Session 2026-04-20: Medien-Konvertierung, Umami Analytics, Username/Privacy

- HEIC→JPEG, MOV/AVI→MP4 Konvertierung bei allen Upload-Endpoints (media_utils.py) - ffmpeg im Docker-Image, Video-Thumbnails (extract_video_thumb, poster-Attribut) - Google Analytics entfernt, Umami self-hosted eingebunden (index.html, datenschutz.js) - Admin-Panel Analytics-Tab: Stat-Cards, Sparkline 7 Tage, Top-Seiten (Umami-API-Proxy) - Admin-Panel Tab-Icons korrigiert (aus vorhandenem Phosphor-Sprite) - users.real_name Spalte: Username öffentlich, echter Name privat und optional - Registrierung: Label "Benutzername", Leerzeichen verboten, Profanity-Blockliste - Datenschutzerklärung: GA-Abschnitt durch Umami-Text ersetzt
2026-04-20 18:36:58 +02:00 · 2026-04-20 18:36:58 +02:00 · 5141ba9969
commit 5141ba9969
parent 9a78121a3e
20 changed files with 524 additions and 143 deletions
--- a/backend/routes/poison.py
+++ b/backend/routes/poison.py
@ -8,6 +8,7 @@ from typing import Optional
 from database import db
 from auth import get_current_user
 from routes.push import send_push_to_all
+from media_utils import convert_media

 router    = APIRouter()
 MEDIA_DIR = os.getenv("MEDIA_DIR", "/data/media")
@ -174,13 +175,15 @@ async def upload_photo(
    if not entry:
        raise HTTPException(404, "Meldung nicht gefunden oder keine Berechtigung.")

-    ext      = os.path.splitext(file.filename or "")[1] or ".jpg"
+    data, ext = convert_media(await file.read(), file.filename or "")
+    if not ext:
+        ext = ".jpg"
    filename = f"poison_{poison_id}_{uuid.uuid4().hex[:8]}{ext}"
    path     = os.path.join(MEDIA_DIR, "poison", filename)
    os.makedirs(os.path.dirname(path), exist_ok=True)

    with open(path, "wb") as f:
-        f.write(await file.read())
+        f.write(data)

    foto_url = f"/media/poison/{filename}"
    with db() as conn: