Implement support for notifications (#12523)

* Setup basic notification page * Add basic notification implementation * Register for push notifications * Implement dispatching * Add fields * Handle image and link * Add notification config * Add field for users notification tokens * Implement saving of notification tokens * Implement VAPID key generation * Implement public key encoding * Implement webpush from server * Implement push notification handling * Make notifications config only * Add maskable icon * Use zod form to control notification settings in the UI * Use js * Always open notification * Support multiple endpoints * Handle cleaning up expired notification registrations * Correctly unsubscribe notifications * Change ttl dynamically * Add note about notification latency and features * Cleanup docs * Fix firefox pushes * Add links to docs and improve formatting * Improve wording * Fix docstring Co-authored-by: Blake Blackshear <blake@frigate.video> * Handle case where native auth is not enabled * Show errors in UI --------- Co-authored-by: Blake Blackshear <blake@frigate.video>
2024-07-22 14:39:15 -06:00
parent 331c882af2
commit 690ee3dc15
18 changed files with 795 additions and 14 deletions
--- a/frigate/api/app.py
+++ b/frigate/api/app.py
@@ -19,6 +19,7 @@ from frigate.api.auth import AuthBp, get_jwt_secret, limiter
 from frigate.api.event import EventBp
 from frigate.api.export import ExportBp
 from frigate.api.media import MediaBp
+from frigate.api.notification import NotificationBp
 from frigate.api.preview import PreviewBp
 from frigate.api.review import ReviewBp
 from frigate.config import FrigateConfig
@@ -48,6 +49,7 @@ bp.register_blueprint(MediaBp)
 bp.register_blueprint(PreviewBp)
 bp.register_blueprint(ReviewBp)
 bp.register_blueprint(AuthBp)
+bp.register_blueprint(NotificationBp)


 def create_app(
--- a/frigate/api/notification.py
+++ b/frigate/api/notification.py
@@ -0,0 +1,65 @@
+"""Notification apis."""
+
+import logging
+import os
+
+from cryptography.hazmat.primitives import serialization
+from flask import (
+    Blueprint,
+    current_app,
+    jsonify,
+    make_response,
+    request,
+)
+from peewee import DoesNotExist
+from py_vapid import Vapid01, utils
+
+from frigate.const import CONFIG_DIR
+from frigate.models import User
+
+logger = logging.getLogger(__name__)
+
+NotificationBp = Blueprint("notifications", __name__)
+
+
+@NotificationBp.route("/notifications/pubkey", methods=["GET"])
+def get_vapid_pub_key():
+    if not current_app.frigate_config.notifications.enabled:
+        return make_response(
+            jsonify({"success": False, "message": "Notifications are not enabled."}),
+            400,
+        )
+
+    key = Vapid01.from_file(os.path.join(CONFIG_DIR, "notifications.pem"))
+    raw_pub = key.public_key.public_bytes(
+        serialization.Encoding.X962, serialization.PublicFormat.UncompressedPoint
+    )
+    return jsonify(utils.b64urlencode(raw_pub)), 200
+
+
+@NotificationBp.route("/notifications/register", methods=["POST"])
+def register_notifications():
+    if current_app.frigate_config.auth.enabled:
+        username = request.headers.get("remote-user", type=str) or "admin"
+    else:
+        username = "admin"
+
+    json: dict[str, any] = request.get_json(silent=True) or {}
+    sub = json.get("sub")
+
+    if not sub:
+        return jsonify(
+            {"success": False, "message": "Subscription must be provided."}
+        ), 400
+
+    try:
+        User.update(notification_tokens=User.notification_tokens.append(sub)).where(
+            User.username == username
+        ).execute()
+        return make_response(
+            jsonify({"success": True, "message": "Successfully saved token."}), 200
+        )
+    except DoesNotExist:
+        return make_response(
+            jsonify({"success": False, "message": "Could not find user."}), 404
+        )
--- a/frigate/app.py
+++ b/frigate/app.py
@@ -25,6 +25,7 @@ from frigate.comms.config_updater import ConfigPublisher
 from frigate.comms.dispatcher import Communicator, Dispatcher
 from frigate.comms.inter_process import InterProcessCommunicator
 from frigate.comms.mqtt import MqttClient
+from frigate.comms.webpush import WebPushClient
 from frigate.comms.ws import WebSocketClient
 from frigate.comms.zmq_proxy import ZmqProxy
 from frigate.config import FrigateConfig
@@ -401,6 +402,9 @@ class FrigateApp:
        if self.config.mqtt.enabled:
            comms.append(MqttClient(self.config))

