Implement /shoutrrr endpoint

More webapp changes+fixes
2025-12-18 11:36:15 +01:00 · 2025-12-09 16:45:51 +01:00 · 2025-12-07 04:21:11 +01:00 · 2025-12-05 21:39:32 +01:00 · 2025-12-05 16:59:56 +01:00 · 2025-12-05 16:58:30 +01:00
135 changed files with 24602 additions and 8852 deletions
--- a/.gitea/workflows/build_and_deploy.yml
+++ b/.gitea/workflows/build_and_deploy.yml
@@ -10,7 +10,7 @@
 #
 name: Build Docker and Deploy
-run-name: Build & Deploy ${{ gitea.ref }} on ${{ gitea.actor }}
+run-name: "[cicd-server]: ${{ github.event.head_commit.message }}"
 on: 
  push:
@@ -30,6 +30,7 @@ jobs:
      - name: Check out code
        uses: actions/checkout@v3
      - run: cd "${{ gitea.workspace }}/scnserver" && make clean
      - run: cd "${{ gitea.workspace }}/scnserver" && make dgi
      - run: cd "${{ gitea.workspace }}/scnserver" && make docker
      - run: cd "${{ gitea.workspace }}/scnserver" && make push-docker
@@ -60,21 +61,7 @@ jobs:
        run: go version
      - name: Run tests
-        run: cd "${{ gitea.workspace }}/scnserver" && make dgi && make swagger && SCN_TEST_LOGLEVEL=WARN make test
+        run: cd "${{ gitea.workspace }}/scnserver" && make generate && SCN_TEST_LOGLEVEL=WARN make test
      - name: Send failure mail
        if: failure()
        uses: dawidd6/action-send-mail@v3
        with:
          server_address: smtp.fastmail.com
          server_port: 465
          secure: true
          username: ${{secrets.MAIL_USERNAME}}
          password: ${{secrets.MAIL_PASSWORD}}
          subject: Pipeline on '${{ gitea.repository }}' failed
          to: ${{ steps.commiter_info.outputs.MAIL }}
          from: Gitea Actions <gitea_actions@blackforestbytes.de>
          body: "Go to https://gogs.blackforestbytes.com/${{ gitea.repository }}/actions"
  deploy_server:
    name: Deploy to Server
--- a/.gitea/workflows/cicd-webapp.yml
+++ b/.gitea/workflows/cicd-webapp.yml
@@ -0,0 +1,57 @@
 # https://docs.gitea.com/next/usage/actions/quickstart
 # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
 # https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
 # Configurable with a few commit messages:
 #   - [skip-tests]       Skip the test stage
 #   - [skip-deployment]  Skip the deployment stage
 #   - [skip-ci]          Skip all stages (the whole ci/cd)
 #
 name: Build Docker and Deploy
 run-name: "[cicd-webapp]: ${{ github.event.head_commit.message }}"
 on: 
  push:
    branches: ['master']    
 jobs:
  build_webapp:
    name: Build Docker Container
    runs-on: bfb-cicd-latest
    if: >-
      !contains(github.event.head_commit.message, '[skip-ci]') && 
      !contains(github.event.head_commit.message, '[skip-deployment]')
    steps:
      - run: echo -n "${{ secrets.DOCKER_REG_PASS }}" | docker login registry.blackforestbytes.com -u docker --password-stdin
      - name: Check out code
        uses: actions/checkout@v3
      - run: cd "${{ gitea.workspace }}/webapp" && make clean
      - run: cd "${{ gitea.workspace }}/webapp" && make docker
      - run: cd "${{ gitea.workspace }}/webapp" && make push-docker
  deploy_webapp:
    name: Deploy to Server
    needs: [build_webapp]
    runs-on: ubuntu-latest
    if: >-
      !cancelled() &&
      !contains(github.event.head_commit.message, '[skip-ci]') && 
      !contains(github.event.head_commit.message, '[skip-deployment]') && 
      needs.build_webapp.result == 'success'
    steps:
      - name: Execute deploy on remote (via ssh)
        uses: appleboy/ssh-action@v1.0.0
        with:
          host:     simplecloudnotifier.de
          username: bfb-deploy-bot
          port:     4477
          key:      "${{ secrets.SSH_KEY_BFBDEPLOYBOT }}"
          script:   cd /var/docker/deploy-scripts/simplecloudnotifier && ./deploy-webapp.sh master "${{ gitea.sha }}" || exit 1
--- a/flutter/_utils/release.sh
+++ b/flutter/_utils/release.sh
@@ -18,8 +18,8 @@ if [[ "$VERS_BY_TAG" != "$VERS_BY_SPEC" ]]; then
 fi
 echo ""
-echo "(!) Make sure you've updated version-number in pubspec.yaml (current = ${VERS}) !"
+echo "(!) Make sure you've updated version-number in pubspec.yaml (current = ${VERS}) and created a tag (current = ${VERS_BY_TAG}) !"
-echo 'Confirmed' && read -r
+echo '> Press Enter to confirm...' && read -r
 echo ""
 flutter build apk       --release
@@ -31,7 +31,10 @@ echo ""
 flutter build appbundle --release
 cp build/app/outputs/bundle/release/app-release.aab "_releases/v${VERS}.aab"
-cd "build/app/intermediates/merged_native_libs/release/out/lib" && zip -r "../../../../../../../_releases/v${VERS}.symbols.zip" .
+
 pushd "build/app/intermediates/merged_native_libs/release/out/lib" || exit 1
 zip -r "../../../../../../../_releases/v${VERS}.symbols.zip" .
 popd || exit 1
 echo ""
 echo "--> copied AAB to _releases  ( Version: ${VERS} )"
--- a/flutter/analysis_options.yaml
+++ b/flutter/analysis_options.yaml
@@ -3,6 +3,10 @@ include:
 - package:lints/recommended.yaml
 - package:flutter_lints/flutter.yaml
 formatter:
  page_width: 512
  trailing_commas: preserve
 linter:
--- a/flutter/lib/pages/message_view/message_view.dart
+++ b/flutter/lib/pages/message_view/message_view.dart
@@ -166,20 +166,34 @@ class _MessageViewPageState extends State<MessageViewPage> {
              title: 'Sender',
              values: [message.senderName!],
              mainAction: () => {
-                Navi.push(context, () => FilteredMessageViewPage(title: message.senderName!, alertText: 'All message sent from \'${message.senderName!}\'', filter: MessageFilter(senderNames: [message.senderName!])))
+                Navi.push(
                  context,
                  () => FilteredMessageViewPage(
                    title: message.senderName!,
                    alertText: 'All message sent from \'${message.senderName!}\'',
                    filter: MessageFilter(senderNames: [message.senderName!]),
                  ),
                ),
              },
            ),
          if (cfg.showExtendedAttributes)
            UI.metaCard(
              context: context,
              icon: FontAwesomeIcons.solidGearCode,
-              title: 'KeyToken',
+              title: 'Used Key',
              values: [message.usedKeyID, token?.name ?? '...'],
              mainAction: () {
                if (message.senderUserID == userAccUserID) {
                  Navi.push(context, () => KeyTokenViewPage(keytokenID: message.usedKeyID, preloadedData: null, needsReload: null));
                } else {
-                  Navi.push(context, () => FilteredMessageViewPage(title: token?.name ?? message.usedKeyID, alertText: 'All message sent with the specified key', filter: MessageFilter(usedKeys: [message.usedKeyID])));
+                  Navi.push(
                    context,
                    () => FilteredMessageViewPage(
                      title: token?.name ?? message.usedKeyID,
                      alertText: 'All message sent with the specified key',
                      filter: MessageFilter(usedKeys: [message.usedKeyID]),
                    ),
                  );
                }
              },
            ),
@@ -187,13 +201,20 @@ class _MessageViewPageState extends State<MessageViewPage> {
            UI.metaCard(
              context: context,
              icon: FontAwesomeIcons.solidGearCode,
-              title: 'KeyToken',
+              title: 'Used Key',
              values: [token.name],
              mainAction: () {
                if (message.senderUserID == userAccUserID) {
                  Navi.push(context, () => KeyTokenViewPage(keytokenID: message.usedKeyID, preloadedData: null, needsReload: null));
                } else {
-                  Navi.push(context, () => FilteredMessageViewPage(title: token.name, alertText: 'All message sent with key \'${token.name}\'', filter: MessageFilter(usedKeys: [message.usedKeyID])));
+                  Navi.push(
                    context,
                    () => FilteredMessageViewPage(
                      title: token.name,
                      alertText: 'All message sent with key \'${token.name}\'',
                      filter: MessageFilter(usedKeys: [message.usedKeyID]),
                    ),
                  );
                }
              },
            ),
@@ -208,19 +229,21 @@ class _MessageViewPageState extends State<MessageViewPage> {
                  }
                : null,
          ),
-          UI.metaCard(
+          UI.metaCard(context: context, icon: FontAwesomeIcons.solidTimer, title: 'Timestamp', values: [message.timestamp]),
            context: context,
            icon: FontAwesomeIcons.solidTimer,
            title: 'Timestamp',
            values: [message.timestamp],
          ),
          if (cfg.showExtendedAttributes)
            UI.metaCard(
              context: context,
              icon: FontAwesomeIcons.solidUser,
              title: 'User',
              values: [user?.userID ?? message.senderUserID, if (user?.username != null) user?.username ?? ''],
-              mainAction: () => Navi.push(context, () => FilteredMessageViewPage(title: user?.username ?? message.senderUserID, alertText: 'All message sent by the specified account', filter: MessageFilter(senderUserID: [message.senderUserID]))),
+              mainAction: () => Navi.push(
                context,
                () => FilteredMessageViewPage(
                  title: user?.username ?? message.senderUserID,
                  alertText: 'All message sent by the specified account',
                  filter: MessageFilter(senderUserID: [message.senderUserID]),
                ),
              ),
            ),
          if (!cfg.showExtendedAttributes)
            UI.metaCard(
@@ -228,14 +251,28 @@ class _MessageViewPageState extends State<MessageViewPage> {
              icon: FontAwesomeIcons.solidUser,
              title: 'User',
              values: [user?.username ?? user?.userID ?? message.senderUserID],
-              mainAction: () => Navi.push(context, () => FilteredMessageViewPage(title: user?.username ?? message.senderUserID, alertText: 'All message sent by the specified account', filter: MessageFilter(senderUserID: [message.senderUserID]))),
+              mainAction: () => Navi.push(
                context,
                () => FilteredMessageViewPage(
                  title: user?.username ?? message.senderUserID,
                  alertText: 'All message sent by the specified account',
                  filter: MessageFilter(senderUserID: [message.senderUserID]),
                ),
              ),
            ),
          UI.metaCard(
            context: context,
            icon: FontAwesomeIcons.solidBolt,
            title: 'Priority',
            values: [_prettyPrintPriority(message.priority)],
-            mainAction: () => Navi.push(context, () => FilteredMessageViewPage(title: "Priority ${message.priority}", alertText: 'All message sent with priority ' + _prettyPrintPriority(message.priority), filter: MessageFilter(priority: [message.priority]))),
+            mainAction: () => Navi.push(
              context,
              () => FilteredMessageViewPage(
                title: "Priority ${message.priority}",
                alertText: 'All message sent with priority ' + _prettyPrintPriority(message.priority),
                filter: MessageFilter(priority: [message.priority]),
              ),
            ),
          ),
          if (message.senderUserID == userAccUserID)
            UI.button(
@@ -243,7 +280,8 @@ class _MessageViewPageState extends State<MessageViewPage> {
              onPressed: () {
                Toaster.info("Not Implemented", "... will be implemented in a later version"); // TODO
              },
-                color: Colors.red[900]),
+              color: Colors.red[900],
            ),
        ],
      ),
    );
@@ -261,16 +299,11 @@ class _MessageViewPageState extends State<MessageViewPage> {
          thumbVisibility: false,
          interactive: true,
          controller: _controller,
-          child: SingleChildScrollView(
+          child: SingleChildScrollView(controller: _controller, child: child),
            controller: _controller,
            child: child,
          ),
        ),
      );
    } else {
-      return SingleChildScrollView(
+      return SingleChildScrollView(child: child);
        child: child,
      );
    }
  }
@@ -284,12 +317,7 @@ class _MessageViewPageState extends State<MessageViewPage> {
    return [
      Row(
        children: [
-          UI.channelChip(
+          UI.channelChip(context: context, text: _resolveChannelName(channel, message), margin: const EdgeInsets.fromLTRB(0, 0, 4, 0), fontSize: 16),
            context: context,
            text: _resolveChannelName(channel, message),
            margin: const EdgeInsets.fromLTRB(0, 0, 4, 0),
            fontSize: 16,
          ),
          Expanded(child: SizedBox()),
          Text(dateFormat.format(DateTime.parse(message.timestamp)), style: const TextStyle(fontSize: 14)),
        ],
@@ -337,12 +365,7 @@ class _MessageViewPageState extends State<MessageViewPage> {
              ),
              borderColor: (message.priority == 2) ? Colors.red[900] : null,
            )
-          : UI.box(
+          : UI.box(context: context, padding: const EdgeInsets.all(4), child: Text(message.content ?? ''), borderColor: (message.priority == 2) ? Colors.red[900] : null),
              context: context,
              padding: const EdgeInsets.all(4),
              child: Text(message.content ?? ''),
              borderColor: (message.priority == 2) ? Colors.red[900] : null,
            )
    ];
  }
--- a/flutter/lib/state/app_settings.dart
+++ b/flutter/lib/state/app_settings.dart
@@ -160,7 +160,14 @@ class AppSettings extends ChangeNotifier {
 class AppNotificationSettings {
  // Immutable
-  AppNotificationSettings({this.enableLights = false, this.enableVibration = true, this.playSound = true, this.sound = null, this.silent = false, this.timeoutAfter = null});
+  AppNotificationSettings({
    this.enableLights = false,
    this.enableVibration = true,
    this.playSound = true,
    this.sound = null,
    this.silent = false,
    this.timeoutAfter = null,
  });
  final bool enableLights;
  final bool enableVibration;
@@ -199,7 +206,14 @@ class AppNotificationSettings {
    final silent = prefs.getBool('${prefix}.silent') ?? def.silent;
