmail} from "email/functions/helpers";
+import {setLastOnlineTimeUser} from "api/set-last-online-time";
 
 export const createUser: APIHandler<'create-user'> = async (
   props,
   auth,
   req
 ) => {
-  const { deviceToken: preDeviceToken } = props
+  const {deviceToken: preDeviceToken} = props
   const firebaseUser = await admin.auth().getUser(auth.uid)
 
   const testUserAKAEmailPasswordUser =
@@ -52,7 +52,7 @@ export const createUser: APIHandler<'create-user'> = async (
   const rawName = fbUser.displayName || emailName || 'User' + randomString(4)
   const name = cleanDisplayName(rawName)
 
-  const bucket = getStorage().bucket(getStorageBucketId())
+  const bucket = getBucket()
   const avatarUrl = fbUser.photoURL
     ? fbUser.photoURL
     : await generateAvatarUrl(auth.uid, name, bucket)
@@ -63,7 +63,9 @@ export const createUser: APIHandler<'create-user'> = async (
 
   // Check username case-insensitive
   const dupes = await pg.one<number>(
-    `select count(*) from users where username ilike $1`,
+    `select count(*)
+     from users
+     where username ilike $1`,
     [username],
     (r) => r.count
   )
@@ -71,7 +73,7 @@ export const createUser: APIHandler<'create-user'> = async (
   const isReservedName = RESERVED_PATHS.includes(username)
   if (usernameExists || isReservedName) username += randomString(4)
 
-  const { user, privateUser } = await pg.tx(async (tx) => {
+  const {user, privateUser} = await pg.tx(async (tx) => {
     const preexistingUser = await getUser(auth.uid, tx)
     if (preexistingUser)
       throw new APIError(403, 'User already exists', {
@@ -81,13 +83,13 @@ export const createUser: APIHandler<'create-user'> = async (
     // Check exact username to avoid problems with duplicate requests
     const sameNameUser = await getUserByUsername(username, tx)
     if (sameNameUser)
-      throw new APIError(403, 'Username already taken', { username })
+      throw new APIError(403, 'Username already taken', {username})
 
     const user = removeUndefinedProps({
       avatarUrl,
       isBannedFromPosting: Boolean(
         (deviceToken && bannedDeviceTokens.includes(deviceToken)) ||
-          (ip && bannedIpAddresses.includes(ip))
+        (ip && bannedIpAddresses.includes(ip))
       ),
       link: {},
     })
@@ -120,10 +122,24 @@ export const createUser: APIHandler<'create-user'> = async (
     }
   })
 
-  log('created user ', { username: user.username, firebaseId: auth.uid })
+  log('created user ', {username: user.username, firebaseId: auth.uid})
 
   const continuation = async () => {
-    await track(auth.uid, 'create profile', { username: user.username })
+    try {
+      await track(auth.uid, 'create profile', {username: user.username})
+    } catch (e) {
+      console.error('Failed to track create profile', e)
+    }
+    try {
+      if (!IS_LOCAL) await sendWelcomeEmail(user, privateUser)
+    } catch (e) {
+      console.error('Failed to sendWelcomeEmail', e)
+    }
+    try {
+      await setLastOnlineTimeUser(auth.uid)
+    } catch (e) {
+      console.error('Failed to set last online time', e)
+    }
   }
 
   return {
@@ -135,12 +151,6 @@ export const createUser: APIHandler<'create-user'> = async (
   }
 }
 
-function getStorageBucketId() {
-  return isProd()
-    ? PROD_CONFIG.firebaseConfig.storageBucket
-    : DEV_CONFIG.firebaseConfig.storageBucket
-}
-
 // Automatically ban users with these device tokens or ip addresses.
 const bannedDeviceTokens = [
   'fa807d664415',

backend/api/src/create-vote.ts

@@ -0,0 +1,27 @@
+import { createSupabaseDirectClient } from 'shared/supabase/init'
+import { getUser } from 'shared/utils'
+import { APIHandler, APIError } from './helpers/endpoint'
+import { insert } from 'shared/supabase/utils'
+import { tryCatch } from 'common/util/try-catch'
+
+export const createVote: APIHandler<
+  'create-vote'
+> = async ({ title, description, isAnonymous }, auth) => {
+  const creator = await getUser(auth.uid)
+  if (!creator) throw new APIError(401, 'Your account was not found')
+
+  const pg = createSupabaseDirectClient()
+
+  const { data, error } = await tryCatch(
+    insert(pg, 'votes', {
+      creator_id: creator.id,
+      title,
+      description,
+      is_anonymous: isAnonymous,
+    })
+  )
+
+  if (error) throw new APIError(401, 'Error creating question')
+
+  return { data }
+}

backend/api/src/delete-bookmarked-search.ts

@@ -0,0 +1,23 @@
+import {APIHandler} from './helpers/endpoint'
+import {createSupabaseDirectClient} from 'shared/supabase/init'
+
+export const deleteBookmarkedSearch: APIHandler<'delete-bookmarked-search'> = async (
+  props,
+  auth
+) => {
+  const creator_id = auth.uid
+  const {id} = props
+
+  const pg = createSupabaseDirectClient()
+
+  // Only allow deleting your own bookmarked searches
+  await pg.none(
+    `
+      DELETE FROM bookmarked_searches
+      WHERE id = $1 AND creator_id = $2
+    `,
+    [id, creator_id]
+  )
+
+  return {}
+}

backend/api/src/delete-me.ts

@@ -1,11 +1,11 @@
-import { getUser } from 'shared/utils'
-import { APIError, APIHandler } from './helpers/endpoint'
-import { updatePrivateUser, updateUser } from 'shared/supabase/users'
-import { createSupabaseDirectClient } from 'shared/supabase/init'
-import { FieldVal } from 'shared/supabase/utils'
+import {getUser} from 'shared/utils'
+import {APIError, APIHandler} from './helpers/endpoint'
+import {createSupabaseDirectClient} from 'shared/supabase/init'
+import * as admin from "firebase-admin";
+import {deleteUserFiles} from "shared/firebase-utils";
 
 export const deleteMe: APIHandler<'me/delete'> = async (body, auth) => {
-  const { username } = body
+  const {username} = body
   const user = await getUser(auth.uid)
   if (!user) {
     throw new APIError(401, 'Your account was not found')
@@ -16,13 +16,30 @@ export const deleteMe: APIHandler<'me/delete'> = async (body, auth) => {
       `Incorrect username. You are logged in as ${user.username}. Are you sure you want to delete this account?`
     )
   }
+  const userId = user.id
+  if (!userId) {
+    throw new APIError(400, 'Invalid user ID')
+  }
 
+  // Remove user data from Supabase
   const pg = createSupabaseDirectClient()
-  await updateUser(pg, auth.uid, {
-    userDeleted: true,
-    isBannedFromPosting: true,
-  })
-  await updatePrivateUser(pg, auth.uid, {
-    email: FieldVal.delete(),
-  })
+  await pg.none('DELETE FROM users WHERE id = $1', [userId])
+  // Should cascade delete in other tables
+  // await pg.none('DELETE FROM private_users WHERE id = $1', [userId])
+  // await pg.none('DELETE FROM profiles WHERE user_id = $1', [userId])
+  // await pg.none('DELETE FROM bookmarked_searches WHERE creator_id = $1', [userId])
+  // await pg.none('DELETE FROM compatibility_answers WHERE creator_id = $1', [userId])
+  // May need to also delete from other tables in the future (such as messages, compatibility responses, etc.)
+
+  // Delete user files from Firebase Storage
+  await deleteUserFiles(user.username)
+
+  // Remove user from Firebase Auth
+  try {
+    const auth = admin.auth()
+    await auth.deleteUser(userId)
+    console.debug(`Deleted user ${userId} from Firebase Auth and Supabase`)
+  } catch (e) {
+    console.error('Error deleting user from Firebase Auth:', e)
+  }
 }

backend/api/src/get-compatibililty-questions.ts

@@ -2,37 +2,47 @@ import { type APIHandler } from 'api/helpers/endpoint'
 import { createSupabaseDirectClient } from 'shared/supabase/init'
 import { Row } from 'common/supabase/utils'
 