+        if self.config.notifications.enabled:
+            comms.append(WebPushClient(self.config))
+
        comms.append(WebSocketClient(self.config))
        comms.append(self.inter_process_communicator)

--- a/frigate/comms/webpush.py
+++ b/frigate/comms/webpush.py
@@ -0,0 +1,189 @@
+"""Handle sending notifications for Frigate via Firebase."""
+
+import datetime
+import json
+import logging
+import os
+from typing import Any, Callable
+
+from py_vapid import Vapid01
+from pywebpush import WebPusher
+
+from frigate.comms.dispatcher import Communicator
+from frigate.config import FrigateConfig
+from frigate.const import CONFIG_DIR
+from frigate.models import User
+
+logger = logging.getLogger(__name__)
+
+
+class WebPushClient(Communicator):  # type: ignore[misc]
+    """Frigate wrapper for webpush client."""
+
+    def __init__(self, config: FrigateConfig) -> None:
+        self.config = config
+        self.claim_headers: dict[str, dict[str, str]] = {}
+        self.refresh: int = 0
+        self.web_pushers: dict[str, list[WebPusher]] = {}
+        self.expired_subs: dict[str, list[str]] = {}
+
+        if not self.config.notifications.email:
+            logger.warning("Email must be provided for push notifications to be sent.")
+
+        # Pull keys from PEM or generate if they do not exist
+        self.vapid = Vapid01.from_file(os.path.join(CONFIG_DIR, "notifications.pem"))
+
+        users: list[User] = (
+            User.select(User.username, User.notification_tokens).dicts().iterator()
+        )
+        for user in users:
+            self.web_pushers[user["username"]] = []
+            for sub in user["notification_tokens"]:
+                self.web_pushers[user["username"]].append(WebPusher(sub))
+
+    def subscribe(self, receiver: Callable) -> None:
+        """Wrapper for allowing dispatcher to subscribe."""
+        pass
+
+    def check_registrations(self) -> None:
+        # check for valid claim or create new one
+        now = datetime.datetime.now().timestamp()
+        if len(self.claim_headers) == 0 or self.refresh < now:
+            self.refresh = int(
+                (datetime.datetime.now() + datetime.timedelta(hours=1)).timestamp()
+            )
+            endpoints: set[str] = set()
+
+            # get a unique set of push endpoints
+            for pushers in self.web_pushers.values():
+                for push in pushers:
+                    endpoint: str = push.subscription_info["endpoint"]
+                    endpoints.add(endpoint[0 : endpoint.index("/", 10)])
+
+            # create new claim
+            for endpoint in endpoints:
+                claim = {
+                    "sub": f"mailto:{self.config.notifications.email}",
+                    "aud": endpoint,
+                    "exp": self.refresh,
+                }
+                self.claim_headers[endpoint] = self.vapid.sign(claim)
+
+    def cleanup_registrations(self) -> None:
+        # delete any expired subs
+        if len(self.expired_subs) > 0:
+            for user, expired in self.expired_subs.items():
+                user_subs = []
+
+                # get all subscriptions, removing ones that are expired
+                stored_user: User = User.get_by_id(user)
+                for token in stored_user.notification_tokens:
+                    if token["endpoint"] in expired:
+                        continue
+
+                    user_subs.append(token)
+
+                # overwrite the database and reset web pushers
+                User.update(notification_tokens=user_subs).where(
+                    User.username == user
+                ).execute()
+
+                self.web_pushers[user] = []
+
+                for sub in user_subs:
+                    self.web_pushers[user].append(WebPusher(sub))
+
+                logger.info(
+                    f"Cleaned up {len(expired)} notification subscriptions for {user}"
+                )
+
+        self.expired_subs = {}
+
+    def publish(self, topic: str, payload: Any, retain: bool = False) -> None:
+        """Wrapper for publishing when client is in valid state."""
+        if topic == "reviews":
+            self.send_alert(json.loads(payload))
+
+    def send_alert(self, payload: dict[str, any]) -> None:
+        if not self.config.notifications.email:
+            return
+
+        self.check_registrations()
+
+        # Only notify for alerts