    final timeoutAfter = _decode(prefs.getString('${prefix}.timeoutAfter'), def.timeoutAfter);
-    return AppNotificationSettings(enableLights: enableLights, enableVibration: enableVibration, playSound: playSound, sound: sound, silent: silent, timeoutAfter: timeoutAfter);
+    return AppNotificationSettings(
      enableLights: enableLights,
      enableVibration: enableVibration,
      playSound: playSound,
      sound: sound,
      silent: silent,
      timeoutAfter: timeoutAfter,
    );
  }
 }
--- a/flutter/pubspec.yaml
+++ b/flutter/pubspec.yaml
@@ -2,7 +2,7 @@ name: simplecloudnotifier
 description: "Receive push messages"
 publish_to: 'none'
-version: 2.1.0+509
+version: 2.1.1+509
 environment:
  sdk: '>=3.9.0 <4.0.0'
--- a/scnserver/.gitignore
+++ b/scnserver/.gitignore
@@ -24,6 +24,11 @@ identifier.sqlite
 scn_send.sh
 swagger/swagger.json
 swagger/swagger.yaml
 **/*_gen.go
 ##############
--- a/scnserver/Dockerfile
+++ b/scnserver/Dockerfile
@@ -26,6 +26,7 @@ RUN apt-get update && \
    rm -rf /var/lib/apt/lists
 COPY --from=builder   /buildsrc/_build/scn_backend   /app/server
 COPY --from=builder   /buildsrc/DOCKER_GIT_INFO      /DOCKER_GIT_INFO
 RUN mkdir /data
--- a/scnserver/Makefile
+++ b/scnserver/Makefile
@@ -58,6 +58,8 @@ swagger-setup:
 swagger: swagger-setup
 	".swaggobin/swag_$(SWAGGO_VERSION)" init -generalInfo ./api/router.go --propertyStrategy camelcase --output ./swagger/ --outputTypes "json,yaml"
 generate: dgi enums ids swagger
 pygmentize: website/scn_send.html
 website/scn_send.html: ../scn_send.sh
--- a/scnserver/api/handler/apiMessage.go
+++ b/scnserver/api/handler/apiMessage.go
@@ -271,6 +271,65 @@ func (h APIHandler) GetMessage(pctx ginext.PreContext) ginext.HTTPResponse {
 	})
 }
 // ListMessageDeliveries swaggerdoc
 //
 //	@Summary		List deliveries for a message
 //	@Description	The user must own the channel and request the resource with the ADMIN Key
 //	@ID				api-messages-deliveries
 //	@Tags			API-v2
 //
 //	@Param			mid	path		string	true	"MessageID"
 //
 //	@Success		200	{object}	handler.ListMessageDeliveries.response
 //	@Failure		400	{object}	ginresp.apiError	"supplied values/parameters cannot be parsed / are invalid"
 //	@Failure		401	{object}	ginresp.apiError	"user is not authorized / has missing permissions"
 //	@Failure		404	{object}	ginresp.apiError	"message not found"
 //	@Failure		500	{object}	ginresp.apiError	"internal server error"
 //
 //	@Router			/api/v2/messages/{mid}/deliveries [GET]
 func (h APIHandler) ListMessageDeliveries(pctx ginext.PreContext) ginext.HTTPResponse {
 	type uri struct {
 		MessageID models.MessageID `uri:"mid" binding:"entityid"`
 	}
 	type response struct {
 		Deliveries []models.Delivery `json:"deliveries"`
 	}
 	var u uri
 	ctx, g, errResp := pctx.URI(&u).Start()
 	if errResp != nil {
 		return *errResp
 	}
 	defer ctx.Cancel()
 	return h.app.DoRequest(ctx, g, models.TLockRead, func(ctx *logic.AppContext, finishSuccess func(r ginext.HTTPResponse) ginext.HTTPResponse) ginext.HTTPResponse {
 		if permResp := ctx.CheckPermissionAny(); permResp != nil {
 			return *permResp
 		}
 		msg, err := h.database.GetMessage(ctx, u.MessageID, false)
 		if errors.Is(err, sql.ErrNoRows) {
 			return ginresp.APIError(g, 404, apierr.MESSAGE_NOT_FOUND, "message not found", err)
 		}
 		if err != nil {
 			return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to query message", err)
 		}
 		// User must own the channel and have admin key
 		if permResp := ctx.CheckPermissionUserAdmin(msg.ChannelOwnerUserID); permResp != nil {
 			return *permResp
 		}
 		deliveries, err := h.database.ListDeliveriesOfMessage(ctx, msg.MessageID)
 		if err != nil {
 			return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to query deliveries", err)
 		}
 		return finishSuccess(ginext.JSON(http.StatusOK, response{Deliveries: deliveries}))
 	})
 }
 // DeleteMessage swaggerdoc
 //
 //	@Summary		Delete a single message
--- a/scnserver/api/handler/apiSenderNames.go
+++ b/scnserver/api/handler/apiSenderNames.go
@@ -18,7 +18,7 @@ import (
 //
 //	@Param		uid	path		string	true	"UserID"
 //
-//	@Success	200	{object}	handler.ListUserKeys.response
+//	@Success	200	{object}	handler.ListUserSenderNames.response
 //	@Failure	400	{object}	ginresp.apiError	"supplied values/parameters cannot be parsed / are invalid"
 //	@Failure	401	{object}	ginresp.apiError	"user is not authorized / has missing permissions"
 //	@Failure	404	{object}	ginresp.apiError	"message not found"
--- a/scnserver/api/handler/apiSubscription.go
+++ b/scnserver/api/handler/apiSubscription.go
@@ -1,16 +1,17 @@
 package handler
 import (
 	"database/sql"
 	"errors"
 	"net/http"
 	"strings"
 	"blackforestbytes.com/simplecloudnotifier/api/apierr"
 	"blackforestbytes.com/simplecloudnotifier/api/ginresp"
 	"blackforestbytes.com/simplecloudnotifier/logic"
 	"blackforestbytes.com/simplecloudnotifier/models"
 	"database/sql"
 	"errors"
 	"git.blackforestbytes.com/BlackForestBytes/goext/ginext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"net/http"
 	"strings"
 )
 // ListUserSubscriptions swaggerdoc
@@ -40,7 +41,8 @@ import (
 //	@Tags			API-v2
 //
 //	@Param			uid			path		string								true	"UserID"
-//	@Param			selector	query		string	true	"Filter subscriptions (default: outgoing_all)"	Enums(outgoing_all, outgoing_confirmed, outgoing_unconfirmed, incoming_all, incoming_confirmed, incoming_unconfirmed)
+//
 //	@Param			query_data	query		handler.ListUserSubscriptions.query	false	" "
 //
 //	@Success		200			{object}	handler.ListUserSubscriptions.response
 //	@Failure		400			{object}	ginresp.apiError	"supplied values/parameters cannot be parsed / are invalid"
--- a/scnserver/api/handler/compat.go
+++ b/scnserver/api/handler/compat.go
@@ -1,6 +1,11 @@
 package handler
 import (
 	"database/sql"
 	"errors"
 	"fmt"
 	"net/http"
 	"blackforestbytes.com/simplecloudnotifier/api/apierr"
 	hl "blackforestbytes.com/simplecloudnotifier/api/apihighlight"
 	"blackforestbytes.com/simplecloudnotifier/api/ginresp"
@@ -8,13 +13,9 @@ import (
 	primarydb "blackforestbytes.com/simplecloudnotifier/db/impl/primary"
 	"blackforestbytes.com/simplecloudnotifier/logic"
 	"blackforestbytes.com/simplecloudnotifier/models"
 	"database/sql"
 	"errors"
 	"fmt"
 	"git.blackforestbytes.com/BlackForestBytes/goext/dataext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/ginext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"net/http"
 )
 type CompatHandler struct {
@@ -90,7 +91,7 @@ func (h CompatHandler) SendMessage(pctx ginext.PreContext) ginext.HTTPResponse {
 			return ginresp.SendAPIError(g, 400, apierr.USER_NOT_FOUND, hl.USER_ID, "User not found (compat)", nil)
 		}
-		okResp, errResp := h.app.SendMessage(g, ctx, langext.Ptr(models.UserID(*newid)), data.UserKey, nil, data.Title, data.Content, data.Priority, data.UserMessageID, data.SendTimestamp, nil)
+		okResp, errResp := h.app.SendMessage(g, ctx, data.UserKey, nil, data.Title, data.Content, data.Priority, data.UserMessageID, data.SendTimestamp, nil)
 		if errResp != nil {
 			return *errResp
 		} else {
--- a/scnserver/api/handler/external.go
+++ b/scnserver/api/handler/external.go
@@ -1,16 +1,17 @@
 package handler
 import (
 	"fmt"
 	"net/http"
 	"time"
 	"blackforestbytes.com/simplecloudnotifier/api/apierr"
 	"blackforestbytes.com/simplecloudnotifier/api/ginresp"
 	primarydb "blackforestbytes.com/simplecloudnotifier/db/impl/primary"
 	"blackforestbytes.com/simplecloudnotifier/logic"
 	"blackforestbytes.com/simplecloudnotifier/models"
 	"fmt"
 	"git.blackforestbytes.com/BlackForestBytes/goext/ginext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"net/http"
 	"time"
 )
 type ExternalHandler struct {
@@ -27,8 +28,10 @@ func NewExternalHandler(app *logic.Application) ExternalHandler {
 // UptimeKuma swaggerdoc
 //
-//	@Summary		Send a new message
+//	@Summary		Send a new message (uses uptime-kuma notification schema)
-//	@Description	All parameter can be set via query-parameter or the json body. Only UserID, UserKey and Title are required
+//	@Description	Set necessary parameter via query (key, channel etc.), title+message are build from uptime-kuma payload
 //	@Description	You can specify different channels/priorities for [up] and [down] notifications
 //
 //	@Tags			External
 //
 //	@Param			query_data	query		handler.UptimeKuma.query	false	" "
@@ -36,14 +39,13 @@ func NewExternalHandler(app *logic.Application) ExternalHandler {
 //
 //	@Success		200			{object}	handler.UptimeKuma.response
 //	@Failure		400			{object}	ginresp.apiError
-//	@Failure		401			{object}	ginresp.apiError	"The user_id was not found or the user_key is wrong"
+//	@Failure		401			{object}	ginresp.apiError	"The user_key is wrong"
 //	@Failure		403			{object}	ginresp.apiError	"The user has exceeded its daily quota - wait 24 hours or upgrade your account"
 //	@Failure		500			{object}	ginresp.apiError	"An internal server error occurred - try again later"
 //
 //	@Router			/external/v1/uptime-kuma [POST]
 func (h ExternalHandler) UptimeKuma(pctx ginext.PreContext) ginext.HTTPResponse {
 	type query struct {
 		UserID       *models.UserID `form:"user_id"     example:"7725"`
 		KeyToken     *string `form:"key"         example:"P3TNH8mvv14fm"`
 		Channel      *string `form:"channel"`
 		ChannelUp    *string `form:"channel_up"`
@@ -125,7 +127,62 @@ func (h ExternalHandler) UptimeKuma(pctx ginext.PreContext) ginext.HTTPResponse
 			priority = q.PriorityDown
 		}
-		okResp, errResp := h.app.SendMessage(g, ctx, q.UserID, q.KeyToken, channel, &title, &content, priority, nil, timestamp, q.SenderName)
+		okResp, errResp := h.app.SendMessage(g, ctx, q.KeyToken, channel, &title, &content, priority, nil, timestamp, q.SenderName)
 		if errResp != nil {
 			return *errResp
 		}
 		return finishSuccess(ginext.JSON(http.StatusOK, response{
 			MessageID: okResp.Message.MessageID,
 		}))
 	})
 }
 // Shoutrrr swaggerdoc
 //
 //	@Summary		Send a new message (uses shoutrrr generic:// format=json schema)
 //	@Description	Set necessary parameter via query (key, channel etc.), title+message are set via the shoutrrr payload
 //	@Description	Use the shoutrrr format `generic://{{url}}?template=json`
 //
 //	@Tags			External
 //
 //	@Param			query_data	query		handler.Shoutrrr.query	false	" "
 //	@Param			post_body	body		handler.Shoutrrr.body		false	" "
 //
 //	@Success		200			{object}	handler.Shoutrrr.response
 //	@Failure		400			{object}	ginresp.apiError
 //	@Failure		401			{object}	ginresp.apiError	"The user_key is wrong"
 //	@Failure		403			{object}	ginresp.apiError	"The user has exceeded its daily quota - wait 24 hours or upgrade your account"
 //	@Failure		500			{object}	ginresp.apiError	"An internal server error occurred - try again later"
 //
 //	@Router			/external/v1/uptime-kuma [POST]
 func (h ExternalHandler) Shoutrrr(pctx ginext.PreContext) ginext.HTTPResponse {
 	type query struct {
 		KeyToken   *string `form:"key"         example:"P3TNH8mvv14fm"`
 		Channel    *string `form:"channel"`
 		Priority   *int    `form:"priority"`
 		SenderName *string `form:"senderName"`
 	}
 	type body struct {
 		Title   string `json:"title"`
 		Message string `json:"message"`
 	}
 	type response struct {
 		MessageID models.MessageID `json:"message_id"`
 	}
 	var b body
 	var q query
 	ctx, g, errResp := pctx.Query(&q).Body(&b).Start()
 	if errResp != nil {
 		return *errResp
 	}
 	defer ctx.Cancel()
 	return h.app.DoRequest(ctx, g, models.TLockReadWrite, func(ctx *logic.AppContext, finishSuccess func(r ginext.HTTPResponse) ginext.HTTPResponse) ginext.HTTPResponse {
 		okResp, errResp := h.app.SendMessage(g, ctx, q.KeyToken, q.Channel, &b.Title, &b.Message, q.Priority, nil, nil, q.SenderName)
 		if errResp != nil {
 			return *errResp
 		}
--- a/scnserver/api/handler/message.go
+++ b/scnserver/api/handler/message.go
@@ -1,6 +1,8 @@
 package handler
 import (
 	"net/http"
 	"blackforestbytes.com/simplecloudnotifier/api/apierr"
 	primarydb "blackforestbytes.com/simplecloudnotifier/db/impl/primary"
 	"blackforestbytes.com/simplecloudnotifier/logic"
@@ -8,7 +10,6 @@ import (
 	"git.blackforestbytes.com/BlackForestBytes/goext/dataext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/ginext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"net/http"
 )
 type SendMessageResponse struct {
@@ -42,7 +43,7 @@ func NewMessageHandler(app *logic.Application) MessageHandler {
 //
 //	@Success		200			{object}	handler.SendMessage.response
 //	@Failure		400			{object}	ginresp.apiError
-//	@Failure		401			{object}	ginresp.apiError	"The user_id was not found or the user_key is wrong"
+//	@Failure		401			{object}	ginresp.apiError	"The user_key is wrong"
 //	@Failure		403			{object}	ginresp.apiError	"The user has exceeded its daily quota - wait 24 hours or upgrade your account"
 //	@Failure		500			{object}	ginresp.apiError	"An internal server error occurred - try again later"
 //
@@ -50,7 +51,6 @@ func NewMessageHandler(app *logic.Application) MessageHandler {
 //	@Router			/send [POST]
 func (h MessageHandler) SendMessage(pctx ginext.PreContext) ginext.HTTPResponse {
 	type combined struct {
 		UserID        *models.UserID `json:"user_id"     form:"user_id"     example:"7725"                               `
 		KeyToken      *string  `json:"key"         form:"key"         example:"P3TNH8mvv14fm"                      `
 		Channel       *string  `json:"channel"     form:"channel"     example:"test"                               `
 		Title         *string  `json:"title"       form:"title"       example:"Hello World"                        `
@@ -88,7 +88,7 @@ func (h MessageHandler) SendMessage(pctx ginext.PreContext) ginext.HTTPResponse
 		// query has highest prio, then form, then json
 		data := dataext.ObjectMerge(dataext.ObjectMerge(b, f), q)
-		okResp, errResp := h.app.SendMessage(g, ctx, data.UserID, data.KeyToken, data.Channel, data.Title, data.Content, data.Priority, data.UserMessageID, data.SendTimestamp, data.SenderName)
+		okResp, errResp := h.app.SendMessage(g, ctx, data.KeyToken, data.Channel, data.Title, data.Content, data.Priority, data.UserMessageID, data.SendTimestamp, data.SenderName)
 		if errResp != nil {
 			return *errResp
 		} else {
--- a/scnserver/api/router.go
+++ b/scnserver/api/router.go
@@ -164,6 +164,7 @@ func (r *Router) Init(e *ginext.GinWrapper) error {
 		apiv2.GET("/messages").Handle(r.apiHandler.ListMessages)
 		apiv2.GET("/messages/:mid").Handle(r.apiHandler.GetMessage)
