Add chat/label management endpoints and local media delivery mode#282
Open
a23comunicacoes wants to merge 5 commits intoasternic:mainfrom
Open
Add chat/label management endpoints and local media delivery mode#282a23comunicacoes wants to merge 5 commits intoasternic:mainfrom
a23comunicacoes wants to merge 5 commits intoasternic:mainfrom
Conversation
…Labels) Add 6 new API endpoints leveraging whatsmeow appstate functions: - GET /chat/list: list chats from message_history with contact names - POST /chat/markunread: mark chat as unread - POST /chat/pin: pin/unpin a chat - POST /label/edit: create/update/delete labels - POST /label/chat: assign/remove label from chat - POST /label/message: assign/remove label from message Includes JSON-RPC stdio mappings, API.md documentation, Swagger spec updates, and test coverage for all new endpoints.
- Add /chat/archive endpoint and ArchiveChat schema to spec.yml
- Fix /user/lid path param from {phone} to {jid} in spec.yml
- Add /chat/archive and /status/set/text sections to API.md
- Add mandatory API documentation requirements to CLAUDE.md
- Add GET /media/{userid}/{filename} endpoint to serve media files locally
without authentication, so webhook receivers can fetch files directly
- Add "local" media_delivery option: webhook sends mediaURL instead of base64
- Increase webhook HTTP client timeout from 30s to 150s for large payloads
- Change default media_delivery from "base64" to "local" across all defaults
- Support WUZAPI_BASE_URL env var for proxy/ngrok setups
- Update API docs (spec.yml, API.md) and MCP tool definitions
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces several new features including chat listing, pinning, marking as unread, and WhatsApp Business label management. It also adds a 'local' media delivery mode that serves files directly from the server and includes a comprehensive CLAUDE.md guide for project context. Feedback highlights significant security concerns regarding the local media delivery implementation, specifically the use of the world-readable /tmp directory for storage and the lack of authentication on the media serving endpoint. Additionally, improvements were suggested for the efficiency of JSON responses, the robustness of timestamp parsing in chat history, and the flexibility of the hardcoded HTTP client timeout.
…e timeout - Store media files under exPath/media/ instead of /tmp for safety - Require user token as query param on /media endpoint - Include token in mediaURL sent via webhook payload - Read WEBHOOK_TIMEOUT env var (default 30s) instead of hardcoded value - Improve timestamp parsing with multiple format support - Avoid double json marshal/unmarshal in new handlers - Update API docs and OpenAPI spec accordingly
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds chat management endpoints (list, mark unread, pin/unpin, archive/unarchive) and label endpoints (list, set, unset).
Also adds a local media delivery option as an alternative to S3, serving downloaded files directly from the server.
API docs and OpenAPI spec updated accordingly.