+        if payload["after"]["severity"] != "alert":
+            return
+
+        state = payload["type"]
+
+        # Don't notify if message is an update and important fields don't have an update
+        if (
+            state == "update"
+            and len(payload["before"]["data"]["objects"])
+            == len(payload["after"]["data"]["objects"])
+            and len(payload["before"]["data"]["zones"])
+            == len(payload["after"]["data"]["zones"])
+        ):
+            return
+
+        reviewId = payload["after"]["id"]
+        sorted_objects: set[str] = set()
+
+        for obj in payload["after"]["data"]["objects"]:
+            if "-verified" not in obj:
+                sorted_objects.add(obj)
+
+        sorted_objects.update(payload["after"]["data"]["sub_labels"])
+
+        camera: str = payload["after"]["camera"]
+        title = f"{', '.join(sorted_objects).replace('_', ' ').title()}{' was' if state == 'end' else ''} detected in {', '.join(payload['after']['data']['zones']).replace('_', ' ').title()}"
+        message = f"Detected on {camera.replace('_', ' ').title()}"
+        image = f'{payload["after"]["thumb_path"].replace("/media/frigate", "")}'
+
+        # if event is ongoing open to live view otherwise open to recordings view
+        direct_url = f"/review?id={reviewId}" if state == "end" else f"/#{camera}"
+
+        for user, pushers in self.web_pushers.items():
+            for pusher in pushers:
+                endpoint = pusher.subscription_info["endpoint"]
+
+                # set headers for notification behavior
+                headers = self.claim_headers[
+                    endpoint[0 : endpoint.index("/", 10)]
+                ].copy()
+                headers["urgency"] = "high"
+                ttl = 3600 if state == "end" else 0
+
+                # send message
+                resp = pusher.send(
+                    headers=headers,
+                    ttl=ttl,
+                    data=json.dumps(
+                        {
+                            "title": title,
+                            "message": message,
+                            "direct_url": direct_url,
+                            "image": image,
+                            "id": reviewId,
+                        }
+                    ),
+                )
+
+                if resp.status_code == 201:
+                    pass
+                elif resp.status_code == 404 or resp.status_code == 410:
+                    # subscription is not found or has been unsubscribed
+                    if not self.expired_subs.get(user):
+                        self.expired_subs[user] = []
+
+                    self.expired_subs[user].append(pusher.subscription_info["endpoint"])
+                    # the subscription no longer exists and should be removed
+                else:
+                    logger.warning(
+                        f"Failed to send notification to {user} :: {resp.headers}"
+                    )
+
+        self.cleanup_registrations()
+
+    def stop(self) -> None:
+        pass
--- a/frigate/config.py
+++ b/frigate/config.py
@@ -169,6 +169,11 @@ class AuthConfig(FrigateBaseModel):
    hash_iterations: int = Field(default=600000, title="Password hash iterations")


+class NotificationConfig(FrigateBaseModel):
+    enabled: bool = Field(default=False, title="Enable notifications")
+    email: Optional[str] = Field(default=None, title="Email required for push.")
+
+
 class StatsConfig(FrigateBaseModel):
    amd_gpu_stats: bool = Field(default=True, title="Enable AMD GPU stats.")
    intel_gpu_stats: bool = Field(default=True, title="Enable Intel GPU stats.")
@@ -1361,6 +1366,9 @@ class FrigateConfig(FrigateBaseModel):
        default_factory=dict, title="Frigate environment variables."
    )
    ui: UIConfig = Field(default_factory=UIConfig, title="UI configuration.")
+    notifications: NotificationConfig = Field(
+        default_factory=NotificationConfig, title="Notification Config"
+    )
    telemetry: TelemetryConfig = Field(
        default_factory=TelemetryConfig, title="Telemetry configuration."
    )
--- a/frigate/models.py
+++ b/frigate/models.py
@@ -118,3 +118,4 @@ class RecordingsToDelete(Model):  # type: ignore[misc]
 class User(Model):  # type: ignore[misc]
    username = CharField(null=False, primary_key=True, max_length=30)
    password_hash = CharField(null=False, max_length=120)
+    notification_tokens = JSONField()