 		apiv2.DELETE("/messages/:mid").Handle(r.apiHandler.DeleteMessage)
 		apiv2.GET("/messages/:mid/deliveries").Handle(r.apiHandler.ListMessageDeliveries)
 		apiv2.GET("/sender-names").Handle(r.apiHandler.ListSenderNames)
@@ -181,6 +182,7 @@ func (r *Router) Init(e *ginext.GinWrapper) error {
 		sendAPI.POST("/send.php").Handle(r.compatHandler.SendMessage)
 		sendAPI.POST("/external/v1/uptime-kuma").Handle(r.externalHandler.UptimeKuma)
 		sendAPI.POST("/external/v1/shoutrrr").Handle(r.externalHandler.Shoutrrr)
 	}
--- a/scnserver/db/cursortoken/token.go
+++ b/scnserver/db/cursortoken/token.go
@@ -4,8 +4,12 @@ import (
 	"encoding/base32"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"strconv"
 	"strings"
 	"time"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 )
 type Mode string //@enum:type
@@ -13,12 +17,14 @@ type Mode string //@enum:type
 const (
 	CTMStart     = "START"
 	CTMNormal    = "NORMAL"
 	CTMPaginated = "PAGINATED"
 	CTMEnd       = "END"
 )
 type CursorToken struct {
 	Mode       Mode
-	Timestamp  int64
+	Timestamp  *int64
 	Page       *int
 	Id         string
 	Direction  string
 	FilterHash string
@@ -34,7 +40,8 @@ type cursorTokenSerialize struct {
 func Start() CursorToken {
 	return CursorToken{
 		Mode:       CTMStart,
-		Timestamp:  0,
+		Timestamp:  langext.Ptr[int64](0),
 		Page:       nil,
 		Id:         "",
 		Direction:  "",
 		FilterHash: "",
@@ -44,7 +51,8 @@ func Start() CursorToken {
 func End() CursorToken {
 	return CursorToken{
 		Mode:       CTMEnd,
-		Timestamp:  0,
+		Timestamp:  nil,
 		Page:       nil,
 		Id:         "",
 		Direction:  "",
 		FilterHash: "",
@@ -54,13 +62,22 @@ func End() CursorToken {
 func Normal(ts time.Time, id string, dir string, filter string) CursorToken {
 	return CursorToken{
 		Mode:       CTMNormal,
-		Timestamp:  ts.UnixMilli(),
+		Timestamp:  langext.Ptr(ts.UnixMilli()),
 		Page:       nil,
 		Id:         id,
 		Direction:  dir,
 		FilterHash: filter,
 	}
 }
 func Paginated(p int) CursorToken {
 	return CursorToken{
 		Mode:      CTMPaginated,
 		Timestamp: nil,
 		Page:      langext.Ptr(p),
 	}
 }
 func (c *CursorToken) Token() string {
 	if c.Mode == CTMStart {
 		return "@start"
@@ -69,6 +86,10 @@ func (c *CursorToken) Token() string {
 		return "@end"
 	}
 	if c.Page != nil {
 		return fmt.Sprintf("$%d", *c.Page)
 	}
 	// We kinda manually implement omitempty for the CursorToken here
 	// because omitempty does not work for time.Time and otherwise we would always
 	// get weird time values when decoding a token that initially didn't have an Timestamp set
@@ -80,8 +101,8 @@ func (c *CursorToken) Token() string {
 		sertok.Id = &c.Id
 	}
-	if c.Timestamp != 0 {
+	if c.Timestamp != nil && *c.Timestamp != 0 {
-		sertok.Timestamp = &c.Timestamp
+		sertok.Timestamp = langext.Ptr(*c.Timestamp)
 	}
 	if c.Direction != "" {
@@ -111,6 +132,14 @@ func Decode(tok string) (CursorToken, error) {
 		return End(), nil
 	}
 	if strings.HasPrefix(tok, "$") {
 		p, err := strconv.ParseInt(tok[1:], 10, 0)
 		if err != nil {
 			return CursorToken{}, errors.New("could not decode paginated token")
 		}
 		return Paginated(int(p)), nil
 	}
 	if !strings.HasPrefix(tok, "tok_") {
 		return CursorToken{}, errors.New("could not decode token, missing prefix")
 	}
@@ -129,7 +158,7 @@ func Decode(tok string) (CursorToken, error) {
 	token := CursorToken{Mode: CTMNormal}
 	if tokenDeserialize.Timestamp != nil {
-		token.Timestamp = *tokenDeserialize.Timestamp
+		token.Timestamp = langext.Ptr(*tokenDeserialize.Timestamp)
 	}
 	if tokenDeserialize.Id != nil {
 		token.Id = *tokenDeserialize.Id
--- a/scnserver/db/impl/primary/deliveries.go
+++ b/scnserver/db/impl/primary/deliveries.go
@@ -1,12 +1,13 @@
 package primary
 import (
 	"time"
 	scn "blackforestbytes.com/simplecloudnotifier"
 	"blackforestbytes.com/simplecloudnotifier/db"
 	"blackforestbytes.com/simplecloudnotifier/models"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/sq"
 	"time"
 )
 func (db *Database) CreateRetryDelivery(ctx db.TxContext, client models.Client, msg models.Message) (models.Delivery, error) {
@@ -182,3 +183,12 @@ func (db *Database) DeleteDeliveriesOfChannel(ctx db.TxContext, channelid models
 	return nil
 }
 func (db *Database) ListDeliveriesOfMessage(ctx db.TxContext, messageID models.MessageID) ([]models.Delivery, error) {
 	tx, err := ctx.GetOrCreateTransaction(db)
 	if err != nil {
 		return nil, err
 	}
 	return sq.QueryAll[models.Delivery](ctx, tx, "SELECT * FROM deliveries WHERE message_id = :mid AND deleted=0 ORDER BY timestamp_created ASC", sq.PP{"mid": messageID}, sq.SModeExtended, sq.Safe)
 }
--- a/scnserver/db/impl/primary/messages.go
+++ b/scnserver/db/impl/primary/messages.go
@@ -1,12 +1,13 @@
 package primary
 import (
 	"errors"
 	"time"
 	"blackforestbytes.com/simplecloudnotifier/db"
 	ct "blackforestbytes.com/simplecloudnotifier/db/cursortoken"
 	"blackforestbytes.com/simplecloudnotifier/models"
 	"errors"
 	"git.blackforestbytes.com/BlackForestBytes/goext/sq"
 	"time"
 )
 func (db *Database) GetMessageByUserMessageID(ctx db.TxContext, usrMsgId string) (*models.Message, error) {
@@ -87,26 +88,32 @@ func (db *Database) ListMessages(ctx db.TxContext, filter models.MessageFilter,
 		return nil, ct.CursorToken{}, 0, err
 	}
 	pageCond := "1=1"
 	if inTok.Mode == ct.CTMNormal {
 		pageCond = "timestamp_real < :tokts OR (timestamp_real = :tokts AND message_id < :tokid )"
 	}
 	filterCond, filterJoin, prepParams, err := filter.SQL()
-	orderClause := ""
+	pageCond := "1=1"
 	limitCond := ""
 	if pageSize != nil {
-		orderClause = "ORDER BY COALESCE(timestamp_client, timestamp_real) DESC, message_id DESC LIMIT :lim"
+		limitCond = "LIMIT :lim"
 		prepParams["lim"] = *pageSize + 1
 	} else {
 		orderClause = "ORDER BY COALESCE(timestamp_client, timestamp_real) DESC, message_id DESC"
 	}
-	sqlQueryList := "SELECT " + "messages.*" + " FROM messages " + filterJoin + " WHERE ( " + pageCond + " ) AND ( " + filterCond + " ) " + orderClause
+	if inTok.Mode == ct.CTMNormal {
-	sqlQueryCount := "SELECT " + " COUNT(*) AS count FROM messages " + filterJoin + " WHERE  ( " + filterCond + " ) "
+		pageCond = "timestamp_real < :tokts OR (timestamp_real = :tokts AND message_id < :tokid )"
 		prepParams["tokts"] = inTok.Timestamp
 		prepParams["tokid"] = inTok.Id
 	} else if inTok.Mode == ct.CTMPaginated {
 		if pageSize != nil {
 			limitCond = "LIMIT :lim OFFSET :off"
 			prepParams["lim"] = *pageSize + 1
 			prepParams["off"] = (*pageSize) * (*inTok.Page)
 		}
 	}
 	orderClause := "ORDER BY COALESCE(timestamp_client, timestamp_real) DESC, message_id DESC"
 	sqlQueryList := "SELECT " + "messages.*" + " FROM messages " + filterJoin + " WHERE ( " + pageCond + " ) AND ( " + filterCond + " ) " + orderClause + " " + limitCond
 	sqlQueryCount := "SELECT " + " COUNT(*) AS count FROM messages " + filterJoin + " WHERE  ( " + filterCond + " ) "
 	if inTok.Mode == ct.CTMEnd {
@@ -132,7 +139,12 @@ func (db *Database) ListMessages(ctx db.TxContext, filter models.MessageFilter,
 			return nil, ct.CursorToken{}, 0, err
 		}
-		outToken := ct.Normal(dataList[*pageSize-1].Timestamp(), dataList[*pageSize-1].MessageID.String(), "DESC", filter.Hash())
+		var outToken ct.CursorToken
 		if inTok.Mode == ct.CTMPaginated {
 			outToken = ct.Paginated(*inTok.Page + 1)
 		} else {
 			outToken = ct.Normal(dataList[*pageSize-1].Timestamp(), dataList[*pageSize-1].MessageID.String(), "DESC", filter.Hash())
 		}
 		return dataList[0:*pageSize], outToken, dataCount.Count, nil
 	}
--- a/scnserver/db/impl/primary/users.go
+++ b/scnserver/db/impl/primary/users.go
@@ -1,12 +1,13 @@
 package primary
 import (
 	"time"
 	scn "blackforestbytes.com/simplecloudnotifier"
 	"blackforestbytes.com/simplecloudnotifier/db"
 	"blackforestbytes.com/simplecloudnotifier/models"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/sq"
 	"time"
 )
 func (db *Database) CreateUser(ctx db.TxContext, protoken *string, username *string) (models.User, error) {
@@ -63,6 +64,15 @@ func (db *Database) GetUser(ctx db.TxContext, userid models.UserID) (models.User
 	return sq.QuerySingle[models.User](ctx, tx, "SELECT * FROM users WHERE user_id = :uid AND deleted=0 LIMIT 1", sq.PP{"uid": userid}, sq.SModeExtended, sq.Safe)
 }
 func (db *Database) GetUserByKey(ctx db.TxContext, key string) (models.User, error) {
 	tx, err := ctx.GetOrCreateTransaction(db)
 	if err != nil {
 		return models.User{}, err
 	}
 	return sq.QuerySingle[models.User](ctx, tx, "SELECT * FROM users WHERE EXISTS(SELECT keytokens.keytoken_id FROM keytokens WHERE keytokens.token = :tok AND users.user_id = keytokens.owner_user_id AND keytokens.deleted=0) AND users.deleted=0 LIMIT 1", sq.PP{"tok": key}, sq.SModeExtended, sq.Safe)
 }
 func (db *Database) GetUserOpt(ctx db.TxContext, userid models.UserID) (*models.User, error) {
 	tx, err := ctx.GetOrCreateTransaction(db)
 	if err != nil {
--- a/scnserver/db/impl/requests/requestlogs.go
+++ b/scnserver/db/impl/requests/requestlogs.go
@@ -52,14 +52,29 @@ func (db *Database) ListRequestLogs(ctx context.Context, filter models.RequestLo
 		return make([]models.RequestLog, 0), ct.End(), nil
 	}
 	pageCond := "1=1"
 	if inTok.Mode == ct.CTMNormal {
 		pageCond = "timestamp_created < :tokts OR (timestamp_created = :tokts AND request_id < :tokid )"
 	}
 	filterCond, filterJoin, prepParams, err := filter.SQL()
-	orderClause := ""
+	pageCond := "1=1"
 	limitCond := ""
 	if pageSize != nil {
 		limitCond = "LIMIT :lim"
 		prepParams["lim"] = *pageSize + 1
 	}
 	if inTok.Mode == ct.CTMNormal {
 		pageCond = "timestamp_created < :tokts OR (timestamp_created = :tokts AND request_id < :tokid )"
 		prepParams["tokts"] = inTok.Timestamp
 		prepParams["tokid"] = inTok.Id
 	} else if inTok.Mode == ct.CTMPaginated {
 		if pageSize != nil {
 			limitCond = "LIMIT :lim OFFSET :off"
 			prepParams["lim"] = *pageSize + 1
 			prepParams["off"] = (*pageSize) * (*inTok.Page)
 		}
 	}
 	orderClause := "ORDER BY timestamp_created DESC, request_id DESC"
 	if pageSize != nil {
 		orderClause = "ORDER BY timestamp_created DESC, request_id DESC LIMIT :lim"
 		prepParams["lim"] = *pageSize + 1
@@ -67,7 +82,7 @@ func (db *Database) ListRequestLogs(ctx context.Context, filter models.RequestLo
 		orderClause = "ORDER BY timestamp_created DESC, request_id DESC"
 	}
-	sqlQuery := "SELECT " + "requests.*" + " FROM requests " + filterJoin + " WHERE ( " + pageCond + " ) AND ( " + filterCond + " ) " + orderClause
+	sqlQuery := "SELECT " + "requests.*" + " FROM requests " + filterJoin + " WHERE ( " + pageCond + " ) AND ( " + filterCond + " ) " + orderClause + " " + limitCond
 	prepParams["tokts"] = inTok.Timestamp
 	prepParams["tokid"] = inTok.Id
--- a/scnserver/go.mod
+++ b/scnserver/go.mod
@@ -1,14 +1,14 @@
 module blackforestbytes.com/simplecloudnotifier
-go 1.23.0
+go 1.24.0
 toolchain go1.24.2
 require (
-	git.blackforestbytes.com/BlackForestBytes/goext v0.0.575
+	git.blackforestbytes.com/BlackForestBytes/goext v0.0.614
-	github.com/gin-gonic/gin v1.10.0
+	github.com/gin-gonic/gin v1.11.0
 	github.com/glebarez/go-sqlite v1.22.0
-	github.com/go-playground/validator/v10 v10.26.0
+	github.com/go-playground/validator/v10 v10.28.0
 	github.com/go-sql-driver/mysql v1.8.1
 	github.com/jmoiron/sqlx v1.4.0
 	github.com/rs/zerolog v1.34.0
@@ -18,20 +18,22 @@ require (
 require (
 	filippo.io/edwards25519 v1.1.0 // indirect
-	github.com/bytedance/sonic v1.13.2 // indirect
+	github.com/bytedance/gopkg v0.1.3 // indirect
-	github.com/bytedance/sonic/loader v0.2.4 // indirect
+	github.com/bytedance/sonic v1.14.2 // indirect
-	github.com/cloudwego/base64x v0.1.5 // indirect
+	github.com/bytedance/sonic/loader v0.4.0 // indirect
 	github.com/cloudwego/base64x v0.1.6 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.9 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.11 // indirect
 	github.com/gin-contrib/sse v1.1.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/goccy/go-yaml v1.19.0 // indirect
 	github.com/golang/snappy v1.0.0 // indirect
 	github.com/google/uuid v1.5.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/klauspost/compress v1.18.1 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.10 // indirect
+	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/mattn/go-colorable v0.1.14 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
@@ -39,24 +41,25 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/montanaflynn/stats v0.7.1 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
 	github.com/quic-go/qpack v0.6.0 // indirect
 	github.com/quic-go/quic-go v0.57.1 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
 	github.com/rs/xid v1.6.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
-	github.com/ugorji/go/codec v1.2.12 // indirect
+	github.com/ugorji/go/codec v1.3.1 // indirect
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
-	github.com/xdg-go/scram v1.1.2 // indirect
+	github.com/xdg-go/scram v1.2.0 // indirect
 	github.com/xdg-go/stringprep v1.0.4 // indirect
 	github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
-	go.mongodb.org/mongo-driver v1.17.3 // indirect
+	go.mongodb.org/mongo-driver v1.17.6 // indirect
-	golang.org/x/arch v0.17.0 // indirect
+	golang.org/x/arch v0.23.0 // indirect
-	golang.org/x/crypto v0.38.0 // indirect
+	golang.org/x/crypto v0.45.0 // indirect
-	golang.org/x/net v0.40.0 // indirect
+	golang.org/x/net v0.47.0 // indirect
-	golang.org/x/sync v0.14.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
-	golang.org/x/sys v0.33.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
-	golang.org/x/term v0.32.0 // indirect
+	golang.org/x/term v0.37.0 // indirect
-	golang.org/x/text v0.25.0 // indirect
+	golang.org/x/text v0.31.0 // indirect
-	google.golang.org/protobuf v1.36.6 // indirect
+	google.golang.org/protobuf v1.36.10 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	modernc.org/libc v1.37.6 // indirect
 	modernc.org/mathutil v1.6.0 // indirect
 	modernc.org/memory v1.7.2 // indirect
--- a/scnserver/go.sum
+++ b/scnserver/go.sum
@@ -1,27 +1,27 @@
 filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
 filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
-git.blackforestbytes.com/BlackForestBytes/goext v0.0.575 h1:scgvSaNZQ+C0pMbfPbsxF/hE3+rgLotHe+6Lbl5+mJU=
+git.blackforestbytes.com/BlackForestBytes/goext v0.0.614 h1:LMjy2iHEPHRfLCXhguG9mQ+cgRypy0o2OAKztzZXmqk=