+export function shuffle<T>(array: T[]): T[] {
+  const arr = [...array]; // copy to avoid mutating the original
+  for (let i = arr.length - 1; i > 0; i--) {
+    const j = Math.floor(Math.random() * (i + 1));
+    [arr[i], arr[j]] = [arr[j], arr[i]];
+  }
+  return arr;
+}
+
 export const getCompatibilityQuestions: APIHandler<
   'get-compatibility-questions'
 > = async (_props, _auth) => {
   const pg = createSupabaseDirectClient()
 
   const questions = await pg.manyOrNone<
-    Row<'love_questions'> & { answer_count: number; score: number }
+    Row<'compatibility_prompts'> & { answer_count: number; score: number }
   >(
     `SELECT 
-      love_questions.*,
-      COUNT(love_compatibility_answers.question_id) as answer_count,
-      AVG(POWER(love_compatibility_answers.importance + 1 + CASE WHEN love_compatibility_answers.explanation IS NULL THEN 1 ELSE 0 END, 2)) as score
+      compatibility_prompts.*,
+      COUNT(compatibility_answers.question_id) as answer_count,
+      AVG(POWER(compatibility_answers.importance + 1 + CASE WHEN compatibility_answers.explanation IS NULL THEN 1 ELSE 0 END, 2)) as score
     FROM 
-        love_questions
+        compatibility_prompts
     LEFT JOIN 
-        love_compatibility_answers ON love_questions.id = love_compatibility_answers.question_id
+        compatibility_answers ON compatibility_prompts.id = compatibility_answers.question_id
     WHERE 
-        love_questions.answer_type = 'compatibility_multiple_choice'
+        compatibility_prompts.answer_type = 'compatibility_multiple_choice'
     GROUP BY 
-        love_questions.id
-    ORDER BY 
-        score DESC
+        compatibility_prompts.id
+    ORDER BY
+         compatibility_prompts.importance_score
     `,
     []
   )
 
-  if (false)
-    console.log(
-      'got questions',
-      questions.map((q) => q.question + ' ' + q.score)
-    )
+  // const questions = shuffle(dbQuestions)
+
+  // console.debug(
+  //   'got questions',
+  //   questions.map((q) => q.question + ' ' + q.score)
+  // )
 
   return {
     status: 'success',

backend/api/src/get-likes-and-ships.ts

@@ -20,10 +20,10 @@ export const getLikesAndShipsMain = async (userId: string) => {
     created_time: number
   }>(
     `
-      select target_id, love_likes.created_time
-      from love_likes
-      join profiles on profiles.user_id = love_likes.target_id
-      join users on users.id = love_likes.target_id
+      select target_id, profile_likes.created_time
+      from profile_likes
+      join profiles on profiles.user_id = profile_likes.target_id
+      join users on users.id = profile_likes.target_id
       where creator_id = $1
         and looking_for_matches
         and profiles.pinned_url is not null
@@ -42,10 +42,10 @@ export const getLikesAndShipsMain = async (userId: string) => {
     created_time: number
   }>(
     `
-      select creator_id, love_likes.created_time
-      from love_likes
-      join profiles on profiles.user_id = love_likes.creator_id
-      join users on users.id = love_likes.creator_id
+      select creator_id, profile_likes.created_time
+      from profile_likes
+      join profiles on profiles.user_id = profile_likes.creator_id
+      join users on users.id = profile_likes.creator_id
       where target_id = $1
         and looking_for_matches
         and profiles.pinned_url is not null
@@ -68,11 +68,11 @@ export const getLikesAndShipsMain = async (userId: string) => {
   }>(
     `
     select 
-      target1_id, target2_id, creator_id, love_ships.created_time,
+      target1_id, target2_id, creator_id, profile_ships.created_time,
       target1_id as target_id
-    from love_ships
-    join profiles on profiles.user_id = love_ships.target1_id
-    join users on users.id = love_ships.target1_id
+    from profile_ships
+    join profiles on profiles.user_id = profile_ships.target1_id
+    join users on users.id = profile_ships.target1_id
     where target2_id = $1
       and profiles.looking_for_matches
       and profiles.pinned_url is not null
@@ -81,11 +81,11 @@ export const getLikesAndShipsMain = async (userId: string) => {
     union all
 
     select
-      target1_id, target2_id, creator_id, love_ships.created_time,
+      target1_id, target2_id, creator_id, profile_ships.created_time,
       target2_id as target_id
-    from love_ships
-    join profiles on profiles.user_id = love_ships.target2_id
-    join users on users.id = love_ships.target2_id
+    from profile_ships
+    join profiles on profiles.user_id = profile_ships.target2_id
+    join users on users.id = profile_ships.target2_id
     where target1_id = $1
       and profiles.looking_for_matches
       and profiles.pinned_url is not null

backend/api/src/get-messages-count.ts

@@ -0,0 +1,18 @@
+import {APIHandler} from './helpers/endpoint'
+import {createSupabaseDirectClient} from "shared/supabase/init";
+
+export const getMessagesCount: APIHandler<'get-messages-count'> = async (_, auth) => {
+  const pg = createSupabaseDirectClient()
+  const result = await pg.one(
+    `
+        SELECT COUNT(*) AS count
+        FROM private_user_messages;
+    `,
+    []
+  );
+  const count = Number(result.count);
+  console.debug('private_user_messages count:', count);
+  return {
+    count: count,
+  }
+}

backend/api/src/get-private-messages.ts

@@ -1,16 +1,15 @@
-import { createSupabaseDirectClient } from 'shared/supabase/init'
-import { APIHandler } from './helpers/endpoint'
-import {
-  convertPrivateChatMessage,
-  PrivateMessageChannel,
-} from 'common/supabase/private-messages'
-import { groupBy, mapValues } from 'lodash'
+import {createSupabaseDirectClient} from 'shared/supabase/init'
+import {APIError, APIHandler} from './helpers/endpoint'
+import {PrivateMessageChannel,} from 'common/supabase/private-messages'
+import {groupBy, mapValues} from 'lodash'
+import {convertPrivateChatMessage} from "shared/supabase/messages";
+import {tryCatch} from "common/util/try-catch";
 
 export const getChannelMemberships: APIHandler<
   'get-channel-memberships'
 > = async (props, auth) => {
   const pg = createSupabaseDirectClient()
-  const { channelId, lastUpdatedTime, createdTime, limit } = props
+  const {channelId, lastUpdatedTime, createdTime, limit} = props
 
