Merged
Conversation
…and security details
…and access blocking for failed attempts
…ocked page message
- Added consent banner to ChatBot component, prompting users for data storage consent. - Updated useChatBot hook to manage consent state and persist it in localStorage. - Enhanced ChatSession model in Prisma schema to include consent tracking. - Created admin page for viewing and managing chat logs, including filters for consent and country. - Implemented API endpoint for fetching and deleting chat logs with authorization. - Added utility functions for IP anonymization and GeoIP information retrieval. - Updated translations for consent-related messages in multiple languages. - Bumped ChatHeader version to 1.3.6 to reflect new features.
… and logging adjustments
… and update privacy notice
…mproved user clarity
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request introduces version 6.0.1 with a major new feature: chat logging functionality with comprehensive GDPR-compliant consent management. The PR also implements admin session management with IP-based blocking, updates translations across all supported locales, and makes various UI improvements to the chatbot and footer components.
Changes:
- Added chat logging infrastructure with user consent management, database schema for ChatSession and ChatMessage models, and admin interface to view/manage logs
- Implemented admin session management with IP blocking, rate limiting, and secure session cookies to protect admin routes
- Updated privacy policy translations in all supported languages (en, de, es, fr, sv) to reflect optional data storage with consent
Reviewed changes
Copilot reviewed 22 out of 22 changed files in this pull request and generated 15 comments.
Show a summary per file
| File | Description |
|---|---|
| types/main/admin.ts | Added "logout" action to BlogAdminAction type, fixed comment formatting |
| types/configs/chatbot.ts | Added language field to context, consentGiven flag, and comprehensive chat logging types (ChatSessionLog, ChatMessageLog, etc.) |
| proxy.ts | Implemented IP blocking, session validation, and admin route protection with in-memory storage for sessions and blocked IPs |
| prisma/schema.prisma | Added ChatSession and ChatMessage models with proper indexes for chat logging |
| messages/*.json | Updated privacy policy text in all locales to reflect optional data storage with consent |
| lib/chatbot-logging.ts | New utility functions for GeoIP lookup, IP anonymization, and logging configuration |
| hooks/use-chatbot.ts | Added consent state management and persistence to localStorage |
| components/nav/navbarItems.tsx | Added unoptimized prop and styling adjustments to logo images |
| components/footer/Footer.tsx | Integrated VersionDisplay component for dynamic version display |
| components/chatbot/ChatHeader.tsx | Updated chatbot version to v1.3.6 |
| components/chatbot/ChatBot.tsx | Implemented consent banner UI with accept/decline actions |
| app/api/chatbot/route.ts | Added logChatToDB function with consent checking and database integration |
| app/api/admin/chatbot/logs/route.ts | New admin API endpoint for viewing and deleting chat logs |
| app/api/admin/blog/route.ts | Added session cookie management and logout action |
| app/admin/chatbot/page.tsx | New admin page for viewing and filtering chat logs |
| app/admin/blocked/page.tsx | New blocked page shown when IP exceeds failed admin access attempts |
| app/(legals)/impressum/page.tsx | Added placeholder text for VAT information |
| README.md | Updated version to 6.0.1, reformatted stack section, abbreviated security section |
Comments suppressed due to low confidence (1)
components/chatbot/ChatBot.tsx:299
- The backdrop blur overlay uses
pointer-events-none, which means it doesn't actually block user interaction with the chat input below. Users can still type and send messages before accepting or declining consent. The overlay should either usepointer-events-autoto block clicks, or the ChatInput component should be disabled whenshowConsentBanneris true. Update line 299 to:disabled={showConsentBanner || isLoading}
<div className="absolute inset-0 z-10 backdrop-blur-sm bg-background/30 pointer-events-none" />
)}
<div
className={`flex-1 p-3 sm:p-4 min-h-0 max-h-64 sm:max-h-80 overflow-y-auto ${CHATBOT_STYLES.SCROLLBAR}`}
role="log"
aria-live="polite"
aria-label="Chat conversation"
>
<div className="space-y-4">
{messages.length === 0 && !isLoading && (
<div
className="flex flex-col items-center justify-center py-12 text-center"
role="region"
aria-labelledby="welcome-title"
>
<div
className={`w-16 h-16 ${CHATBOT_STYLES.BUTTON_ROUNDED} ${CHATBOT_STYLES.WELCOME_ICON_GRADIENT} flex items-center justify-center mb-4`}
role="img"
aria-label="Welcome illustration"
>
<Sparkles
className="w-8 h-8 text-primary"
aria-hidden="true"
/>
</div>
<h3
className="font-semibold text-foreground mb-2"
id="welcome-title"
>
{t(CHATBOT_TRANSLATION_KEYS.GREETING_TITLE)}
</h3>
<p
className="text-sm text-muted-foreground max-w-xs leading-relaxed"
id="welcome-description"
>
{t(CHATBOT_TRANSLATION_KEYS.GREETING_DESCRIPTION)}
</p>
</div>
)}
{messages.map((message: ChatMessage) => (
<ChatMessageComponent key={message.id} message={message} />
))}
{isLoading && <TypingIndicator />}
{error && (
<div
className="flex justify-center py-4"
role="alert"
aria-live="assertive"
>
<div className="bg-destructive/10 border border-destructive/20 text-destructive px-4 py-3 rounded-lg text-sm flex items-center gap-2 max-w-xs">
<CircleAlert
className="w-4 h-4 shrink-0"
aria-hidden="true"
/>
<span>{error}</span>
</div>
</div>
)}
<div ref={messagesEndRef} />
</div>
</div>
<Separator className="opacity-50" />
<ChatInput
onSendMessage={handleSendMessage}
isLoading={isLoading}
disabled={false}
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This was referenced Feb 16, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.