-git.blackforestbytes.com/BlackForestBytes/goext v0.0.575/go.mod h1:Rj+bq1jLkgvXYe2sthg5UtXHf22nFvmTLeo+54fbYq8=
+git.blackforestbytes.com/BlackForestBytes/goext v0.0.614/go.mod h1:LTkvxOvjXqkfxjxMOCD+qUlQ6Cu5uPRXQ0rZodFl7Rw=
-github.com/bytedance/sonic v1.13.2 h1:8/H1FempDZqC4VqjptGo14QQlJx8VdZJegxs6wwfqpQ=
+github.com/bytedance/gopkg v0.1.3 h1:TPBSwH8RsouGCBcMBktLt1AymVo2TVsBVCY4b6TnZ/M=
-github.com/bytedance/sonic v1.13.2/go.mod h1:o68xyaF9u2gvVBuGHPlUVCy+ZfmNNO5ETf1+KgkJhz4=
+github.com/bytedance/gopkg v0.1.3/go.mod h1:576VvJ+eJgyCzdjS+c4+77QF3p7ubbtiKARP3TxducM=
-github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
+github.com/bytedance/sonic v1.14.2 h1:k1twIoe97C1DtYUo+fZQy865IuHia4PR5RPiuGPPIIE=
-github.com/bytedance/sonic/loader v0.2.4 h1:ZWCw4stuXUsn1/+zQDqeE7JKP+QO47tz7QCNan80NzY=
+github.com/bytedance/sonic v1.14.2/go.mod h1:T80iDELeHiHKSc0C9tubFygiuXoGzrkjKzX2quAx980=
-github.com/bytedance/sonic/loader v0.2.4/go.mod h1:N8A3vUdtUebEY2/VQC0MyhYeKUFosQU6FxH2JmUe6VI=
+github.com/bytedance/sonic/loader v0.4.0 h1:olZ7lEqcxtZygCK9EKYKADnpQoYkRQxaeY2NYzevs+o=
-github.com/cloudwego/base64x v0.1.5 h1:XPciSp1xaq2VCSt6lF0phncD4koWyULpl5bUxbfCyP4=
+github.com/bytedance/sonic/loader v0.4.0/go.mod h1:AR4NYCk5DdzZizZ5djGqQ92eEhCCcdf5x77udYiSJRo=
-github.com/cloudwego/base64x v0.1.5/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
+github.com/cloudwego/base64x v0.1.6 h1:t11wG9AECkCDk5fMSoxmufanudBtJ+/HemLstXDLI2M=
-github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY=
+github.com/cloudwego/base64x v0.1.6/go.mod h1:OFcloc187FXDaYHvrNIjxSe8ncn0OOM8gEHfghB2IPU=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
-github.com/gabriel-vasile/mimetype v1.4.9 h1:5k+WDwEsD9eTLL8Tz3L0VnmVh9QxGjRmjBvAG7U/oYY=
+github.com/gabriel-vasile/mimetype v1.4.11 h1:AQvxbp830wPhHTqc1u7nzoLT+ZFxGY7emj5DR5DYFik=
-github.com/gabriel-vasile/mimetype v1.4.9/go.mod h1:WnSQhFKJuBlRyLiKohA/2DtIlPFAbguNaG7QCHcyGok=
+github.com/gabriel-vasile/mimetype v1.4.11/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
 github.com/gin-contrib/sse v1.1.0 h1:n0w2GMuUpWDVp7qSpvze6fAu9iRxJY4Hmj6AmBOU05w=
 github.com/gin-contrib/sse v1.1.0/go.mod h1:hxRZ5gVpWMT7Z0B0gSNYqqsSCNIJMjzvm6fqCz9vjwM=
-github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU=
+github.com/gin-gonic/gin v1.11.0 h1:OW/6PLjyusp2PPXtyxKHU0RbX6I/l28FTdDlae5ueWk=
-github.com/gin-gonic/gin v1.10.0/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y=
+github.com/gin-gonic/gin v1.11.0/go.mod h1:+iq/FyxlGzII0KHiBGjuNn4UNENUlKbGlNmc+W50Dls=
 github.com/glebarez/go-sqlite v1.22.0 h1:uAcMJhaA6r3LHMTFgP0SifzgXg46yJkgxqyuyec+ruQ=
 github.com/glebarez/go-sqlite v1.22.0/go.mod h1:PlBIdHe0+aUEFn+r2/uthrWq4FxbzugL0L8Li6yQJbc=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
@@ -30,17 +30,19 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.26.0 h1:SP05Nqhjcvz81uJaRfEV0YBSSSGMc/iMaVtFbr3Sw2k=
+github.com/go-playground/validator/v10 v10.28.0 h1:Q7ibns33JjyW48gHkuFT91qX48KG0ktULL6FgHdG688=
-github.com/go-playground/validator/v10 v10.26.0/go.mod h1:I5QpIEbmr8On7W0TktmJAumgzX4CA1XNl4ZmDuVHKKo=
+github.com/go-playground/validator/v10 v10.28.0/go.mod h1:GoI6I1SjPBh9p7ykNE/yj3fFYbyDOpwMn5KXd+m2hUU=
 github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
 github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
 github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
 github.com/goccy/go-yaml v1.19.0 h1:EmkZ9RIsX+Uq4DYFowegAuJo8+xdX3T/2dwNPXbxEYE=
 github.com/goccy/go-yaml v1.19.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/golang/snappy v1.0.0 h1:Oy607GVXHs7RtbggtPBnr2RmDArIsAefDwvrdWvRhGs=
 github.com/golang/snappy v1.0.0/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26 h1:Xim43kblpZXfIBQsbuBVKCudVG457BR2GZFIz3uw3hQ=
 github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26/go.mod h1:dDKJzRmX4S37WGHujM7tX//fmj1uioxKzKxz3lo4HJo=
@@ -50,12 +52,10 @@ github.com/jmoiron/sqlx v1.4.0 h1:1PLqN7S1UYp5t4SrVVnt4nUVNemrDAtxlulVe+Qgm3o=
 github.com/jmoiron/sqlx v1.4.0/go.mod h1:ZrZ7UsYB/weZdl2Bxg6jCRO9c3YHl8r3ahlKmRT4JLY=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
+github.com/klauspost/compress v1.18.1 h1:bcSGx7UbpBqMChDtsF28Lw6v/G94LPrrbMbdC3JH2co=
-github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
+github.com/klauspost/compress v1.18.1/go.mod h1:ZQFFVG+MdnR0P+l6wpXgIL4NTtwiKIdBnrBd8Nrxr+0=
-github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
-github.com/klauspost/cpuid/v2 v2.2.10 h1:tBs3QSyvjDyFTq3uoc/9xFpCuOsJQFNPiAhYdw2skhE=
+github.com/klauspost/cpuid/v2 v2.3.0/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
 github.com/klauspost/cpuid/v2 v2.2.10/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
 github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M=
 github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
 github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
@@ -81,6 +81,10 @@ github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/quic-go/qpack v0.6.0 h1:g7W+BMYynC1LbYLSqRt8PBg5Tgwxn214ZZR34VIOjz8=
 github.com/quic-go/qpack v0.6.0/go.mod h1:lUpLKChi8njB4ty2bFLX2x4gzDqXwUpaO1DP9qMDZII=
 github.com/quic-go/quic-go v0.57.1 h1:25KAAR9QR8KZrCZRThWMKVAwGoiHIrNbT72ULHTuI10=
 github.com/quic-go/quic-go v0.57.1/go.mod h1:ly4QBAjHA2VhdnxhojRsCUOeJwKYg+taDlos92xb1+s=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
 github.com/rs/xid v1.6.0 h1:fV591PaemRlL6JfRxGDEPl69wICngIQ3shQtzfy2gxU=
@@ -90,48 +94,51 @@ github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
 github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
 github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
-github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE=
+github.com/ugorji/go/codec v1.3.1 h1:waO7eEiFDwidsBN6agj1vJQ4AG7lh2yqXyOXqhgQuyY=
-github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
+github.com/ugorji/go/codec v1.3.1/go.mod h1:pRBVtBSKl77K30Bv8R2P+cLSGaTtex6fsA2Wjqmfxj4=
 github.com/viney-shih/go-lock v1.1.2 h1:3TdGTiHZCPqBdTvFbQZQN/TRZzKF3KWw2rFEyKz3YqA=
 github.com/viney-shih/go-lock v1.1.2/go.mod h1:Yijm78Ljteb3kRiJrbLAxVntkUukGu5uzSxq/xV7OO8=
 github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c=
 github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
-github.com/xdg-go/scram v1.1.2 h1:FHX5I5B4i4hKRVRBCFRxq1iQRej7WO3hhBuJf+UUySY=
+github.com/xdg-go/scram v1.2.0 h1:bYKF2AEwG5rqd1BumT4gAnvwU/M9nBp2pTSxeZw7Wvs=
-github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4=
+github.com/xdg-go/scram v1.2.0/go.mod h1:3dlrS0iBaWKYVt2ZfA4cj48umJZ+cAEbR6/SjLA88I8=
 github.com/xdg-go/stringprep v1.0.4 h1:XLI/Ng3O1Atzq0oBs3TWm+5ZVgkq2aqdlvP9JtoZ6c8=
 github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM=
 github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 h1:ilQV1hzziu+LLM3zUTJ0trRztfwgjqKnBWNtSRkbmwM=
 github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78/go.mod h1:aL8wCCfTfSfmXjznFBSZNN13rSJjlIOI1fUNAtF7rmI=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-go.mongodb.org/mongo-driver v1.17.3 h1:TQyXhnsWfWtgAhMtOgtYHMTkZIfBTpMTsMnd9ZBeHxQ=
+go.mongodb.org/mongo-driver v1.17.6 h1:87JUG1wZfWsr6rIz3ZmpH90rL5tea7O3IHuSwHUpsss=
-go.mongodb.org/mongo-driver v1.17.3/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ=
+go.mongodb.org/mongo-driver v1.17.6/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ=
-golang.org/x/arch v0.17.0 h1:4O3dfLzd+lQewptAHqjewQZQDyEdejz3VwgeYwkZneU=
+go.uber.org/mock v0.6.0 h1:hyF9dfmbgIX5EfOdasqLsWD6xqpNZlXblLB/Dbnwv3Y=
-golang.org/x/arch v0.17.0/go.mod h1:bdwinDaKcfZUGpH09BB7ZmOfhalA8lQdzl62l8gGWsk=
+go.uber.org/mock v0.6.0/go.mod h1:KiVJ4BqZJaMj4svdfmHM0AUx4NJYO8ZNpPnZn1Z+BBU=
 golang.org/x/arch v0.23.0 h1:lKF64A2jF6Zd8L0knGltUnegD62JMFBiCPBmQpToHhg=
 golang.org/x/arch v0.23.0/go.mod h1:dNHoOeKiyja7GTvF9NJS1l3Z2yntpQNzgrjh1cU103A=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8=
+golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
-golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw=
+golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
+golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
-golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
+golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ=
+golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
-golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -140,25 +147,26 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
+golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
-golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
+golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
-golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
+golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
-golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4=
+golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
-golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA=
+golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
 golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
 golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
+google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE=
-google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
+google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/loremipsum.v1 v1.1.2 h1:12APklfJKuGszqZsrArW5QoQh03/W+qyCCjvnDuS6Tw=
 gopkg.in/loremipsum.v1 v1.1.2/go.mod h1:TuRvzFuzuejXj+odBU6Tubp/EPUyGb9wmSvHenyP2Ts=
@@ -174,4 +182,3 @@ modernc.org/memory v1.7.2 h1:Klh90S215mmH8c9gO98QxQFsY+W451E8AnzjoE2ee1E=
 modernc.org/memory v1.7.2/go.mod h1:NO4NVCQy0N7ln+T9ngWqOQfi7ley4vpwvARR+Hjw95E=
 modernc.org/sqlite v1.28.0 h1:Zx+LyDDmXczNnEQdvPuEfcFVA2ZPyaD7UCZDjef3BHQ=
 modernc.org/sqlite v1.28.0/go.mod h1:Qxpazz0zH8Z1xCFyi5GSL3FzbtZ3fvbjmywNogldEW0=
 nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50=
--- a/scnserver/logic/message.go
+++ b/scnserver/logic/message.go
@@ -1,21 +1,22 @@
 package logic
 import (
 	"database/sql"
 	"errors"
 	"fmt"
 	"strings"
 	"time"
 	"blackforestbytes.com/simplecloudnotifier/api/apierr"
 	hl "blackforestbytes.com/simplecloudnotifier/api/apihighlight"
 	"blackforestbytes.com/simplecloudnotifier/api/ginresp"
 	"blackforestbytes.com/simplecloudnotifier/models"
 	"database/sql"
 	"errors"
 	"fmt"
 	"git.blackforestbytes.com/BlackForestBytes/goext/ginext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/mathext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/timeext"
 	"github.com/gin-gonic/gin"
 	"github.com/rs/zerolog/log"
 	"strings"
 	"time"
 )
 type SendMessageResponse struct {
@@ -25,7 +26,7 @@ type SendMessageResponse struct {
 	CompatMessageID int64
 }
-func (app *Application) SendMessage(g *gin.Context, ctx *AppContext, UserID *models.UserID, Key *string, Channel *string, Title *string, Content *string, Priority *int, UserMessageID *string, SendTimestamp *float64, SenderName *string) (*SendMessageResponse, *ginext.HTTPResponse) {
+func (app *Application) SendMessage(g *gin.Context, ctx *AppContext, Key *string, Channel *string, Title *string, Content *string, Priority *int, UserMessageID *string, SendTimestamp *float64, SenderName *string) (*SendMessageResponse, *ginext.HTTPResponse) {
 	if Title != nil {
 		Title = langext.Ptr(strings.TrimSpace(*Title))
 	}
@@ -33,9 +34,6 @@ func (app *Application) SendMessage(g *gin.Context, ctx *AppContext, UserID *mod
 		UserMessageID = langext.Ptr(strings.TrimSpace(*UserMessageID))
 	}
 	if UserID == nil {
 		return nil, langext.Ptr(ginresp.SendAPIError(g, 400, apierr.MISSING_UID, hl.USER_ID, "Missing parameter [[user_id]]", nil))
 	}
 	if Key == nil {
 		return nil, langext.Ptr(ginresp.SendAPIError(g, 400, apierr.MISSING_TOK, hl.USER_KEY, "Missing parameter [[key]]", nil))
 	}
@@ -49,9 +47,9 @@ func (app *Application) SendMessage(g *gin.Context, ctx *AppContext, UserID *mod
 		return nil, langext.Ptr(ginresp.SendAPIError(g, 400, apierr.NO_TITLE, hl.TITLE, "No title specified", nil))
 	}
-	user, err := app.Database.Primary.GetUser(ctx, *UserID)
+	user, err := app.Database.Primary.GetUserByKey(ctx, *Key)
 	if errors.Is(err, sql.ErrNoRows) {
-		return nil, langext.Ptr(ginresp.SendAPIError(g, 400, apierr.USER_NOT_FOUND, hl.USER_ID, "User not found", err))
+		return nil, langext.Ptr(ginresp.SendAPIError(g, 401, apierr.USER_AUTH_FAILED, hl.USER_KEY, "Key not found or not valid", err))
 	}
 	if err != nil {
 		return nil, langext.Ptr(ginresp.SendAPIError(g, 500, apierr.DATABASE_ERROR, hl.NONE, "Failed to query user", err))
@@ -126,7 +124,7 @@ func (app *Application) SendMessage(g *gin.Context, ctx *AppContext, UserID *mod
 		return nil, langext.Ptr(ginresp.SendAPIError(g, 403, apierr.QUOTA_REACHED, hl.NONE, fmt.Sprintf("Daily quota reached (%d)", user.QuotaPerDay()), nil))
 	}
-	channel, err := app.GetOrCreateChannel(ctx, *UserID, channelDisplayName, channelInternalName)
+	channel, err := app.GetOrCreateChannel(ctx, user.UserID, channelDisplayName, channelInternalName)
 	if err != nil {
 		return nil, langext.Ptr(ginresp.SendAPIError(g, 500, apierr.DATABASE_ERROR, hl.NONE, "Failed to query/create (owned) channel", err))
 	}
@@ -145,7 +143,7 @@ func (app *Application) SendMessage(g *gin.Context, ctx *AppContext, UserID *mod
 	clientIP := g.ClientIP()
-	msg, err := app.Database.Primary.CreateMessage(ctx, *UserID, channel, sendTimestamp, *Title, Content, priority, UserMessageID, clientIP, SenderName, keytok.KeyTokenID)
+	msg, err := app.Database.Primary.CreateMessage(ctx, user.UserID, channel, sendTimestamp, *Title, Content, priority, UserMessageID, clientIP, SenderName, keytok.KeyTokenID)
 	if err != nil {
 		return nil, langext.Ptr(ginresp.SendAPIError(g, 500, apierr.DATABASE_ERROR, hl.NONE, "Failed to create message in db", err))
 	}
@@ -176,7 +174,7 @@ func (app *Application) SendMessage(g *gin.Context, ctx *AppContext, UserID *mod
 		return nil, langext.Ptr(ginresp.SendAPIError(g, 500, apierr.DATABASE_ERROR, hl.NONE, "Failed to inc token msg-counter", err))
 	}
-	log.Info().Msg(fmt.Sprintf("Sending new notification %s for user %s (to %d active subscriptions)", msg.MessageID, UserID, len(activeSubscriptions)))
+	log.Info().Msg(fmt.Sprintf("Sending new notification %s for user %s (to %d active subscriptions)", msg.MessageID, user.UserID, len(activeSubscriptions)))
 	for _, sub := range activeSubscriptions {
 		clients, err := app.Database.Primary.ListClients(ctx, sub.SubscriberUserID)
--- a/scnserver/models/enums_gen.go
+++ b/scnserver/models/enums_gen.go
@@ -1,375 +0,0 @@
 // Code generated by enum-generate.go DO NOT EDIT.
 package models
 import "git.blackforestbytes.com/BlackForestBytes/goext/langext"
 import "git.blackforestbytes.com/BlackForestBytes/goext/enums"
 const ChecksumEnumGenerator = "1e8100b30bf6c946a1dfdc273b41efcaa91f33eab2bda12ce5dfa853741ac90b" // GoExtVersion: 0.0.575
 // ================================ ClientType ================================
 //
 // File:       client.go
 // StringEnum: true
 // DescrEnum:  false
 // DataEnum:   false
 //
 var __ClientTypeValues = []ClientType{
 	ClientTypeAndroid,
 	ClientTypeIOS,
 	ClientTypeLinux,
 	ClientTypeMacOS,
 	ClientTypeWindows,
 }
 var __ClientTypeVarnames = map[ClientType]string{
 	ClientTypeAndroid: "ClientTypeAndroid",
 	ClientTypeIOS:     "ClientTypeIOS",
 	ClientTypeLinux:   "ClientTypeLinux",
 	ClientTypeMacOS:   "ClientTypeMacOS",
 	ClientTypeWindows: "ClientTypeWindows",
 }
 func (e ClientType) Valid() bool {
 	return langext.InArray(e, __ClientTypeValues)
 }
 func (e ClientType) Values() []ClientType {
 	return __ClientTypeValues
 }
 func (e ClientType) ValuesAny() []any {
 	return langext.ArrCastToAny(__ClientTypeValues)
 }
 func (e ClientType) ValuesMeta() []enums.EnumMetaValue {
 	return ClientTypeValuesMeta()
 }
 func (e ClientType) String() string {
 	return string(e)
 }
 func (e ClientType) VarName() string {
 	if d, ok := __ClientTypeVarnames[e]; ok {
 		return d
 	}
 	return ""
 }
 func (e ClientType) TypeName() string {
 	return "ClientType"
 }
 func (e ClientType) PackageName() string {
 	return "models"
 }
 func (e ClientType) Meta() enums.EnumMetaValue {
 	return enums.EnumMetaValue{VarName: e.VarName(), Value: e, Description: nil}
 }
 func ParseClientType(vv string) (ClientType, bool) {
 	for _, ev := range __ClientTypeValues {
 		if string(ev) == vv {
 			return ev, true
 		}
 	}
 	return "", false
 }
 func ClientTypeValues() []ClientType {
 	return __ClientTypeValues
 }
 func ClientTypeValuesMeta() []enums.EnumMetaValue {
 	return []enums.EnumMetaValue{
 		ClientTypeAndroid.Meta(),
 		ClientTypeIOS.Meta(),
 		ClientTypeLinux.Meta(),
 		ClientTypeMacOS.Meta(),
 		ClientTypeWindows.Meta(),
 	}
 }
 // ================================ DeliveryStatus ================================
 //
 // File:       delivery.go
 // StringEnum: true
 // DescrEnum:  false
 // DataEnum:   false
 //
 var __DeliveryStatusValues = []DeliveryStatus{
 	DeliveryStatusRetry,
 	DeliveryStatusSuccess,
 	DeliveryStatusFailed,
 }
 var __DeliveryStatusVarnames = map[DeliveryStatus]string{
 	DeliveryStatusRetry:   "DeliveryStatusRetry",
 	DeliveryStatusSuccess: "DeliveryStatusSuccess",
 	DeliveryStatusFailed:  "DeliveryStatusFailed",
 }
 func (e DeliveryStatus) Valid() bool {
 	return langext.InArray(e, __DeliveryStatusValues)
 }
 func (e DeliveryStatus) Values() []DeliveryStatus {
 	return __DeliveryStatusValues
 }
 func (e DeliveryStatus) ValuesAny() []any {
 	return langext.ArrCastToAny(__DeliveryStatusValues)
 }
 func (e DeliveryStatus) ValuesMeta() []enums.EnumMetaValue {
 	return DeliveryStatusValuesMeta()
 }
 func (e DeliveryStatus) String() string {
 	return string(e)
 }
 func (e DeliveryStatus) VarName() string {
 	if d, ok := __DeliveryStatusVarnames[e]; ok {
 		return d
 	}
 	return ""
 }
 func (e DeliveryStatus) TypeName() string {
 	return "DeliveryStatus"
 }
 func (e DeliveryStatus) PackageName() string {
 	return "models"
 }
 func (e DeliveryStatus) Meta() enums.EnumMetaValue {
 	return enums.EnumMetaValue{VarName: e.VarName(), Value: e, Description: nil}
 }
 func ParseDeliveryStatus(vv string) (DeliveryStatus, bool) {
 	for _, ev := range __DeliveryStatusValues {
 		if string(ev) == vv {
 			return ev, true
 		}
 	}
 	return "", false
 }
 func DeliveryStatusValues() []DeliveryStatus {
 	return __DeliveryStatusValues
 }
 func DeliveryStatusValuesMeta() []enums.EnumMetaValue {
 	return []enums.EnumMetaValue{
 		DeliveryStatusRetry.Meta(),
 		DeliveryStatusSuccess.Meta(),
 		DeliveryStatusFailed.Meta(),
 	}
 }
 // ================================ TokenPerm ================================
 //
 // File:       keytoken.go
 // StringEnum: true
 // DescrEnum:  true
 // DataEnum:   false
 //
 var __TokenPermValues = []TokenPerm{
 	PermAdmin,
 	PermChannelRead,
 	PermChannelSend,
 	PermUserRead,
 }
 var __TokenPermDescriptions = map[TokenPerm]string{
 	PermAdmin:       "Edit userdata (+ includes all other permissions)",
 	PermChannelRead: "Read messages",
 	PermChannelSend: "Send messages",
 	PermUserRead:    "Read userdata",
 }
 var __TokenPermVarnames = map[TokenPerm]string{
 	PermAdmin:       "PermAdmin",
 	PermChannelRead: "PermChannelRead",
 	PermChannelSend: "PermChannelSend",
 	PermUserRead:    "PermUserRead",
 }
 func (e TokenPerm) Valid() bool {
 	return langext.InArray(e, __TokenPermValues)
 }
 func (e TokenPerm) Values() []TokenPerm {
 	return __TokenPermValues
 }
 func (e TokenPerm) ValuesAny() []any {
 	return langext.ArrCastToAny(__TokenPermValues)
 }
 func (e TokenPerm) ValuesMeta() []enums.EnumMetaValue {
 	return TokenPermValuesMeta()
 }
 func (e TokenPerm) String() string {
 	return string(e)
 }
 func (e TokenPerm) Description() string {
 	if d, ok := __TokenPermDescriptions[e]; ok {
 		return d
 	}
 	return ""
 }
 func (e TokenPerm) VarName() string {
 	if d, ok := __TokenPermVarnames[e]; ok {
 		return d
 	}
 	return ""
 }
 func (e TokenPerm) TypeName() string {
 	return "TokenPerm"
 }
 func (e TokenPerm) PackageName() string {
 	return "models"
 }
 func (e TokenPerm) Meta() enums.EnumMetaValue {
 	return enums.EnumMetaValue{VarName: e.VarName(), Value: e, Description: langext.Ptr(e.Description())}
 }
 func (e TokenPerm) DescriptionMeta() enums.EnumDescriptionMetaValue {
 	return enums.EnumDescriptionMetaValue{VarName: e.VarName(), Value: e, Description: e.Description()}
 }
 func ParseTokenPerm(vv string) (TokenPerm, bool) {
 	for _, ev := range __TokenPermValues {
 		if string(ev) == vv {
 			return ev, true
 		}
 	}
 	return "", false
 }
 func TokenPermValues() []TokenPerm {
 	return __TokenPermValues
 }
 func TokenPermValuesMeta() []enums.EnumMetaValue {
 	return []enums.EnumMetaValue{
 		PermAdmin.Meta(),
 		PermChannelRead.Meta(),
 		PermChannelSend.Meta(),
 		PermUserRead.Meta(),
 	}
 }
 func TokenPermValuesDescriptionMeta() []enums.EnumDescriptionMetaValue {
 	return []enums.EnumDescriptionMetaValue{
 		PermAdmin.DescriptionMeta(),
 		PermChannelRead.DescriptionMeta(),
 		PermChannelSend.DescriptionMeta(),
 		PermUserRead.DescriptionMeta(),
 	}
 }
 // ================================ TransactionLockMode ================================
 //
 // File:       lock.go
 // StringEnum: true
 // DescrEnum:  false
 // DataEnum:   false
 //
 var __TransactionLockModeValues = []TransactionLockMode{
 	TLockNone,
 	TLockRead,
 	TLockReadWrite,
 }
 var __TransactionLockModeVarnames = map[TransactionLockMode]string{
 	TLockNone:      "TLockNone",
 	TLockRead:      "TLockRead",
 	TLockReadWrite: "TLockReadWrite",
 }
 func (e TransactionLockMode) Valid() bool {
 	return langext.InArray(e, __TransactionLockModeValues)
 }
 func (e TransactionLockMode) Values() []TransactionLockMode {
 	return __TransactionLockModeValues
 }
 func (e TransactionLockMode) ValuesAny() []any {
 	return langext.ArrCastToAny(__TransactionLockModeValues)
 }
 func (e TransactionLockMode) ValuesMeta() []enums.EnumMetaValue {
 	return TransactionLockModeValuesMeta()
 }
 func (e TransactionLockMode) String() string {
 	return string(e)
 }
 func (e TransactionLockMode) VarName() string {
 	if d, ok := __TransactionLockModeVarnames[e]; ok {
 		return d
 	}
 	return ""
 }
 func (e TransactionLockMode) TypeName() string {
 	return "TransactionLockMode"
 }
 func (e TransactionLockMode) PackageName() string {
 	return "models"
 }
 func (e TransactionLockMode) Meta() enums.EnumMetaValue {
 	return enums.EnumMetaValue{VarName: e.VarName(), Value: e, Description: nil}
 }
 func ParseTransactionLockMode(vv string) (TransactionLockMode, bool) {
 	for _, ev := range __TransactionLockModeValues {
 		if string(ev) == vv {
 			return ev, true
 		}
 	}
 	return "", false
 }
 func TransactionLockModeValues() []TransactionLockMode {
 	return __TransactionLockModeValues
 }
 func TransactionLockModeValuesMeta() []enums.EnumMetaValue {
 	return []enums.EnumMetaValue{
 		TLockNone.Meta(),
 		TLockRead.Meta(),
 		TLockReadWrite.Meta(),
 	}
 }
 // ================================ ================= ================================
 func AllPackageEnums() []enums.Enum {
 	return []enums.Enum{
 		ClientTypeAndroid,   // ClientType
 		DeliveryStatusRetry, // DeliveryStatus
 		PermAdmin,           // TokenPerm
 		TLockNone,           // TransactionLockMode
 	}
 }
--- a/scnserver/models/ids_gen.go
+++ b/scnserver/models/ids_gen.go
@@ -1,410 +0,0 @@
 // Code generated by csid-generate.go DO NOT EDIT.
 package models
 import "crypto/rand"
 import "crypto/sha256"
 import "fmt"
 import "github.com/go-playground/validator/v10"
 import "github.com/rs/zerolog/log"
 import "git.blackforestbytes.com/BlackForestBytes/goext/exerr"
 import "git.blackforestbytes.com/BlackForestBytes/goext/langext"
 import "git.blackforestbytes.com/BlackForestBytes/goext/rext"
 import "math/big"
 import "reflect"
 import "regexp"
 import "strings"
 const ChecksumCharsetIDGenerator = "1e8100b30bf6c946a1dfdc273b41efcaa91f33eab2bda12ce5dfa853741ac90b" // GoExtVersion: 0.0.575
 const idlen = 24
 const checklen = 1
 const idCharset = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
 const idCharsetLen = len(idCharset)
 var charSetReverseMap = generateCharsetMap()
 const (
 	prefixUserID         = "USR"
 	prefixChannelID      = "CHA"
 	prefixDeliveryID     = "DEL"
 	prefixMessageID      = "MSG"
 	prefixSubscriptionID = "SUB"
 	prefixClientID       = "CLN"
 	prefixRequestID      = "REQ"
 	prefixKeyTokenID     = "TOK"
 )
 var (
 	regexUserID         = generateRegex(prefixUserID)
 	regexChannelID      = generateRegex(prefixChannelID)
 	regexDeliveryID     = generateRegex(prefixDeliveryID)
 	regexMessageID      = generateRegex(prefixMessageID)
 	regexSubscriptionID = generateRegex(prefixSubscriptionID)
 	regexClientID       = generateRegex(prefixClientID)
 	regexRequestID      = generateRegex(prefixRequestID)
 	regexKeyTokenID     = generateRegex(prefixKeyTokenID)
 )
 func generateRegex(prefix string) rext.Regex {
 	return rext.W(regexp.MustCompile(fmt.Sprintf("^%s[%s]{%d}[%s]{%d}$", prefix, idCharset, idlen-len(prefix)-checklen, idCharset, checklen)))
 }
 func generateCharsetMap() []int {
 	result := make([]int, 128)
 	for i := 0; i < len(result); i++ {
 		result[i] = -1
 	}
 	for idx, chr := range idCharset {
 		result[int(chr)] = idx
 	}
 	return result
 }
 func generateID(prefix string) string {
 	k := ""
 	csMax := big.NewInt(int64(idCharsetLen))
 	checksum := 0
 	for i := 0; i < idlen-len(prefix)-checklen; i++ {
 		v, err := rand.Int(rand.Reader, csMax)
 		if err != nil {
 			panic(err)
 		}
 		v64 := v.Int64()
 		k += string(idCharset[v64])
 		checksum = (checksum + int(v64)) % (idCharsetLen)
 	}
 	checkstr := string(idCharset[checksum%idCharsetLen])
 	return prefix + k + checkstr
 }
 func generateIDFromSeed(prefix string, seed string) string {
 	h := sha256.New()
 	iddata := ""
 	for len(iddata) < idlen-len(prefix)-checklen {
 		h.Write([]byte(seed))
 		bs := h.Sum(nil)
 		iddata += langext.NewAnyBaseConverter(idCharset).Encode(bs)
 	}
 	checksum := 0
 	for i := 0; i < idlen-len(prefix)-checklen; i++ {
 		ichr := int(iddata[i])
 		checksum = (checksum + charSetReverseMap[ichr]) % (idCharsetLen)
 	}
 	checkstr := string(idCharset[checksum%idCharsetLen])
 	return prefix + iddata[:(idlen-len(prefix)-checklen)] + checkstr
 }
 func validateID(prefix string, value string) error {
 	if len(value) != idlen {
 		return exerr.New(exerr.TypeInvalidCSID, "id has the wrong length").Str("value", value).Build()
 	}
 	if !strings.HasPrefix(value, prefix) {
 		return exerr.New(exerr.TypeInvalidCSID, "id is missing the correct prefix").Str("value", value).Str("prefix", prefix).Build()
 	}
 	checksum := 0
 	for i := len(prefix); i < len(value)-checklen; i++ {
 		ichr := int(value[i])
 		if ichr < 0 || ichr >= len(charSetReverseMap) || charSetReverseMap[ichr] == -1 {
 			return exerr.New(exerr.TypeInvalidCSID, "id contains invalid characters").Str("value", value).Build()
 		}
 		checksum = (checksum + charSetReverseMap[ichr]) % (idCharsetLen)
 	}
 	checkstr := string(idCharset[checksum%idCharsetLen])
 	if !strings.HasSuffix(value, checkstr) {
 		return exerr.New(exerr.TypeInvalidCSID, "id checkstring is invalid").Str("value", value).Str("checkstr", checkstr).Build()
 	}
 	return nil
 }
 func getRawData(prefix string, value string) string {
 	if len(value) != idlen {
 		return ""
 	}
 	return value[len(prefix) : idlen-checklen]
 }
 func getCheckString(prefix string, value string) string {
 	if len(value) != idlen {
 		return ""
 	}
 	return value[idlen-checklen:]
 }
 func ValidateEntityID(vfl validator.FieldLevel) bool {
 	if !vfl.Field().CanInterface() {
 		log.Error().Msgf("Failed to validate EntityID (cannot interface ?!?)")