   let channels: PrivateMessageChannel[]
   const convertRow = (r: any) => ({
@@ -24,55 +23,56 @@ export const getChannelMemberships: APIHandler<
     channels = await pg.map(
       `select channel_id, notify_after_time, pumcm.created_time, last_updated_time
        from private_user_message_channel_members pumcm
-       join private_user_message_channels pumc on pumc.id= pumcm.channel_id
+                join private_user_message_channels pumc on pumc.id = pumcm.channel_id
        where user_id = $1
-       and channel_id = $2
+         and channel_id = $2
        limit $3
-       `,
+      `,
       [auth.uid, channelId, limit],
       convertRow
     )
   } else {
     channels = await pg.map(
-      `with latest_channels as (
-         select distinct on (pumc.id) pumc.id as channel_id, notify_after_time, pumc.created_time, 
-           (select created_time 
-            from private_user_messages 
-            where channel_id = pumc.id 
-            and visibility != 'system_status'
-            and user_id != $1
-            order by created_time desc 
-            limit 1) as last_updated_time, -- last_updated_time is the last possible unseen message time
-            pumc.last_updated_time as last_updated_channel_time -- last_updated_channel_time is the last time the channel was updated
-         from private_user_message_channels pumc
-         join private_user_message_channel_members pumcm on pumcm.channel_id = pumc.id
-         inner join private_user_messages pum on pumc.id = pum.channel_id
-             and (pum.visibility != 'introduction' or pum.user_id != $1)
-         where pumcm.user_id = $1
-         and not status = 'left'
-         and ($2 is null or pumcm.created_time > $2)
-         and ($4 is null or pumc.last_updated_time > $4)
-         order by pumc.id, pumc.last_updated_time desc
-       )
-       select * from latest_channels
+      `with latest_channels as (select distinct on (pumc.id) pumc.id                as channel_id,
+                                                             notify_after_time,
+                                                             pumc.created_time,
+                                                             (select created_time
+                                                              from private_user_messages
+                                                              where channel_id = pumc.id
+                                                                and visibility != 'system_status'
+                                                                and user_id != $1
+                                                              order by created_time desc
+                                                              limit 1)              as last_updated_time,        -- last_updated_time is the last possible unseen message time
+                                                             pumc.last_updated_time as last_updated_channel_time -- last_updated_channel_time is the last time the channel was updated
+                                from private_user_message_channels pumc
+                                         join private_user_message_channel_members pumcm on pumcm.channel_id = pumc.id
+                                         inner join private_user_messages pum on pumc.id = pum.channel_id
+                                    and (pum.visibility != 'introduction' or pum.user_id != $1)
+                                where pumcm.user_id = $1
+                                  and not status = 'left'
+                                  and ($2 is null or pumcm.created_time > $2)
+                                  and ($4 is null or pumc.last_updated_time > $4)
+                                order by pumc.id, pumc.last_updated_time desc)
+       select *
+       from latest_channels
        order by last_updated_channel_time desc
        limit $3
-       `,
+      `,
       [auth.uid, createdTime ?? null, limit, lastUpdatedTime ?? null],
       convertRow
     )
   }
   if (!channels || channels.length === 0)
-    return { channels: [], memberIdsByChannelId: {} }
+    return {channels: [], memberIdsByChannelId: {}}
   const channelIds = channels.map((c) => c.channel_id)
 
   const members = await pg.map(
     `select channel_id, user_id
      from private_user_message_channel_members
      where not user_id = $1
-     and channel_id in ($2:list)
-     and not status = 'left'
-     `,
+       and channel_id in ($2:list)
+       and not status = 'left'
+    `,
     [auth.uid, channelIds],
     (r) => ({
       channel_id: r.channel_id as number,
@@ -91,39 +91,56 @@ export const getChannelMemberships: APIHandler<
   }
 }
 
-export const getChannelMessages: APIHandler<'get-channel-messages'> = async (
+export const getChannelMessagesEndpoint: APIHandler<'get-channel-messages'> = async (
   props,
   auth
 ) => {
+  const userId = auth.uid
+  return await getChannelMessages({...props, userId})
+}
+
+export async function getChannelMessages(props: {
+  channelId: number;
+  limit: number;
+  id?: number | undefined;
+  userId: string;
+}) {
+  // console.log('initial message request', props)
+  const {channelId, limit, id, userId} = props
   const pg = createSupabaseDirectClient()
-  const { channelId, limit, id } = props
-  return await pg.map(
+  const {data, error} = await tryCatch(pg.map(
     `select *, created_time as created_time_ts
-       from private_user_messages
-       where channel_id = $1
-       and exists (select 1 from private_user_message_channel_members pumcm
-                         where pumcm.user_id = $2
-                         and pumcm.channel_id = $1
-                        )
+     from private_user_messages
+     where channel_id = $1
+       and exists (select 1
+                   from private_user_message_channel_members pumcm
+                   where pumcm.user_id = $2
+                     and pumcm.channel_id = $1)
        and ($4 is null or id > $4)
-       and not visibility = 'system_status' 
-       order by created_time desc
-       limit $3
-      `,
-    [channelId, auth.uid, limit, id],
+       and not visibility = 'system_status'
+     order by created_time desc
+     limit $3
+    `,
+    [channelId, userId, limit, id],
     convertPrivateChatMessage
-  )
+  ))
+  if (error) {
+    console.error(error)
+    throw new APIError(401, 'Error getting messages')
+  }
+  // console.log('final messages', data)
+  return data
 }
 
 export const getLastSeenChannelTime: APIHandler<
   'get-channel-seen-time'
 > = async (props, auth) => {
   const pg = createSupabaseDirectClient()
-  const { channelIds } = props
+  const {channelIds} = props
   const unseens = await pg.map(
     `select distinct on (channel_id) channel_id, created_time
      from private_user_seen_message_channels
-     where channel_id = any($1)
+     where channel_id = any ($1)
        and user_id = $2
      order by channel_id, created_time desc
     `,
@@ -137,11 +154,11 @@ export const setChannelLastSeenTime: APIHandler<
   'set-channel-seen-time'
 > = async (props, auth) => {
   const pg = createSupabaseDirectClient()
-  const { channelId } = props
+  const {channelId} = props
   await pg.none(
-    `insert into private_user_seen_message_channels (user_id, channel_id) 
-            values ($1, $2)
-      `,
+    `insert into private_user_seen_message_channels (user_id, channel_id)
+     values ($1, $2)
+    `,
     [auth.uid, channelId]
   )
 }

backend/api/src/get-profile-answers.ts

@@ -9,8 +9,8 @@ export const getProfileAnswers: APIHandler<'get-profile-answers'> = async (
   const { userId } = props
   const pg = createSupabaseDirectClient()
 
-  const answers = await pg.manyOrNone<Row<'love_compatibility_answers'>>(
-    `select * from love_compatibility_answers
+  const answers = await pg.manyOrNone<Row<'compatibility_answers'>>(
+    `select * from compatibility_answers
     where
       creator_id = $1
     order by created_time desc

backend/api/src/get-profiles.ts

@@ -1,10 +1,10 @@
 import {type APIHandler} from 'api/helpers/endpoint'
-import {convertRow} from 'shared/love/supabase'
+import {convertRow} from 'shared/profiles/supabase'
 import {createSupabaseDirectClient} from 'shared/supabase/init'
-import {from, join, limit, orderBy, renderSql, select, where,} from 'shared/supabase/sql-builder'
+import {from, join, leftJoin, limit, orderBy, renderSql, select, where,} from 'shared/supabase/sql-builder'
 import {getCompatibleProfiles} from 'api/compatible-profiles'
 import {intersection} from 'lodash'
-import {MAX_INT, MIN_INT} from "common/constants";
+import {MAX_INT, MIN_BIO_LENGTH, MIN_INT} from "common/constants";
 
 export type profileQueryType = {
   limit?: number | undefined,
@@ -12,43 +12,67 @@ export type profileQueryType = {
   // Search and filter parameters
   name?: string | undefined,
   genders?: String[] | undefined,
+  education_levels?: String[] | undefined,
   pref_gender?: String[] | undefined,
   pref_age_min?: number | undefined,
   pref_age_max?: number | undefined,
+  drinks_min?: number | undefined,
+  drinks_max?: number | undefined,
   pref_relation_styles?: String[] | undefined,
+  pref_romantic_styles?: String[] | undefined,
+  diet?: String[] | undefined,
+  political_beliefs?: String[] | undefined,
   wants_kids_strength?: number | undefined,
   has_kids?: number | undefined,
   is_smoker?: boolean | undefined,
+  shortBio?: boolean | undefined,
   geodbCityIds?: String[] | undefined,
+  lat?: number | undefined,
+  lon?: number | undefined,
+  radius?: number | undefined,
   compatibleWithUserId?: string | undefined,
   skipId?: string | undefined,
   orderBy?: string | undefined,
   lastModificationWithin?: string | undefined,
 }
 
+const userActivityColumns = ['last_online_time']
+
 
 export const loadProfiles = async (props: profileQueryType) => {
   const pg = createSupabaseDirectClient()
-  console.log(props)
+  console.debug(props)
   const {
     limit: limitParam,
     after,
     name,
     genders,
+    education_levels,
     pref_gender,
     pref_age_min,
     pref_age_max,
+    drinks_min,
+    drinks_max,
     pref_relation_styles,
+    pref_romantic_styles,
+    diet,
+    political_beliefs,
     wants_kids_strength,
     has_kids,
     is_smoker,
+    shortBio,
     geodbCityIds,
+    lat,
+    lon,
+    radius,
     compatibleWithUserId,
     orderBy: orderByParam = 'created_time',
     lastModificationWithin,
     skipId,
   } = props
 
+  const filterLocation = lat && lon && radius
+
   const keywords = name ? name.split(",").map(q => q.trim()).filter(Boolean) : []
   // console.debug('keywords:', keywords)
 
@@ -64,13 +88,24 @@ export const loadProfiles = async (props: profileQueryType) => {
       (l) =>
         (!name || l.user.name.toLowerCase().includes(name.toLowerCase())) &&
         (!genders || genders.includes(l.gender)) &&
+        (!education_levels || education_levels.includes(l.education_level ?? '')) &&
         (!pref_gender || intersection(pref_gender, l.pref_gender).length) &&
         (!pref_age_min || (l.age ?? MAX_INT) >= pref_age_min) &&
         (!pref_age_max || (l.age ?? MIN_INT) <= pref_age_max) &&
+        (!drinks_min || (l.drinks_per_month ?? MAX_INT) >= drinks_min) &&
+        (!drinks_max || (l.drinks_per_month ?? MIN_INT) <= drinks_max) &&
         (!pref_relation_styles ||
           intersection(pref_relation_styles, l.pref_relation_styles).length) &&
+        (!pref_romantic_styles ||
+          intersection(pref_romantic_styles, l.pref_romantic_styles).length) &&
+        (!diet ||
+          intersection(diet, l.diet).length) &&
+        (!political_beliefs ||
+          intersection(political_beliefs, l.political_beliefs).length) &&
         (!wants_kids_strength ||
           wants_kids_strength == -1 ||
+          !l.wants_kids_strength ||
+          l.wants_kids_strength == -1 ||
           (wants_kids_strength >= 2
             ? l.wants_kids_strength >= wants_kids_strength
             : l.wants_kids_strength <= wants_kids_strength)) &&
@@ -78,26 +113,37 @@ export const loadProfiles = async (props: profileQueryType) => {
           has_kids == -1 ||
           (has_kids == 0 && !l.has_kids) ||
           (l.has_kids && l.has_kids > 0)) &&
-        (!is_smoker || l.is_smoker === is_smoker) &&
+        (is_smoker === undefined || l.is_smoker === is_smoker) &&
         (l.id.toString() != skipId) &&
         (!geodbCityIds ||
-          (l.geodb_city_id && geodbCityIds.includes(l.geodb_city_id)))
+          (l.geodb_city_id && geodbCityIds.includes(l.geodb_city_id))) &&
+        (!filterLocation ||(
+          l.city_latitude && l.city_longitude &&
+          Math.abs(l.city_latitude - lat) < radius / 69.0 &&
+          Math.abs(l.city_longitude - lon) < radius / (69.0 * Math.cos(lat * Math.PI / 180)) &&
+          Math.pow(l.city_latitude - lat, 2) + Math.pow((l.city_longitude - lon) * Math.cos(lat * Math.PI / 180), 2) < Math.pow(radius / 69.0, 2)
+          )) &&
+        (shortBio || (l.bio_length ?? 0) >= MIN_BIO_LENGTH)
     )
 
     const cursor = after
       ? profiles.findIndex((l) => l.id.toString() === after) + 1
       : 0
-    console.log(cursor)
+    console.debug(cursor)
 
     if (limitParam) return profiles.slice(cursor, cursor + limitParam)
 
     return profiles
   }
 
+  const tablePrefix = userActivityColumns.includes(orderByParam) ? 'user_activity' : 'profiles'
+  const userActivityJoin = 'user_activity on user_activity.user_id = profiles.user_id'
+
   const query = renderSql(
-    select('profiles.*, name, username, users.data as user'),
+    select('profiles.*, name, username, users.data as user, user_activity.last_online_time'),
     from('profiles'),
     join('users on users.id = profiles.user_id'),
+    leftJoin(userActivityJoin),
     where('looking_for_matches = true'),
     // where(`pinned_url is not null and pinned_url != ''`),
     where(
@@ -106,14 +152,16 @@ export const loadProfiles = async (props: profileQueryType) => {
     where(`data->>'userDeleted' != 'true' or data->>'userDeleted' is null`),
 
     ...keywords.map(word => where(
-      `lower(users.name) ilike '%' || lower($(word)) || '%' or lower(bio::text) ilike '%' || lower($(word)) || '%'`,
+      `lower(users.name) ilike '%' || lower($(word)) || '%' or lower(bio::text) ilike '%' || lower($(word)) || '%' or bio_tsv @@ phraseto_tsquery('english', $(word))`,
       {word}
     )),
 
-    genders?.length && where(`gender = ANY($(gender))`, {gender: genders}),
+    genders?.length && where(`gender = ANY($(genders))`, {genders}),
+
+    education_levels?.length && where(`education_level = ANY($(education_levels))`, {education_levels}),
 
     pref_gender?.length &&
-    where(`pref_gender && $(pref_gender)`, {pref_gender}),
+    where(`pref_gender is NULL or pref_gender = '{}' OR pref_gender && $(pref_gender)`, {pref_gender}),
 
     pref_age_min &&
     where(`age >= $(pref_age_min) or age is null`, {pref_age_min}),
@@ -121,44 +169,90 @@ export const loadProfiles = async (props: profileQueryType) => {
     pref_age_max &&
     where(`age <= $(pref_age_max) or age is null`, {pref_age_max}),
 
+    drinks_min &&
+    where(`drinks_per_month >= $(drinks_min) or drinks_per_month is null`, {drinks_min}),
+
+    drinks_max &&
+    where(`drinks_per_month <= $(drinks_max) or drinks_per_month is null`, {drinks_max}),
+
     pref_relation_styles?.length &&
     where(
       `pref_relation_styles IS NULL OR pref_relation_styles = '{}' OR pref_relation_styles && $(pref_relation_styles)`,
-      { pref_relation_styles }
+      {pref_relation_styles}
+    ),
+
+    pref_romantic_styles?.length &&
+    where(
+      `pref_romantic_styles IS NULL OR pref_romantic_styles = '{}' OR pref_romantic_styles && $(pref_romantic_styles)`,
+      {pref_romantic_styles}
+    ),
+
+    diet?.length &&
+    where(
+      `diet IS NULL OR diet = '{}' OR diet && $(diet)`,
+      {diet}
+    ),
+
+    political_beliefs?.length &&
+    where(
+      `political_beliefs IS NULL OR political_beliefs = '{}' OR political_beliefs && $(political_beliefs)`,
+      {political_beliefs}
     ),
 
     !!wants_kids_strength &&
     wants_kids_strength !== -1 &&
     where(
-      wants_kids_strength >= 2
-        ? `wants_kids_strength >= $(wants_kids_strength)`
-        : `wants_kids_strength <= $(wants_kids_strength)`,
+      'wants_kids_strength = -1 OR wants_kids_strength IS NULL OR ' + (wants_kids_strength >= 2 ? `wants_kids_strength >= $(wants_kids_strength)` : `wants_kids_strength <= $(wants_kids_strength)`),
       {wants_kids_strength}
     ),
 
     has_kids === 0 && where(`has_kids IS NULL OR has_kids = 0`),
     has_kids && has_kids > 0 && where(`has_kids > 0`),
 
-    is_smoker !== undefined && where(`is_smoker = $(is_smoker)`, {is_smoker}),
+    is_smoker !== undefined && (
+      where(
+        (is_smoker ? '' : 'is_smoker IS NULL OR ') + // smokers are rare, so we don't include the people who didn't answer if we're looking for smokers
+        `is_smoker = $(is_smoker)`, {is_smoker}
+      )
+    ),
 
     geodbCityIds?.length &&
     where(`geodb_city_id = ANY($(geodbCityIds))`, {geodbCityIds}),
 
-    skipId && where(`user_id != $(skipId)`, {skipId}),
+    // miles par degree of lat: earth's radius (3950 miles) * pi / 180 = 69.0
+    filterLocation && where(`
+      city_latitude BETWEEN $(target_lat) - ($(radius) / 69.0)
+           AND $(target_lat) + ($(radius) / 69.0)
+      AND city_longitude BETWEEN $(target_lon) - ($(radius) / (69.0 * COS(RADIANS($(target_lat)))))
+           AND $(target_lon) + ($(radius) / (69.0 * COS(RADIANS($(target_lat)))))
+      AND SQRT(
+            POWER(city_latitude - $(target_lat), 2)
+          + POWER((city_longitude - $(target_lon)) * COS(RADIANS($(target_lat))), 2)
+          ) <= $(radius) / 69.0
+      `, {target_lat: lat, target_lon: lon, radius}),
 
-    orderBy(`${orderByParam} desc`),
+    skipId && where(`profiles.user_id != $(skipId)`, {skipId}),
+
+    orderBy(`${tablePrefix}.${orderByParam} DESC`),
     after &&
     where(
-      `profiles.${orderByParam} < (select profiles.${orderByParam} from profiles where id = $(after))`,
+      `${tablePrefix}.${orderByParam} < (
+      SELECT ${tablePrefix}.${orderByParam}
+      FROM profiles
+      LEFT JOIN ${userActivityJoin}
+      WHERE profiles.id = $(after)
+    )`,
       {after}
     ),
 
+    !shortBio && where(`bio_length >= ${MIN_BIO_LENGTH}`, {MIN_BIO_LENGTH}),
+
     lastModificationWithin && where(`last_modification_time >= NOW() - INTERVAL $(lastModificationWithin)`, {lastModificationWithin}),
 
     limitParam && limit(limitParam)
   )
 
-  // console.log('query:', query)
+  // console.debug('query:', query)
 
   return await pg.map(query, [], convertRow)
 }

backend/api/src/get-supabase-token.ts

@@ -1,8 +1,6 @@
-import { sign } from 'jsonwebtoken'
-import { APIError, APIHandler } from './helpers/endpoint'
-import { DEV_CONFIG } from 'common/envs/dev'
-import { PROD_CONFIG } from 'common/envs/prod'
-import { isProd } from 'shared/utils'
+import {sign} from 'jsonwebtoken'
+import {APIError, APIHandler} from './helpers/endpoint'
+import {ENV_CONFIG} from "common/envs/constants";
 
 export const getSupabaseToken: APIHandler<'get-supabase-token'> = async (
   _,
@@ -12,21 +10,17 @@ export const getSupabaseToken: APIHandler<'get-supabase-token'> = async (
   if (jwtSecret == null) {
     throw new APIError(500, "No SUPABASE_JWT_SECRET; couldn't sign token.")
   }
-  const instanceId = isProd()
-    ? PROD_CONFIG.supabaseInstanceId
-    : DEV_CONFIG.supabaseInstanceId
+  const instanceId = ENV_CONFIG.supabaseInstanceId
   if (!instanceId) {
     throw new APIError(500, 'No Supabase instance ID in config.')
   }
-  const payload = { role: 'anon' } // postgres role
+  const payload = {role: 'anon'} // postgres role
   return {
     jwt: sign(payload, jwtSecret, {
       algorithm: 'HS256', // same as what supabase uses for its auth tokens
       expiresIn: '1d',
       audience: instanceId,
-      issuer: isProd()
-        ? PROD_CONFIG.firebaseConfig.projectId
-        : DEV_CONFIG.firebaseConfig.projectId,
+      issuer: ENV_CONFIG.firebaseConfig.projectId,
       subject: auth.uid,
     }),
   }

backend/api/src/get-user.ts

@@ -17,17 +17,18 @@ export const getUser = async (props: { id: string } | { username: string }) => {
   return toUserAPIResponse(user)
 }
 
-export const getDisplayUser = async (
-  props: { id: string } | { username: string }
-) => {
-  const pg = createSupabaseDirectClient()
-  const liteUser = await pg.oneOrNone(
-    `select ${displayUserColumns}
-            from users
-            where ${'id' in props ? 'id' : 'username'} = $1`,
-    ['id' in props ? props.id : props.username]
-  )
-  if (!liteUser) throw new APIError(404, 'User not found')
-
-  return removeNullOrUndefinedProps(liteUser)
-}
+// export const getDisplayUser = async (
+//   props: { id: string } | { username: string }
+// ) => {
+//   console.log('getDisplayUser', props)
+//   const pg = createSupabaseDirectClient()
+//   const liteUser = await pg.oneOrNone(
+//     `select ${displayUserColumns}
+//             from users
+//             where ${'id' in props ? 'id' : 'username'} = $1`,
+//     ['id' in props ? props.id : props.username]
+//   )
+//   if (!liteUser) throw new APIError(404, 'User not found')
+//
+//   return removeNullOrUndefinedProps(liteUser)
+// }

backend/api/src/has-free-like.ts

@@ -17,7 +17,7 @@ export const getHasFreeLike = async (userId: string) => {
   const likeGivenToday = await pg.oneOrNone<object>(
     `
     select 1
-    from love_likes
+    from profile_likes
     where creator_id = $1
       and created_time at time zone 'UTC' at time zone 'America/Los_Angeles' >= (now() at time zone 'UTC' at time zone 'America/Los_Angeles')::date
       and created_time at time zone 'UTC' at time zone 'America/Los_Angeles' < ((now() at time zone 'UTC' at time zone 'America/Los_Angeles')::date + interval '1 day')

backend/api/src/helpers/endpoint.ts

@@ -1,35 +1,29 @@
 import * as admin from 'firebase-admin'
-import { z } from 'zod'
-import { Request, Response, NextFunction } from 'express'
+import {z} from 'zod'
+import {NextFunction, Request, Response} from 'express'
 
-import { PrivateUser } from 'common/user'
-import { APIError } from 'common/api/utils'
-export { APIError } from 'common/api/utils'
-import {
-  API,
-  APIPath,
-  APIResponseOptionalContinue,
-  APISchema,
-  ValidatedAPIParams,
-} from 'common/api/schema'
-import { log } from 'shared/utils'
-import { getPrivateUserByKey } from 'shared/utils'
+import {PrivateUser} from 'common/user'
+import {APIError} from 'common/api/utils'
+import {API, APIPath, APIResponseOptionalContinue, APISchema, ValidatedAPIParams,} from 'common/api/schema'
+import {getPrivateUserByKey, log} from 'shared/utils'
 
-export type Json = Record<string, unknown> | Json[]
-export type JsonHandler<T extends Json> = (
-  req: Request,
-  res: Response
-) => Promise<T>
-export type AuthedHandler<T extends Json> = (
-  req: Request,
-  user: AuthedUser,
-  res: Response
-) => Promise<T>
-export type MaybeAuthedHandler<T extends Json> = (
-  req: Request,
-  user: AuthedUser | undefined,
-  res: Response
-) => Promise<T>
+export {APIError} from 'common/api/utils'
+
+// export type Json = Record<string, unknown> | Json[]
+// export type JsonHandler<T extends Json> = (
+//   req: Request,
+//   res: Response
+// ) => Promise<T>
+// export type AuthedHandler<T extends Json> = (
+//   req: Request,
+//   user: AuthedUser,
+//   res: Response
+// ) => Promise<T>
+// export type MaybeAuthedHandler<T extends Json> = (
+//   req: Request,
+//   user: AuthedUser | undefined,
+//   res: Response
+// ) => Promise<T>
 
 export type AuthedUser = {
   uid: string
@@ -39,6 +33,29 @@ type JwtCredentials = { kind: 'jwt'; data: admin.auth.DecodedIdToken }
 type KeyCredentials = { kind: 'key'; data: string }
 type Credentials = JwtCredentials | KeyCredentials
 