 		return false
 	}
 	ifvalue := vfl.Field().Interface()
 	if value1, ok := ifvalue.(EntityID); ok {
 		if vfl.Field().Type().Kind() == reflect.Pointer && langext.IsNil(value1) {
 			return true
 		}
 		if err := value1.Valid(); err != nil {
 			log.Debug().Msgf("Failed to validate EntityID '%s' (%s)", value1.String(), err.Error())
 			return false
 		} else {
 			return true
 		}
 	} else {
 		log.Error().Msgf("Failed to validate EntityID (wrong type: %T)", ifvalue)
 		return false
 	}
 }
 // ================================ UserID (ids.go) ================================
 func NewUserID() UserID {
 	return UserID(generateID(prefixUserID))
 }
 func (id UserID) Valid() error {
 	return validateID(prefixUserID, string(id))
 }
 func (i UserID) String() string {
 	return string(i)
 }
 func (i UserID) Prefix() string {
 	return prefixUserID
 }
 func (id UserID) Raw() string {
 	return getRawData(prefixUserID, string(id))
 }
 func (id UserID) CheckString() string {
 	return getCheckString(prefixUserID, string(id))
 }
 func (id UserID) Regex() rext.Regex {
 	return regexUserID
 }
 // ================================ ChannelID (ids.go) ================================
 func NewChannelID() ChannelID {
 	return ChannelID(generateID(prefixChannelID))
 }
 func (id ChannelID) Valid() error {
 	return validateID(prefixChannelID, string(id))
 }
 func (i ChannelID) String() string {
 	return string(i)
 }
 func (i ChannelID) Prefix() string {
 	return prefixChannelID
 }
 func (id ChannelID) Raw() string {
 	return getRawData(prefixChannelID, string(id))
 }
 func (id ChannelID) CheckString() string {
 	return getCheckString(prefixChannelID, string(id))
 }
 func (id ChannelID) Regex() rext.Regex {
 	return regexChannelID
 }
 // ================================ DeliveryID (ids.go) ================================
 func NewDeliveryID() DeliveryID {
 	return DeliveryID(generateID(prefixDeliveryID))
 }
 func (id DeliveryID) Valid() error {
 	return validateID(prefixDeliveryID, string(id))
 }
 func (i DeliveryID) String() string {
 	return string(i)
 }
 func (i DeliveryID) Prefix() string {
 	return prefixDeliveryID
 }
 func (id DeliveryID) Raw() string {
 	return getRawData(prefixDeliveryID, string(id))
 }
 func (id DeliveryID) CheckString() string {
 	return getCheckString(prefixDeliveryID, string(id))
 }
 func (id DeliveryID) Regex() rext.Regex {
 	return regexDeliveryID
 }
 // ================================ MessageID (ids.go) ================================
 func NewMessageID() MessageID {
 	return MessageID(generateID(prefixMessageID))
 }
 func (id MessageID) Valid() error {
 	return validateID(prefixMessageID, string(id))
 }
 func (i MessageID) String() string {
 	return string(i)
 }
 func (i MessageID) Prefix() string {
 	return prefixMessageID
 }
 func (id MessageID) Raw() string {
 	return getRawData(prefixMessageID, string(id))
 }
 func (id MessageID) CheckString() string {
 	return getCheckString(prefixMessageID, string(id))
 }
 func (id MessageID) Regex() rext.Regex {
 	return regexMessageID
 }
 // ================================ SubscriptionID (ids.go) ================================
 func NewSubscriptionID() SubscriptionID {
 	return SubscriptionID(generateID(prefixSubscriptionID))
 }
 func (id SubscriptionID) Valid() error {
 	return validateID(prefixSubscriptionID, string(id))
 }
 func (i SubscriptionID) String() string {
 	return string(i)
 }
 func (i SubscriptionID) Prefix() string {
 	return prefixSubscriptionID
 }
 func (id SubscriptionID) Raw() string {
 	return getRawData(prefixSubscriptionID, string(id))
 }
 func (id SubscriptionID) CheckString() string {
 	return getCheckString(prefixSubscriptionID, string(id))
 }
 func (id SubscriptionID) Regex() rext.Regex {
 	return regexSubscriptionID
 }
 // ================================ ClientID (ids.go) ================================
 func NewClientID() ClientID {
 	return ClientID(generateID(prefixClientID))
 }
 func (id ClientID) Valid() error {
 	return validateID(prefixClientID, string(id))
 }
 func (i ClientID) String() string {
 	return string(i)
 }
 func (i ClientID) Prefix() string {
 	return prefixClientID
 }
 func (id ClientID) Raw() string {
 	return getRawData(prefixClientID, string(id))
 }
 func (id ClientID) CheckString() string {
 	return getCheckString(prefixClientID, string(id))
 }
 func (id ClientID) Regex() rext.Regex {
 	return regexClientID
 }
 // ================================ RequestID (ids.go) ================================
 func NewRequestID() RequestID {
 	return RequestID(generateID(prefixRequestID))
 }
 func (id RequestID) Valid() error {
 	return validateID(prefixRequestID, string(id))
 }
 func (i RequestID) String() string {
 	return string(i)
 }
 func (i RequestID) Prefix() string {
 	return prefixRequestID
 }
 func (id RequestID) Raw() string {
 	return getRawData(prefixRequestID, string(id))
 }
 func (id RequestID) CheckString() string {
 	return getCheckString(prefixRequestID, string(id))
 }
 func (id RequestID) Regex() rext.Regex {
 	return regexRequestID
 }
 // ================================ KeyTokenID (ids.go) ================================
 func NewKeyTokenID() KeyTokenID {
 	return KeyTokenID(generateID(prefixKeyTokenID))
 }
 func (id KeyTokenID) Valid() error {
 	return validateID(prefixKeyTokenID, string(id))
 }
 func (i KeyTokenID) String() string {
 	return string(i)
 }
 func (i KeyTokenID) Prefix() string {
 	return prefixKeyTokenID
 }
 func (id KeyTokenID) Raw() string {
 	return getRawData(prefixKeyTokenID, string(id))
 }
 func (id KeyTokenID) CheckString() string {
 	return getCheckString(prefixKeyTokenID, string(id))
 }
 func (id KeyTokenID) Regex() rext.Regex {
 	return regexKeyTokenID
 }
--- a/scnserver/swagger/swagger.json
+++ b/scnserver/swagger/swagger.json
--- a/scnserver/swagger/swagger.yaml
+++ b/scnserver/swagger/swagger.yaml
--- a/scnserver/test/channel_test.go
+++ b/scnserver/test/channel_test.go
@@ -1143,7 +1143,6 @@ func TestChannelMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1001, 1),
 	})
@@ -1172,7 +1171,6 @@ func TestChannelMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1002, 1),
 	})
@@ -1180,19 +1178,16 @@ func TestChannelMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     admintok,
 		"user_id": uid,
 		"channel": "Chan1",
 		"title":   tt.ShortLipsum(1003, 1),
 	})
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     admintok,
 		"user_id": uid,
 		"channel": "Chan2",
 		"title":   tt.ShortLipsum(1004, 1),
 	})
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     admintok,
 		"user_id": uid,
 		"channel": "Chan2",
 		"title":   tt.ShortLipsum(1005, 1),
 	})
--- a/scnserver/test/keytoken_test.go
+++ b/scnserver/test/keytoken_test.go
@@ -126,7 +126,6 @@ func TestTokenKeys(t *testing.T) {
 	msg1s := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     key7.Token,
 		"user_id": data.UID,
 		"channel": "testchan1",
 		"title":   "HelloWorld_001",
 	})
@@ -137,14 +136,12 @@ func TestTokenKeys(t *testing.T) {
 	tt.RequestPostShouldFail(t, baseUrl, "/", gin.H{
 		"key":     key7.Token,
 		"user_id": data.UID,
 		"channel": "testchan2",
 		"title":   "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED) // wrong channel
 	tt.RequestPostShouldFail(t, baseUrl, "/", gin.H{
 		"key":   key7.Token,
 		"user_id": data.UID,
 		"title": "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED) // no channel (=main)
@@ -161,7 +158,6 @@ func TestTokenKeys(t *testing.T) {
 	tt.RequestPostShouldFail(t, baseUrl, "/", gin.H{
 		"key":   key8.Token,
 		"user_id": data.UID,
 		"title": "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED) // no send perm
@@ -470,14 +466,12 @@ func TestTokenKeysPermissions(t *testing.T) {
 	tt.RequestPostShouldFail(t, baseUrl, "/", gin.H{
 		"key":     key7.Token,
 		"user_id": data.UID,
 		"channel": "testchan2",
 		"title":   "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED) // wrong channel
 	tt.RequestPostShouldFail(t, baseUrl, "/", gin.H{
 		"key":   key7.Token,
 		"user_id": data.UID,
 		"title": "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED) // no channel (=main)
@@ -494,7 +488,6 @@ func TestTokenKeysPermissions(t *testing.T) {
 	tt.RequestPostShouldFail(t, baseUrl, "/", gin.H{
 		"key":   key8.Token,
 		"user_id": data.UID,
 		"title": "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED) // no send perm
@@ -551,7 +544,6 @@ func TestTokenKeysMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1001, 1),
 	})
@@ -559,7 +551,6 @@ func TestTokenKeysMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1002, 1),
 	})
@@ -567,7 +558,6 @@ func TestTokenKeysMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   sendtok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1002, 1),
 	})
@@ -575,19 +565,16 @@ func TestTokenKeysMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     sendtok,
 		"user_id": uid,
 		"channel": "Chan1",
 		"title":   tt.ShortLipsum(1003, 1),
 	})
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     sendtok,
 		"user_id": uid,
 		"channel": "Chan2",
 		"title":   tt.ShortLipsum(1004, 1),
 	})
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     sendtok,
 		"user_id": uid,
 		"channel": "Chan2",
 		"title":   tt.ShortLipsum(1005, 1),
 	})
@@ -597,7 +584,6 @@ func TestTokenKeysMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     admintok,
 		"user_id": uid,
 		"channel": "Chan2",
 		"title":   tt.ShortLipsum(1004, 1),
 	})
@@ -606,7 +592,6 @@ func TestTokenKeysMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1002, 1),
 	})
--- a/scnserver/test/main_test.go
+++ b/scnserver/test/main_test.go
@@ -2,11 +2,13 @@ package test
 import (
 	"database/sql"
 	"os"
 	"testing"
 	tt "blackforestbytes.com/simplecloudnotifier/test/util"
 	"git.blackforestbytes.com/BlackForestBytes/goext/exerr"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"github.com/glebarez/go-sqlite"
 	"os"
 	"testing"
 )
 func TestMain(m *testing.M) {
@@ -20,3 +22,10 @@ func TestMain(m *testing.M) {
 	os.Exit(m.Run())
 }
 func TestInitFactory(t *testing.T) {
 	ws, _, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	tt.InitDefaultData(t, ws)
 }
--- a/scnserver/test/message_test.go
+++ b/scnserver/test/message_test.go
@@ -418,13 +418,11 @@ func TestDeleteMessage(t *testing.T) {
 		"fcm_token":     "DUMMY_FCM",
 	})
 	uid := r0["user_id"].(string)
 	sendtok := r0["send_key"].(string)
 	admintok := r0["admin_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   sendtok,
 		"user_id": uid,
 		"title": "Message_1",
 	})
@@ -446,13 +444,11 @@ func TestDeleteMessageAndResendUsrMsgId(t *testing.T) {
 		"fcm_token":     "DUMMY_FCM",
 	})
 	uid := r0["user_id"].(string)
 	sendtok := r0["send_key"].(string)
 	admintok := r0["admin_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":    sendtok,
 		"user_id": uid,
 		"title":  "Message_1",
 		"msg_id": "bef8dd3d-078e-4f89-abf4-5258ad22a2e4",
 	})
@@ -463,7 +459,6 @@ func TestDeleteMessageAndResendUsrMsgId(t *testing.T) {
 	msg2 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":    sendtok,
 		"user_id": uid,
 		"title":  "Message_1",
 		"msg_id": "bef8dd3d-078e-4f89-abf4-5258ad22a2e4",
 	})
@@ -476,7 +471,6 @@ func TestDeleteMessageAndResendUsrMsgId(t *testing.T) {
 	msg3 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":    sendtok,
 		"user_id": uid,
 		"title":  "Message_1",
 		"msg_id": "bef8dd3d-078e-4f89-abf4-5258ad22a2e4",
 	})
@@ -493,7 +487,6 @@ func TestGetMessageSimple(t *testing.T) {
 	msgOut := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   data.User[0].SendKey,
 		"user_id": data.User[0].UID,
 		"title": "Message_1",
 	})
@@ -533,7 +526,6 @@ func TestGetMessageFull(t *testing.T) {
 	msgOut := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":         data.User[0].SendKey,
 		"user_id":     data.User[0].UID,
 		"title":       "Message_1",
 		"content":     content,
 		"channel":     "demo-channel-007",
@@ -948,7 +940,6 @@ func TestDeactivatedSubscriptionListMessages(t *testing.T) {
 	newMessageTitle := langext.RandBase62(48)
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     user15.AdminKey,
 		"user_id": user15.UID,
 		"channel": chanName,
 		"title":   newMessageTitle,
 	})
@@ -1122,7 +1113,6 @@ func TestActiveSubscriptionListMessages(t *testing.T) {
 	newMessageTitle := langext.RandBase62(48)
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     user15.AdminKey,
 		"user_id": user15.UID,
 		"channel": chanName,
 		"title":   newMessageTitle,
 	})
@@ -1176,7 +1166,6 @@ func TestUnconfirmedSubscriptionListMessages(t *testing.T) {
 	newMessageTitle := langext.RandBase62(48)
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     user15.AdminKey,
 		"user_id": user15.UID,
 		"channel": chanName,
 		"title":   newMessageTitle,
 	})
@@ -1229,7 +1218,7 @@ func TestListMessagesSubscriptionStatusAllInactiveSubscription(t *testing.T) {
 	subscriptionID, _ := tt.FindSubscriptionByChanName(t, baseUrl, user14, user15.UID, chanName)
 	newMessageTitle := langext.RandBase62(48)
-	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{"key": user15.AdminKey, "user_id": user15.UID, "channel": chanName, "title": newMessageTitle})
+	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{"key": user15.AdminKey, "channel": chanName, "title": newMessageTitle})
 	type msg struct {
 		MessageId string `json:"message_id"`
@@ -1282,7 +1271,7 @@ func TestListMessagesSubscriptionStatusAllNoSubscription(t *testing.T) {
 	chan2 := data.User[0].Channels[2]
 	newMessageTitle := langext.RandBase62(48)
-	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{"key": user0.AdminKey, "user_id": user0.UID, "channel": chan2.InternalName, "title": newMessageTitle})
+	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{"key": user0.AdminKey, "channel": chan2.InternalName, "title": newMessageTitle})
 	{
 		messages := tt.RequestAuthGet[mglist](t, user0.AdminKey, baseUrl, "/api/v2/messages")
@@ -1313,3 +1302,361 @@ func TestListMessagesSubscriptionStatusAllNoSubscription(t *testing.T) {
 	}
 }
 func TestListMessagesPaginatedDirect(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitDefaultData(t, ws)
 	type msg struct {
 		ChannelId           string `json:"channel_id"`
 		ChannelInternalName string `json:"channel_internal_name"`
 		Content             string `json:"content"`
 		MessageId           string `json:"message_id"`
 		OwnerUserId         string `json:"owner_user_id"`
 		Priority            int    `json:"priority"`
 		SenderIp            string `json:"sender_ip"`
 		SenderName          string `json:"sender_name"`
 		SenderUserId        string `json:"sender_user_id"`
 		Timestamp           string `json:"timestamp"`
 		Title               string `json:"title"`
 		Trimmed             bool   `json:"trimmed"`
 		UsrMessageId        string `json:"usr_message_id"`
 	}
 	type mglist struct {
 		Messages []msg  `json:"messages"`
 		NPT      string `json:"next_page_token"`
 		PageSize int    `json:"page_size"`