+// export async function verifyIdToken(payload: string): Promise<DecodedIdToken> {
+// TODO: make local dev work without firebase admin SDK setup.
+// if (IS_LOCAL) {
+//   // Skip real verification locally (to avoid needing to set up admin service account).
+//   return {
+//     aud: "",
+//     auth_time: 0,
+//     email_verified: false,
+//     exp: 0,
+//     firebase: {identities: {}, sign_in_provider: ""},
+//     iat: 0,
+//     iss: "",
+//     phone_number: "",
+//     picture: "",
+//     sub: "",
+//     uid: 'dev-user',
+//     user_id: 'dev-user',
+//     email: 'dev-user@example.com'
+//   };
+// }
+//   return await admin.auth().verifyIdToken(payload);
+// }
+
 export const parseCredentials = async (req: Request): Promise<Credentials> => {
   const auth = admin.auth()
   const authHeader = req.get('Authorization')
@@ -57,14 +74,14 @@ export const parseCredentials = async (req: Request): Promise<Credentials> => {
         throw new APIError(401, 'Firebase JWT payload undefined.')
       }
       try {
-        return { kind: 'jwt', data: await auth.verifyIdToken(payload) }
+        return {kind: 'jwt', data: await auth.verifyIdToken(payload)}
       } catch (err) {
         // This is somewhat suspicious, so get it into the firebase console
         console.error('Error verifying Firebase JWT: ', err, scheme, payload)
         throw new APIError(500, 'Error validating token.')
       }
     case 'Key':
-      return { kind: 'key', data: payload }
+      return {kind: 'key', data: payload}
     default:
       throw new APIError(401, 'Invalid auth scheme; must be "Key" or "Bearer".')
   }
@@ -76,7 +93,7 @@ export const lookupUser = async (creds: Credentials): Promise<AuthedUser> => {
       if (typeof creds.data.user_id !== 'string') {
         throw new APIError(401, 'JWT must contain user ID.')
       }
-      return { uid: creds.data.user_id, creds }
+      return {uid: creds.data.user_id, creds}
     }
     case 'key': {
       const key = creds.data
@@ -84,7 +101,7 @@ export const lookupUser = async (creds: Credentials): Promise<AuthedUser> => {
       if (!privateUser) {
         throw new APIError(401, `No private user exists with API key ${key}.`)
       }
-      return { uid: privateUser.id, creds: { privateUser, ...creds } }
+      return {uid: privateUser.id, creds: {privateUser, ...creds}}
     }
     default:
       throw new APIError(401, 'Invalid credential type.')
@@ -109,45 +126,45 @@ export const validate = <T extends z.ZodTypeAny>(schema: T, val: unknown) => {
   }
 }
 
-export const jsonEndpoint = <T extends Json>(fn: JsonHandler<T>) => {
-  return async (req: Request, res: Response, next: NextFunction) => {
-    try {
-      res.status(200).json(await fn(req, res))
-    } catch (e) {
-      next(e)
-    }
-  }
-}
-
-export const authEndpoint = <T extends Json>(fn: AuthedHandler<T>) => {
-  return async (req: Request, res: Response, next: NextFunction) => {
-    try {
-      const authedUser = await lookupUser(await parseCredentials(req))
-      res.status(200).json(await fn(req, authedUser, res))
-    } catch (e) {
-      next(e)
-    }
-  }
-}
-
-export const MaybeAuthedEndpoint = <T extends Json>(
-  fn: MaybeAuthedHandler<T>
-) => {
-  return async (req: Request, res: Response, next: NextFunction) => {
-    let authUser: AuthedUser | undefined = undefined
-    try {
-      authUser = await lookupUser(await parseCredentials(req))
-    } catch {
-      // it's treated as an anon request
-    }
-
-    try {
-      res.status(200).json(await fn(req, authUser, res))
-    } catch (e) {
-      next(e)
-    }
-  }
-}
+// export const jsonEndpoint = <T extends Json>(fn: JsonHandler<T>) => {
+//   return async (req: Request, res: Response, next: NextFunction) => {
+//     try {
+//       res.status(200).json(await fn(req, res))
+//     } catch (e) {
+//       next(e)
+//     }
+//   }
+// }
+//
+// export const authEndpoint = <T extends Json>(fn: AuthedHandler<T>) => {
+//   return async (req: Request, res: Response, next: NextFunction) => {
+//     try {
+//       const authedUser = await lookupUser(await parseCredentials(req))
+//       res.status(200).json(await fn(req, authedUser, res))
+//     } catch (e) {
+//       next(e)
+//     }
+//   }
+// }
+//
+// export const MaybeAuthedEndpoint = <T extends Json>(
+//   fn: MaybeAuthedHandler<T>
+// ) => {
+//   return async (req: Request, res: Response, next: NextFunction) => {
+//     let authUser: AuthedUser | undefined = undefined
+//     try {
+//       authUser = await lookupUser(await parseCredentials(req))
+//     } catch {
+//       // it's treated as an anon request
+//     }
+//
+//     try {
+//       res.status(200).json(await fn(req, authUser, res))
+//     } catch (e) {
+//       next(e)
+//     }
+//   }
+// }
 
 export type APIHandler<N extends APIPath> = (
   props: ValidatedAPIParams<N>,
@@ -157,11 +174,63 @@ export type APIHandler<N extends APIPath> = (
   req: Request
 ) => Promise<APIResponseOptionalContinue<N>>
 
+// Simple in-memory fixed-window rate limiter keyed by auth uid (or IP if unauthenticated)
+// Not suitable for multi-instance deployments without a shared store, but provides basic protection.
+// Limits are configurable via env:
+//   API_RATE_LIMIT_PER_MIN_AUTHED
+//   API_RATE_LIMIT_PER_MIN_UNAUTHED
+// Endpoints can be exempted by adding their name to RATE_LIMIT_EXEMPT (comma-separated)
+const __rateLimitState: Map<string, { windowStart: number; count: number }> = new Map()
+
+function getRateLimitConfig() {
+  const authed = Number(process.env.API_RATE_LIMIT_PER_MIN_AUTHED ?? 120)
+  const unAuthed = Number(process.env.API_RATE_LIMIT_PER_MIN_UNAUTHED ?? 120)
+  return {authedLimit: authed, unAuthLimit: unAuthed}
+}
+
+function rateLimitKey(name: string, req: Request, auth?: AuthedUser) {
+  if (auth) return `uid:${auth.uid}`
+  // fallback to IP for unauthenticated requests
+  return `ip:${req.ip}`
+}
+
+function checkRateLimit(name: string, req: Request, res: Response, auth?: AuthedUser) {
+  const {authedLimit, unAuthLimit} = getRateLimitConfig()
+
+  const key = rateLimitKey(name, req, auth)
+  const limit = auth ? authedLimit : unAuthLimit
+  const now = Date.now()
+  const windowMs = 60_000
+  const windowStart = Math.floor(now / windowMs) * windowMs
+
+  let state = __rateLimitState.get(key)
+  if (!state || state.windowStart !== windowStart) {
+    state = {windowStart, count: 0}
+    __rateLimitState.set(key, state)
+  }
+  state.count += 1
+
+  const remaining = Math.max(0, limit - state.count)
+  const reset = Math.ceil((state.windowStart + windowMs - now) / 1000)
+
+  // Set standard-ish rate limit headers
+  res.setHeader('X-RateLimit-Limit', String(limit))
+  res.setHeader('X-RateLimit-Remaining', String(Math.max(0, remaining)))
+  res.setHeader('X-RateLimit-Reset', String(reset))
+
+  // console.log(`Rate limit check for ${key} on ${name}: ${state.count}/${limit} (remaining: ${remaining}, resets in ${reset}s)`)
+
+  if (state.count > limit) {
+    res.setHeader('Retry-After', String(reset))
+    throw new APIError(429, 'Too Many Requests: rate limit exceeded.')
+  }
+}
+
 export const typedEndpoint = <N extends APIPath>(
   name: N,
   handler: APIHandler<N>
 ) => {
-  const { props: propSchema, authed: authRequired, method } = API[name]
+  const {props: propSchema, authed: authRequired, rateLimited = false, method} = API[name] as APISchema<N>
 
   return async (req: Request, res: Response, next: NextFunction) => {
     let authUser: AuthedUser | undefined = undefined
@@ -171,6 +240,15 @@ export const typedEndpoint = <N extends APIPath>(
       if (authRequired) return next(e)
     }
 
+    // Apply rate limiting before invoking the handler
+    if (rateLimited) {
+      try {
+        checkRateLimit(String(name), req, res, authUser)
+      } catch (e) {
+        return next(e)
+      }
+    }
+
     const props = {
       ...(method === 'GET' ? req.query : req.body),
       ...req.params,
@@ -194,8 +272,8 @@ export const typedEndpoint = <N extends APIPath>(
       if (!res.headersSent) {
         // Convert bigint to number, b/c JSON doesn't support bigint.
         const convertedResult = deepConvertBigIntToNumber(result)
-
-        res.status(200).json(convertedResult ?? { success: true })
+        // console.debug('API result', convertedResult)
+        res.status(200).json(convertedResult ?? {success: true})
       }
 
       if (hasContinue) {

backend/api/src/helpers/private-messages.ts

@@ -0,0 +1,260 @@
+import {Json} from 'common/supabase/schema'
+import {SupabaseDirectClient} from 'shared/supabase/init'
+import {ChatVisibility} from 'common/chat-message'
+import {User} from 'common/user'
+import {first} from 'lodash'
+import {log} from 'shared/monitoring/log'
+import {getPrivateUser, getUser} from 'shared/utils'
+import {type JSONContent} from '@tiptap/core'
+import {APIError} from 'common/api/utils'
+import {broadcast} from 'shared/websockets/server'
+import {track} from 'shared/analytics'
+import {sendNewMessageEmail} from 'email/functions/helpers'
+import dayjs from 'dayjs'
+import utc from 'dayjs/plugin/utc'
+import timezone from 'dayjs/plugin/timezone'
+import webPush from 'web-push';
+import {parseJsonContentToText} from "common/util/parse";
+import {encryptMessage} from "shared/encryption";
+
+dayjs.extend(utc)
+dayjs.extend(timezone)
+
+export const leaveChatContent = (userName: string) => ({
+  type: 'doc',
+  content: [
+    {
+      type: 'paragraph',
+      content: [{text: `${userName} left the chat`, type: 'text'}],
+    },
+  ],
+})
+export const joinChatContent = (userName: string) => {
+  return {
+    type: 'doc',
+    content: [
+      {
+        type: 'paragraph',
+        content: [{text: `${userName} joined the chat!`, type: 'text'}],
+      },
+    ],
+  }
+}
+
+export const insertPrivateMessage = async (
+  content: Json,
+  channelId: number,
+  userId: string,
+  visibility: ChatVisibility,
+  pg: SupabaseDirectClient
+) => {
+  const plaintext = JSON.stringify(content);
+  const {ciphertext, iv, tag} = encryptMessage(plaintext);
+  const lastMessage = await pg.one(
+    `insert into private_user_messages (ciphertext, iv, tag, channel_id, user_id, visibility)
+     values ($1, $2, $3, $4, $5, $6)
+     returning created_time`,
+    [ciphertext, iv, tag, channelId, userId, visibility]
+  )
+  await pg.none(
+    `update private_user_message_channels
+     set last_updated_time = $1
+     where id = $2`,
+    [lastMessage.created_time, channelId]
+  )
+}
+
+export const addUsersToPrivateMessageChannel = async (
+  userIds: string[],
+  channelId: number,
+  pg: SupabaseDirectClient
+) => {
+  await Promise.all(
+    userIds.map((id) =>
+      pg.none(
+        `insert into private_user_message_channel_members (channel_id, user_id, role, status)
+         values ($1, $2, 'member', 'proposed')
+         on conflict do nothing
+        `,
+        [channelId, id]
+      )
+    )
+  )
+  await pg.none(
+    `update private_user_message_channels
+     set last_updated_time = now()
+     where id = $1`,
+    [channelId]
+  )
+}
+
+export const createPrivateUserMessageMain = async (
+  creator: User,
+  channelId: number,
+  content: JSONContent,
+  pg: SupabaseDirectClient,
+  visibility: ChatVisibility
+) => {
+  log('createPrivateUserMessageMain', creator, channelId, content)
+
+  // Normally, users can only submit messages to channels that they are members of
+  const authorized = await pg.oneOrNone(
+    `select 1
+     from private_user_message_channel_members
+     where channel_id = $1
+       and user_id = $2`,
+    [channelId, creator.id]
+  )
+  if (!authorized)
+    throw new APIError(403, 'You are not authorized to post to this channel')
+
+  await insertPrivateMessage(content, channelId, creator.id, visibility, pg)
+
+  const privateMessage = {
+    content: content as Json,
+    channel_id: channelId,
+    user_id: creator.id,
+  }
+
+  const otherUserIds = await pg.map<string>(
+    `select user_id
+     from private_user_message_channel_members
+     where channel_id = $1
+       and user_id != $2
+       and status != 'left'
+    `,
+    [channelId, creator.id],
+    (r) => r.user_id
+  )
+  otherUserIds.concat(creator.id).forEach((otherUserId) => {
+    broadcast(`private-user-messages/${otherUserId}`, {})
+  })
+
+  // Fire and forget safely
+  void notifyOtherUserInChannelIfInactive(channelId, creator, content, pg)
+    .catch((err) => {
+      console.error('notifyOtherUserInChannelIfInactive failed', err)
+    });
+
+  track(creator.id, 'send private message', {
+    channelId,
+    otherUserIds,
+  })
+
+  return privateMessage
+}
+
+const notifyOtherUserInChannelIfInactive = async (
+  channelId: number,
+  creator: User,
+  content: JSONContent,
+  pg: SupabaseDirectClient
+) => {
+  const otherUserIds = await pg.manyOrNone<{ user_id: string }>(
+    `select user_id
+     from private_user_message_channel_members
+     where channel_id = $1
+       and user_id != $2
+       and status != 'left'
+    `,
+    [channelId, creator.id]
+  )
+  // We're only sending notifs for 1:1 channels
+  if (!otherUserIds || otherUserIds.length > 1) return
+
+  const otherUserId = first(otherUserIds)
+  if (!otherUserId) return
+
+  // TODO: notification only for active user
+
+  const otherUser = await getUser(otherUserId.user_id)
+  console.debug('otherUser:', otherUser)
+  if (!otherUser) return
+
+  // Push notif
+  webPush.setVapidDetails(
+    'mailto:hello@compassmeet.com',
+    process.env.VAPID_PUBLIC_KEY!,
+    process.env.VAPID_PRIVATE_KEY!
+  );
+  const textContent = parseJsonContentToText(content)
+  // Retrieve subscription from the database
+  const subscriptions = await getSubscriptionsFromDB(otherUser.id, pg);
+  for (const subscription of subscriptions) {
+    try {
+      const payload = JSON.stringify({
+        title: `${creator.name}`,
+        body: textContent,
+        url: `/messages/${channelId}`,
+      })
+      console.log('Sending notification to:', subscription.endpoint, payload);
+      await webPush.sendNotification(subscription, payload);
+    } catch (err: any) {
+      console.log('Failed to send notification', err);
+      if (err.statusCode === 410 || err.statusCode === 404) {
+        console.warn('Removing expired subscription', subscription.endpoint);
+        await pg.none(
+          `DELETE
+           FROM push_subscriptions
+           WHERE endpoint = $1
+             AND user_id = $2`,
+          [subscription.endpoint, otherUser.id]
+        );
+      } else {
+        console.error('Push failed', err);
+      }
+    }
+  }
+
+  const startOfDay = dayjs()
+    .tz('America/Los_Angeles')
+    .startOf('day')
+    .toISOString()
+  const previousMessagesThisDayBetweenTheseUsers = await pg.one(
+    `select count(*)
+     from private_user_messages
+     where channel_id = $1
+       and user_id = $2
+       and created_time > $3
+    `,
+    [channelId, creator.id, startOfDay]
+  )
+  log('previous messages this day', previousMessagesThisDayBetweenTheseUsers)
+  if (previousMessagesThisDayBetweenTheseUsers.count > 0) return
+
+  await createNewMessageNotification(creator, otherUser, channelId)
+}
+
+const createNewMessageNotification = async (
+  fromUser: User,
+  toUser: User,
+  channelId: number,
+) => {
+  const privateUser = await getPrivateUser(toUser.id)
+  console.debug('privateUser:', privateUser)
+  if (!privateUser) return
+  await sendNewMessageEmail(privateUser, fromUser, toUser, channelId)
+}
+
+
+export async function getSubscriptionsFromDB(
+  userId: string,
+  pg: SupabaseDirectClient
+) {
+  try {
+    const subscriptions = await pg.manyOrNone(`
+                select endpoint, keys
+                from push_subscriptions
+                where user_id = $1
+      `, [userId]
+    );
+
+    return subscriptions.map(sub => ({
+      endpoint: sub.endpoint,
+      keys: sub.keys,
+    }));
+  } catch (err) {
+    console.error('Error fetching subscriptions', err);
+    return [];
+  }
+}