 	}
 	// User 16 has 23 messages: "Lorem Ipsum 01" through "Lorem Ipsum 23"
 	// With page_size=10:
 	//   Page 0 ($0): messages 23-14 (10 items)
 	//   Page 1 ($1): messages 13-04 (10 items)
 	//   Page 2 ($2): messages 03-01 (3 items)
 	// Test $0 - first page (same as @start)
 	{
 		msgList := tt.RequestAuthGet[mglist](t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$0"))
 		tt.AssertEqual(t, "msgList.len", 10, len(msgList.Messages))
 		tt.AssertEqual(t, "msgList.PageSize", 10, msgList.PageSize)
 		tt.AssertEqual(t, "msgList[0]", "Lorem Ipsum 23", msgList.Messages[0].Title)
 		tt.AssertEqual(t, "msgList[9]", "Lorem Ipsum 14", msgList.Messages[9].Title)
 		tt.AssertEqual(t, "msgList.NPT", "$1", msgList.NPT)
 	}
 	// Test $1 - second page
 	{
 		msgList := tt.RequestAuthGet[mglist](t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$1"))
 		tt.AssertEqual(t, "msgList.len", 10, len(msgList.Messages))
 		tt.AssertEqual(t, "msgList.PageSize", 10, msgList.PageSize)
 		tt.AssertEqual(t, "msgList[0]", "Lorem Ipsum 13", msgList.Messages[0].Title)
 		tt.AssertEqual(t, "msgList[9]", "Lorem Ipsum 04", msgList.Messages[9].Title)
 		tt.AssertEqual(t, "msgList.NPT", "$2", msgList.NPT)
 	}
 	// Test $2 - third/last page
 	{
 		msgList := tt.RequestAuthGet[mglist](t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$2"))
 		tt.AssertEqual(t, "msgList.len", 3, len(msgList.Messages))
 		tt.AssertEqual(t, "msgList.PageSize", 10, msgList.PageSize)
 		tt.AssertEqual(t, "msgList[0]", "Lorem Ipsum 03", msgList.Messages[0].Title)
 		tt.AssertEqual(t, "msgList[2]", "Lorem Ipsum 01", msgList.Messages[2].Title)
 		tt.AssertEqual(t, "msgList.NPT", "@end", msgList.NPT)
 	}
 }
 func TestListMessagesPaginatedDirectJumpToMiddle(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitDefaultData(t, ws)
 	type msg struct {
 		ChannelId           string `json:"channel_id"`
 		ChannelInternalName string `json:"channel_internal_name"`
 		Content             string `json:"content"`
 		MessageId           string `json:"message_id"`
 		OwnerUserId         string `json:"owner_user_id"`
 		Priority            int    `json:"priority"`
 		SenderIp            string `json:"sender_ip"`
 		SenderName          string `json:"sender_name"`
 		SenderUserId        string `json:"sender_user_id"`
 		Timestamp           string `json:"timestamp"`
 		Title               string `json:"title"`
 		Trimmed             bool   `json:"trimmed"`
 		UsrMessageId        string `json:"usr_message_id"`
 	}
 	type mglist struct {
 		Messages []msg  `json:"messages"`
 		NPT      string `json:"next_page_token"`
 		PageSize int    `json:"page_size"`
 	}
 	// Jump directly to page 1 (second page) without going through page 0
 	{
 		msgList := tt.RequestAuthGet[mglist](t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$1"))
 		tt.AssertEqual(t, "msgList.len", 10, len(msgList.Messages))
 		tt.AssertEqual(t, "msgList[0]", "Lorem Ipsum 13", msgList.Messages[0].Title)
 		tt.AssertEqual(t, "msgList.NPT", "$2", msgList.NPT)
 	}
 	// Jump directly to page 2 (third page) without going through pages 0 and 1
 	{
 		msgList := tt.RequestAuthGet[mglist](t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$2"))
 		tt.AssertEqual(t, "msgList.len", 3, len(msgList.Messages))
 		tt.AssertEqual(t, "msgList[0]", "Lorem Ipsum 03", msgList.Messages[0].Title)
 		tt.AssertEqual(t, "msgList.NPT", "@end", msgList.NPT)
 	}
 }
 func TestListMessagesPaginatedDirectBeyondEnd(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitDefaultData(t, ws)
 	type msg struct {
 		ChannelId           string `json:"channel_id"`
 		ChannelInternalName string `json:"channel_internal_name"`
 		Content             string `json:"content"`
 		MessageId           string `json:"message_id"`
 		OwnerUserId         string `json:"owner_user_id"`
 		Priority            int    `json:"priority"`
 		SenderIp            string `json:"sender_ip"`
 		SenderName          string `json:"sender_name"`
 		SenderUserId        string `json:"sender_user_id"`
 		Timestamp           string `json:"timestamp"`
 		Title               string `json:"title"`
 		Trimmed             bool   `json:"trimmed"`
 		UsrMessageId        string `json:"usr_message_id"`
 	}
 	type mglist struct {
 		Messages []msg  `json:"messages"`
 		NPT      string `json:"next_page_token"`
 		PageSize int    `json:"page_size"`
 	}
 	// Request a page beyond the last available data (page 10 when only 3 pages exist)
 	{
 		msgList := tt.RequestAuthGet[mglist](t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$10"))
 		tt.AssertEqual(t, "msgList.len", 0, len(msgList.Messages))
 		tt.AssertEqual(t, "msgList.NPT", "@end", msgList.NPT)
 	}
 }
 func TestListMessagesPaginatedDirectWithFilters(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitDefaultData(t, ws)
 	type msg struct {
 		ChannelId           string `json:"channel_id"`
 		ChannelInternalName string `json:"channel_internal_name"`
 		Content             string `json:"content"`
 		MessageId           string `json:"message_id"`
 		OwnerUserId         string `json:"owner_user_id"`
 		Priority            int    `json:"priority"`
 		SenderIp            string `json:"sender_ip"`
 		SenderName          string `json:"sender_name"`
 		SenderUserId        string `json:"sender_user_id"`
 		Timestamp           string `json:"timestamp"`
 		Title               string `json:"title"`
 		Trimmed             bool   `json:"trimmed"`
 		UsrMessageId        string `json:"usr_message_id"`
 	}
 	type mglist struct {
 		Messages   []msg  `json:"messages"`
 		NPT        string `json:"next_page_token"`
 		PageSize   int    `json:"page_size"`
 		TotalCount int    `json:"total_count"`
 	}
 	// Test pagination with a filter applied
 	// User 0 has 22 messages, filter by priority=1 should give 11 messages
 	{
 		// First page
 		msgList0 := tt.RequestAuthGet[mglist](t, data.User[0].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s&priority=1", 5, "$0"))
 		tt.AssertEqual(t, "msgList0.len", 5, len(msgList0.Messages))
 		tt.AssertEqual(t, "msgList0.NPT", "$1", msgList0.NPT)
 		// Second page
 		msgList1 := tt.RequestAuthGet[mglist](t, data.User[0].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s&priority=1", 5, "$1"))
 		tt.AssertEqual(t, "msgList1.len", 5, len(msgList1.Messages))
 		tt.AssertEqual(t, "msgList1.NPT", "$2", msgList1.NPT)
 		// Third page (last)
 		msgList2 := tt.RequestAuthGet[mglist](t, data.User[0].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s&priority=1", 5, "$2"))
 		tt.AssertEqual(t, "msgList2.len", 1, len(msgList2.Messages))
 		tt.AssertEqual(t, "msgList2.NPT", "@end", msgList2.NPT)
 	}
 }
 func TestListMessagesPaginatedDirectChainedNavigation(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitDefaultData(t, ws)
 	type msg struct {
 		ChannelId           string `json:"channel_id"`
 		ChannelInternalName string `json:"channel_internal_name"`
 		Content             string `json:"content"`
 		MessageId           string `json:"message_id"`
 		OwnerUserId         string `json:"owner_user_id"`
 		Priority            int    `json:"priority"`
 		SenderIp            string `json:"sender_ip"`
 		SenderName          string `json:"sender_name"`
 		SenderUserId        string `json:"sender_user_id"`
 		Timestamp           string `json:"timestamp"`
 		Title               string `json:"title"`
 		Trimmed             bool   `json:"trimmed"`
 		UsrMessageId        string `json:"usr_message_id"`
 	}
 	type mglist struct {
 		Messages []msg  `json:"messages"`
 		NPT      string `json:"next_page_token"`
 		PageSize int    `json:"page_size"`
 	}
 	// Test that following the returned NPT from $0 correctly navigates through all pages
 	var allMessages []msg
 	npt := "$0"
 	for npt != "@end" {
 		msgList := tt.RequestAuthGet[mglist](t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, npt))
 		allMessages = append(allMessages, msgList.Messages...)
 		npt = msgList.NPT
 	}
 	// User 16 has 23 messages total
 	tt.AssertEqual(t, "total messages", 23, len(allMessages))
 	tt.AssertEqual(t, "first message", "Lorem Ipsum 23", allMessages[0].Title)
 	tt.AssertEqual(t, "last message", "Lorem Ipsum 01", allMessages[22].Title)
 }
 func TestListMessagesPaginatedDirectInvalidToken(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitDefaultData(t, ws)
 	// Test invalid paginated token (non-numeric after $)
 	tt.RequestAuthGetShouldFail(t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$abc"), 400, apierr.PAGETOKEN_ERROR)
 	// Test invalid paginated token (empty after $)
 	tt.RequestAuthGetShouldFail(t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$"), 400, apierr.PAGETOKEN_ERROR)
 	// Test invalid paginated token (float)
 	tt.RequestAuthGetShouldFail(t, data.User[16].AdminKey, baseUrl, fmt.Sprintf("/api/v2/messages?page_size=%d&next_page_token=%s", 10, "$1.5"), 400, apierr.PAGETOKEN_ERROR)
 }
 func TestListMessageDeliveries(t *testing.T) {
 	_, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	r0 := tt.RequestPost[gin.H](t, baseUrl, "/api/v2/users", gin.H{
 		"agent_model":   "DUMMY_PHONE",
 		"agent_version": "4X",
 		"client_type":   "ANDROID",
 		"fcm_token":     "DUMMY_FCM",
 	})
 	sendtok := r0["send_key"].(string)
 	admintok := r0["admin_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   sendtok,
 		"title": "Message_1",
 	})
 	type delivery struct {
 		DeliveryID       string  `json:"delivery_id"`
 		MessageID        string  `json:"message_id"`
 		ReceiverUserID   string  `json:"receiver_user_id"`
 		ReceiverClientID string  `json:"receiver_client_id"`
 		Status           string  `json:"status"`
 		RetryCount       int     `json:"retry_count"`
 		TimestampCreated string  `json:"timestamp_created"`
 		FCMMessageID     *string `json:"fcm_message_id"`
 	}
 	type deliveryList struct {
 		Deliveries []delivery `json:"deliveries"`
 	}
 	deliveries := tt.RequestAuthGet[deliveryList](t, admintok, baseUrl, "/api/v2/messages/"+fmt.Sprintf("%v", msg1["scn_msg_id"])+"/deliveries")
 	tt.AssertTrue(t, "deliveries.len >= 1", len(deliveries.Deliveries) >= 1)
 	tt.AssertEqual(t, "deliveries[0].message_id", fmt.Sprintf("%v", msg1["scn_msg_id"]), deliveries.Deliveries[0].MessageID)
 }
 func TestListMessageDeliveriesNotFound(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitDefaultData(t, ws)
 	tt.RequestAuthGetShouldFail(t, data.User[0].AdminKey, baseUrl, "/api/v2/messages/"+models.NewMessageID().String()+"/deliveries", 404, apierr.MESSAGE_NOT_FOUND)
 }
 func TestListMessageDeliveriesNoAuth(t *testing.T) {
 	_, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	r0 := tt.RequestPost[gin.H](t, baseUrl, "/api/v2/users", gin.H{
 		"agent_model":   "DUMMY_PHONE",
 		"agent_version": "4X",
 		"client_type":   "ANDROID",
 		"fcm_token":     "DUMMY_FCM",
 	})
 	sendtok := r0["send_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   sendtok,
 		"title": "Message_1",
 	})
 	tt.RequestGetShouldFail(t, baseUrl, "/api/v2/messages/"+fmt.Sprintf("%v", msg1["scn_msg_id"])+"/deliveries", 401, apierr.USER_AUTH_FAILED)
 }
 func TestListMessageDeliveriesNonAdminKey(t *testing.T) {
 	_, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	r0 := tt.RequestPost[gin.H](t, baseUrl, "/api/v2/users", gin.H{
 		"agent_model":   "DUMMY_PHONE",
 		"agent_version": "4X",
 		"client_type":   "ANDROID",
 		"fcm_token":     "DUMMY_FCM",
 	})
 	sendtok := r0["send_key"].(string)
 	readtok := r0["read_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   sendtok,
 		"title": "Message_1",
 	})
 	// read key should fail (not admin)
 	tt.RequestAuthGetShouldFail(t, readtok, baseUrl, "/api/v2/messages/"+fmt.Sprintf("%v", msg1["scn_msg_id"])+"/deliveries", 401, apierr.USER_AUTH_FAILED)
 }
 func TestListMessageDeliveriesDifferentUserChannel(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitDefaultData(t, ws)
 	// User 0 sends a message
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   data.User[0].SendKey,
 		"title": "Message_from_user_0",
 	})
 	// User 1 tries to access deliveries of User 0's message - should fail
 	tt.RequestAuthGetShouldFail(t, data.User[1].AdminKey, baseUrl, "/api/v2/messages/"+fmt.Sprintf("%v", msg1["scn_msg_id"])+"/deliveries", 401, apierr.USER_AUTH_FAILED)
 }
--- a/scnserver/test/send_test.go
+++ b/scnserver/test/send_test.go
@@ -1,18 +1,18 @@
 package test
 import (
 	"blackforestbytes.com/simplecloudnotifier/api/apierr"
 	"blackforestbytes.com/simplecloudnotifier/models"
 	"blackforestbytes.com/simplecloudnotifier/push"
 	tt "blackforestbytes.com/simplecloudnotifier/test/util"
 	"fmt"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"github.com/gin-gonic/gin"
 	"math/rand/v2"
 	"net/url"
 	"strings"
 	"testing"
 	"time"
 	"blackforestbytes.com/simplecloudnotifier/api/apierr"
 	"blackforestbytes.com/simplecloudnotifier/push"
 	tt "blackforestbytes.com/simplecloudnotifier/test/util"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"github.com/gin-gonic/gin"
 )
 func TestSendSimpleMessageJSON(t *testing.T) {
@@ -28,26 +28,22 @@ func TestSendSimpleMessageJSON(t *testing.T) {
 		"fcm_token":     "DUMMY_FCM",
 	})
 	uid := r0["user_id"].(string)
 	admintok := r0["admin_key"].(string)
 	readtok := r0["read_key"].(string)
 	sendtok := r0["send_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   sendtok,
 		"user_id": uid,
 		"title": "HelloWorld_001",
 	})
 	tt.RequestPostShouldFail(t, baseUrl, "/", gin.H{
 		"key":   readtok,
 		"user_id": uid,
 		"title": "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED)
 	tt.RequestPostShouldFail(t, baseUrl, "/", gin.H{
 		"key":   "asdf",
 		"user_id": uid,
 		"title": "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED)
@@ -117,13 +113,11 @@ func TestSendSimpleMessageForm(t *testing.T) {
 		"fcm_token":     "DUMMY_FCM",
 	})
 	uid := r0["user_id"].(string)
 	admintok := r0["admin_key"].(string)
 	sendtok := r0["send_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", tt.FormData{
 		"key":   sendtok,
 		"user_id": uid,
 		"title": "Hello World 9999 [$$$]",
 	})
@@ -190,7 +184,6 @@ func TestSendSimpleMessageJSONAndQuery(t *testing.T) {
 	// query overwrite body
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, fmt.Sprintf("/?user_id=%s&key=%s&title=%s", uid, sendtok, url.QueryEscape("1111111")), gin.H{
 		"key":   "ERR",
 		"user_id": models.NewUserID(),
 		"title": "2222222",
 	})
@@ -212,20 +205,17 @@ func TestSendSimpleMessageAlt1(t *testing.T) {
 		"fcm_token":     "DUMMY_FCM",
 	})
 	uid := r0["user_id"].(string)
 	admintok := r0["admin_key"].(string)
 	readtok := r0["read_key"].(string)
 	sendtok := r0["send_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/send", gin.H{
 		"key":   sendtok,
 		"user_id": uid,
 		"title": "HelloWorld_001",
 	})
 	tt.RequestPostShouldFail(t, baseUrl, "/send", gin.H{
 		"key":   readtok,
 		"user_id": uid,
 		"title": "HelloWorld_001",
 	}, 401, apierr.USER_AUTH_FAILED)
@@ -259,13 +249,11 @@ func TestSendContentMessage(t *testing.T) {
 		"fcm_token":     "DUMMY_FCM",