backend/api/src/junk-drawer/private-messages.ts

@@ -1,181 +0,0 @@
-import { Json } from 'common/supabase/schema'
-import { SupabaseDirectClient } from 'shared/supabase/init'
-import { ChatVisibility } from 'common/chat-message'
-import { User } from 'common/user'
-import { first } from 'lodash'
-import { log } from 'shared/monitoring/log'
-import { getPrivateUser, getUser } from 'shared/utils'
-import { type JSONContent } from '@tiptap/core'
-import { APIError } from 'common/api/utils'
-import { broadcast } from 'shared/websockets/server'
-import { track } from 'shared/analytics'
-import { sendNewMessageEmail } from 'email/functions/helpers'
-import dayjs from 'dayjs'
-import utc from 'dayjs/plugin/utc'
-import timezone from 'dayjs/plugin/timezone'
-
-dayjs.extend(utc)
-dayjs.extend(timezone)
-
-export const leaveChatContent = (userName: string) => ({
-  type: 'doc',
-  content: [
-    {
-      type: 'paragraph',
-      content: [{ text: `${userName} left the chat`, type: 'text' }],
-    },
-  ],
-})
-export const joinChatContent = (userName: string) => {
-  return {
-    type: 'doc',
-    content: [
-      {
-        type: 'paragraph',
-        content: [{ text: `${userName} joined the chat!`, type: 'text' }],
-      },
-    ],
-  }
-}
-
-export const insertPrivateMessage = async (
-  content: Json,
-  channelId: number,
-  userId: string,
-  visibility: ChatVisibility,
-  pg: SupabaseDirectClient
-) => {
-  const lastMessage = await pg.one(
-    `insert into private_user_messages (content, channel_id, user_id, visibility)
-    values ($1, $2, $3, $4) returning created_time`,
-    [content, channelId, userId, visibility]
-  )
-  await pg.none(
-    `update private_user_message_channels set last_updated_time = $1 where id = $2`,
-    [lastMessage.created_time, channelId]
-  )
-}
-
-export const addUsersToPrivateMessageChannel = async (
-  userIds: string[],
-  channelId: number,
-  pg: SupabaseDirectClient
-) => {
-  await Promise.all(
-    userIds.map((id) =>
-      pg.none(
-        `insert into private_user_message_channel_members (channel_id, user_id, role, status)
-                values
-                ($1, $2, 'member', 'proposed')
-                on conflict do nothing
-              `,
-        [channelId, id]
-      )
-    )
-  )
-  await pg.none(
-    `update private_user_message_channels set last_updated_time = now() where id = $1`,
-    [channelId]
-  )
-}
-
-export const createPrivateUserMessageMain = async (
-  creator: User,
-  channelId: number,
-  content: JSONContent,
-  pg: SupabaseDirectClient,
-  visibility: ChatVisibility
-) => {
-  log('createPrivateUserMessageMain', creator, channelId, content)
-  // Normally, users can only submit messages to channels that they are members of
-  const authorized = await pg.oneOrNone(
-    `select 1
-       from private_user_message_channel_members
-       where channel_id = $1
-         and user_id = $2`,
-    [channelId, creator.id]
-  )
-  if (!authorized)
-    throw new APIError(403, 'You are not authorized to post to this channel')
-
-  await notifyOtherUserInChannelIfInactive(channelId, creator, pg)
-  await insertPrivateMessage(content, channelId, creator.id, visibility, pg)
-
-  const privateMessage = {
-    content: content as Json,
-    channel_id: channelId,
-    user_id: creator.id,
-  }
-
-  const otherUserIds = await pg.map<string>(
-    `select user_id from private_user_message_channel_members
-        where channel_id = $1 and user_id != $2
-        and status != 'left'
-        `,
-    [channelId, creator.id],
-    (r) => r.user_id
-  )
-  otherUserIds.concat(creator.id).forEach((otherUserId) => {
-    broadcast(`private-user-messages/${otherUserId}`, {})
-  })
-
-  track(creator.id, 'send private message', {
-    channelId,
-    otherUserIds,
-  })
-
-  return privateMessage
-}
-
-const notifyOtherUserInChannelIfInactive = async (
-  channelId: number,
-  creator: User,
-  pg: SupabaseDirectClient
-) => {
-  const otherUserIds = await pg.manyOrNone<{ user_id: string }>(
-    `select user_id from private_user_message_channel_members
-        where channel_id = $1 and user_id != $2
-        and status != 'left'
-        `,
-    [channelId, creator.id]
-  )
-  // We're only sending notifs for 1:1 channels
-  if (!otherUserIds || otherUserIds.length > 1) return
-
-  const otherUserId = first(otherUserIds)
-  if (!otherUserId) return
-
-  const startOfDay = dayjs()
-    .tz('America/Los_Angeles')
-    .startOf('day')
-    .toISOString()
-  const previousMessagesThisDayBetweenTheseUsers = await pg.one(
-    `select count(*) from private_user_messages
-            where channel_id = $1
-            and user_id = $2
-            and created_time > $3
-            `,
-    [channelId, creator.id, startOfDay]
-  )
-  log('previous messages this day', previousMessagesThisDayBetweenTheseUsers)
-  if (previousMessagesThisDayBetweenTheseUsers.count > 0) return
-
-  // TODO: notification only for active user
-
-  const otherUser = await getUser(otherUserId.user_id)
-  console.log('otherUser:', otherUser)
-  if (!otherUser) return
-
-  await createNewMessageNotification(creator, otherUser, channelId)
-}
-
-const createNewMessageNotification = async (
-  fromUser: User,
-  toUser: User,
-  channelId: number
-) => {
-  const privateUser = await getPrivateUser(toUser.id)
-  console.log('privateUser:', privateUser)
-  if (!privateUser) return
-  await sendNewMessageEmail(privateUser, fromUser, toUser, channelId)
-}