 	})
 	uid := r0["user_id"].(string)
 	admintok := r0["admin_key"].(string)
 	sendtok := r0["send_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     sendtok,
 		"user_id": uid,
 		"title":   "HelloWorld_042",
 		"content": "I am Content\nasdf",
 	})
@@ -304,13 +292,11 @@ func TestSendWithSendername(t *testing.T) {
 		"fcm_token":     "DUMMY_FCM",
 	})
 	uid := r0["user_id"].(string)
 	sendtok := r0["send_key"].(string)
 	admintok := r0["admin_key"].(string)
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":         sendtok,
 		"user_id":     uid,
 		"title":       "HelloWorld_xyz",
 		"content":     "Unicode: 日本 - yäy\000\n\t\x00...",
 		"sender_name": "localhorst",
@@ -353,7 +339,6 @@ func TestSendLongContent(t *testing.T) {
 		"fcm_token":     "DUMMY_FCM",
 	})
 	uid := r0["user_id"].(string)
 	admintok := r0["admin_key"].(string)
 	sendtok := r0["send_key"].(string)
@@ -364,7 +349,6 @@ func TestSendLongContent(t *testing.T) {
 	msg1 := tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":     sendtok,
 		"user_id": uid,
 		"title":   "HelloWorld_042",
 		"content": longContent,
 	})
--- a/scnserver/test/shoutrrr_test.go
+++ b/scnserver/test/shoutrrr_test.go
@@ -0,0 +1,127 @@
 package test
 import (
 	"blackforestbytes.com/simplecloudnotifier/push"
 	tt "blackforestbytes.com/simplecloudnotifier/test/util"
 	"fmt"
 	"github.com/gin-gonic/gin"
 	"testing"
 )
 func TestShoutrrrBasic(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitSingleData(t, ws)
 	pusher := ws.Pusher.(*push.TestSink)
 	suffix := fmt.Sprintf("/external/v1/shoutrrr?key=%v", data.SendKey)
 	_ = tt.RequestPost[gin.H](t, baseUrl, suffix, gin.H{
 		"title":   "Test Title",
 		"message": "Test Message Content",
 	})
 	tt.AssertEqual(t, "messageCount", 1, len(pusher.Data))
 	tt.AssertStrRepEqual(t, "msg.title", "Test Title", pusher.Last().Message.Title)
 	tt.AssertStrRepEqual(t, "msg.content", "Test Message Content", pusher.Last().Message.Content)
 	type mglist struct {
 		Messages []gin.H `json:"messages"`
 	}
 	msgList1 := tt.RequestAuthGet[mglist](t, data.AdminKey, baseUrl, "/api/v2/messages")
 	tt.AssertEqual(t, "len(messages)", 1, len(msgList1.Messages))
 	tt.AssertStrRepEqual(t, "msg.title", "Test Title", msgList1.Messages[0]["title"])
 	tt.AssertStrRepEqual(t, "msg.content", "Test Message Content", msgList1.Messages[0]["content"])
 }
 func TestShoutrrrChannelNone(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitSingleData(t, ws)
 	pusher := ws.Pusher.(*push.TestSink)
 	suffix := fmt.Sprintf("/external/v1/shoutrrr?key=%v", data.SendKey)
 	_ = tt.RequestPost[gin.H](t, baseUrl, suffix, gin.H{
 		"title":   "Test Title",
 		"message": "Test Message",
 	})
 	tt.AssertEqual(t, "messageCount", 1, len(pusher.Data))
 	tt.AssertStrRepEqual(t, "msg.channel", "main", pusher.Last().Message.ChannelInternalName)
 }
 func TestShoutrrrChannelCustom(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitSingleData(t, ws)
 	pusher := ws.Pusher.(*push.TestSink)
 	suffix := fmt.Sprintf("/external/v1/shoutrrr?key=%v&channel=CTEST", data.SendKey)
 	_ = tt.RequestPost[gin.H](t, baseUrl, suffix, gin.H{
 		"title":   "Test Title",
 		"message": "Test Message",
 	})
 	tt.AssertEqual(t, "messageCount", 1, len(pusher.Data))
 	tt.AssertStrRepEqual(t, "msg.channel", "CTEST", pusher.Last().Message.ChannelInternalName)
 }
 func TestShoutrrrPriorityNone(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitSingleData(t, ws)
 	pusher := ws.Pusher.(*push.TestSink)
 	suffix := fmt.Sprintf("/external/v1/shoutrrr?key=%v", data.SendKey)
 	_ = tt.RequestPost[gin.H](t, baseUrl, suffix, gin.H{
 		"title":   "Test Title",
 		"message": "Test Message",
 	})
 	tt.AssertEqual(t, "messageCount", 1, len(pusher.Data))
 	tt.AssertStrRepEqual(t, "msg.priority", 1, pusher.Last().Message.Priority)
 }
 func TestShoutrrrPrioritySingle(t *testing.T) {
 	ws, baseUrl, stop := tt.StartSimpleWebserver(t)
 	defer stop()
 	data := tt.InitSingleData(t, ws)
 	pusher := ws.Pusher.(*push.TestSink)
 	suffix0 := fmt.Sprintf("/external/v1/shoutrrr?key=%v&priority=0", data.SendKey)
 	_ = tt.RequestPost[gin.H](t, baseUrl, suffix0, gin.H{
 		"title":   "Test Title",
 		"message": "Test Message",
 	})
 	tt.AssertEqual(t, "messageCount", 1, len(pusher.Data))
 	tt.AssertStrRepEqual(t, "msg.prio", 0, pusher.Last().Message.Priority)
 	suffix1 := fmt.Sprintf("/external/v1/shoutrrr?key=%v&priority=1", data.SendKey)
 	_ = tt.RequestPost[gin.H](t, baseUrl, suffix1, gin.H{
 		"title":   "Test Title",
 		"message": "Test Message",
 	})
 	tt.AssertEqual(t, "messageCount", 2, len(pusher.Data))
 	tt.AssertStrRepEqual(t, "msg.prio", 1, pusher.Last().Message.Priority)
 	suffix2 := fmt.Sprintf("/external/v1/shoutrrr?key=%v&priority=2", data.SendKey)
 	_ = tt.RequestPost[gin.H](t, baseUrl, suffix2, gin.H{
 		"title":   "Test Title",
 		"message": "Test Message",
 	})
 	tt.AssertEqual(t, "messageCount", 3, len(pusher.Data))
 	tt.AssertStrRepEqual(t, "msg.prio", 2, pusher.Last().Message.Priority)
 }
--- a/scnserver/test/user_test.go
+++ b/scnserver/test/user_test.go
@@ -402,7 +402,6 @@ func TestUserMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1001, 1),
 	})
@@ -411,7 +410,6 @@ func TestUserMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1002, 1),
 	})
@@ -419,17 +417,14 @@ func TestUserMessageCounter(t *testing.T) {
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1003, 1),
 	})
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1004, 1),
 	})
 	tt.RequestPost[gin.H](t, baseUrl, "/", gin.H{
 		"key":   admintok,
 		"user_id": uid,
 		"title": tt.ShortLipsum(1005, 1),
 	})
--- a/scnserver/test/util/factory.go
+++ b/scnserver/test/util/factory.go
@@ -1,15 +1,16 @@
 package util
 import (
 	"blackforestbytes.com/simplecloudnotifier/logic"
 	"fmt"
 	"testing"
 	"time"
 	"blackforestbytes.com/simplecloudnotifier/logic"
 	"git.blackforestbytes.com/BlackForestBytes/goext/langext"
 	"git.blackforestbytes.com/BlackForestBytes/goext/timeext"
 	"github.com/gin-gonic/gin"
 	"github.com/rs/zerolog/log"
 	"gopkg.in/loremipsum.v1"
 	"testing"
 	"time"
 )
 // # Generated by https://chat.openai.com/chat
@@ -393,7 +394,6 @@ func InitDefaultData(t *testing.T, ws *logic.Application) DefData {
 	for _, mex := range messageExamples {
 		body := gin.H{}
 		body["title"] = mex.Title
 		body["user_id"] = users[mex.User].UID
 		switch mex.Key {
 		case AKEY:
 			body["key"] = users[mex.User].AdminKey
--- a/scnserver/website/api.html
+++ b/scnserver/website/api.html
@@ -19,10 +19,9 @@
        <a tabindex="-1" href="/" class="linkcaption"><h1>Simple Cloud Notifier</h1></a>
-        <p>Get your user-id and user-key from the android or iOS app.<br/>And send notifications to your phone by performing a POST request against <code>{{config|baseURL}}/</code> from anywhere</p>
+        <p>Get your user-key from the android or iOS app.<br/>And send notifications to your phone by performing a POST request against <code>{{config|baseURL}}/</code> from anywhere</p>
        <pre>
 curl                                                                        \
    --data "user_id=${userid}"                                              \
    --data "key=${key}"                                                     \
    --data "title=${message_title}"                                         \
    --data "content=${message_body}"                                        \
@@ -35,7 +34,6 @@ curl                                                                        \
    <p>Most parameters are optional, you can send a message with only a title (default priority and channel will be used)</p>
        <pre>
 curl                                          \
    --data "user_id={userid}"                 \
    --data "key={key}"                        \
    --data "title={message_title}"            \
    {{config|baseURL}}/</pre>
--- a/scnserver/website/api_more.html
+++ b/scnserver/website/api_more.html
@@ -52,7 +52,7 @@
                All Parameters can either directly be submitted as URL parameters or they can be put into the POST body (either multipart/form-data or JSON).
            </p>
            <p>
-                You <i>need</i> to supply a valid <code>[user_id, key]</code> pair and a <code>title</code> for your message, all other parameter are optional.
+                You <i>need</i> to supply a valid <code>key</code> and a <code>title</code> for your message, all other parameter are optional.
            </p>
        </div>
@@ -90,7 +90,7 @@
                </tr>
                <tr>
                    <td data-label="Statuscode">401 (Unauthorized)</td>
-                    <td data-label="Explanation">The user_id was not found, the key is wrong or the [user_id, key] combination does not have the SEND permissions on the specified channel</td>
+                    <td data-label="Explanation">The key is wrong or does not have the SEND permissions on the specified channel</td>
                </tr>
                <tr>
                    <td data-label="Statuscode">403 (Forbidden)</td>
@@ -125,7 +125,6 @@
               If needed the content can be supplied in the <code>content</code> parameter.
            </p>
            <pre>curl                                          \
    --data "user_id={userid}"                 \
    --data "key={key}"                        \
    --data "title={message_title}"            \
    --data "content={message_content}"        \
@@ -143,7 +142,6 @@
                If no priority is supplied the message will get the default priority of 1.
            </p>
            <pre>curl                                          \
    --data "user_id={userid}"                 \
    --data "key={key}"                        \
    --data "title={message_title}"            \
    --data "priority={0|1|2}"                 \
@@ -158,7 +156,6 @@
                Channel names are case-insensitive and can only contain letters, numbers, underscores and minuses ( <code>/[[:alnum:]\-_]+/</code> )
            </p>
            <pre>curl                                          \
    --data "user_id={userid}"                 \
    --data "key={key}"                        \
    --data "title={message_title}"            \
    --data "channel={my_channel}"             \
@@ -229,7 +226,6 @@
                The message_id is optional - but if you want to use it you need to supply it via the <code>msg_id</code> parameter.
            </p>
            <pre>curl                                          \
    --data "user_id={userid}"                 \
    --data "key={key}"                        \
    --data "title={message_title}"            \
    --data "msg_id={message_id}"              \
@@ -248,7 +244,6 @@
                The custom timestamp must be within 48 hours of the current time. This parameter is only intended to supply a more precise value in case the message sending was delayed.
            </p>
            <pre>curl                                          \
    --data "user_id={userid}"                 \
    --data "key={key}"                        \
    --data "title={message_title}"            \
    --data "timestamp={unix_timestamp}"       \
--- a/scnserver/website/index.html
+++ b/scnserver/website/index.html
@@ -21,11 +21,6 @@
        <a tabindex="-1" href="/" class="linkcaption"><h1>Simple Cloud Notifier</h1></a>
 		<div class="row responsive-label">
 			<div class="col-sm-12 col-md-3"><label for="uid" class="doc">UserID</label></div>
 			<div class="col-sm-12 col-md"><input placeholder="UserID" id="uid" class="doc" type="text" pattern="USR[A-Za-z0-9]{21}"></div>
 		</div>
 		<div class="row responsive-label">
 			<div class="col-sm-12 col-md-3"><label for="ukey" class="doc">Authentification Key</label></div>
 			<div class="col-sm-12 col-md"><input placeholder="Key" id="ukey" class="doc" type="text" pattern="[A-Za-z0-9]{64}"></div>
--- a/scnserver/website/js/logic.js
+++ b/scnserver/website/js/logic.js
@@ -8,20 +8,17 @@ function send()
 	me.classList.add("btn-disabled");
 	let uid = document.getElementById("uid");
 	let key = document.getElementById("ukey");
 	let tit = document.getElementById("tit");
 	let cnt = document.getElementById("cnt");
 	let pio = document.getElementById("prio");
 	let cha = document.getElementById("chan");
 	uid.classList.remove('input-invalid');
 	key.classList.remove('input-invalid');
 	cnt.classList.remove('input-invalid');
 	pio.classList.remove('input-invalid');
 	let data = new FormData();
 	data.append('user_id', uid.value);
 	data.append('key', key.value);
 	if (tit.value !== '') data.append('title', tit.value);
 	if (cnt.value !== '') data.append('content', cnt.value);
@@ -40,7 +37,6 @@ function send()
 			let resp = JSON.parse(xhr.responseText);
 			if (!resp.success || xhr.status !== 200)
 			{
 				if (resp.errhighlight === 101) uid.classList.add('input-invalid');
 				if (resp.errhighlight === 102) key.classList.add('input-invalid');
 				if (resp.errhighlight === 103) tit.classList.add('input-invalid');
 				if (resp.errhighlight === 104) cnt.classList.add('input-invalid');
@@ -63,7 +59,6 @@ function send()
 					'&quota=' + resp.quota +
 					'&quota_remain=' + (resp.quota_max-resp.quota) +
 					'&quota_max=' + resp.quota_max +
 					'&preset_user_id=' + uid.value +
 					'&preset_user_key=' + key.value +
 					'&preset_channel=' + cha.value;
 			}
@@ -89,7 +84,6 @@ window.addEventListener("load", function ()
 	const qp = new URLSearchParams(window.location.search);
 	let btn = document.getElementById("btnSend");
 	let uid = document.getElementById("uid");
 	let key = document.getElementById("ukey");
 	let tit = document.getElementById("tit");
 	let cnt = document.getElementById("cnt");
@@ -100,7 +94,6 @@ window.addEventListener("load", function ()
 	if (qp.has('preset_priority')) pio.selectedIndex = parseInt(qp.get("preset_priority"));
 	if (qp.has('preset_user_key')) key.value         =          qp.get("preset_user_key");
 	if (qp.has('preset_user_id'))  uid.value         =          qp.get("preset_user_id");
 	if (qp.has('preset_title'))    tit.value         =          qp.get("preset_title");
 	if (qp.has('preset_content'))  cnt.value         =          qp.get("preset_content");
 	if (qp.has('preset_channel'))  cha.value         =          qp.get("preset_channel");
--- a/webapp/.dockerignore
+++ b/webapp/.dockerignore
@@ -0,0 +1,11 @@
 node_modules
 dist
 .git
 .gitignore
 *.md
 .angular
 .vscode
 .idea
 *.log
 Dockerfile
 .dockerignore
--- a/webapp/.editorconfig
+++ b/webapp/.editorconfig
@@ -0,0 +1,17 @@
 # Editor configuration, see https://editorconfig.org
 root = true
 [*]
 charset = utf-8
 indent_style = space
 indent_size = 2
 insert_final_newline = true
 trim_trailing_whitespace = true
 [*.ts]
 quote_type = single
 ij_typescript_use_double_quotes = false
 [*.md]
 max_line_length = off
 trim_trailing_whitespace = false
--- a/webapp/.gitignore
+++ b/webapp/.gitignore
@@ -0,0 +1,45 @@
 .vscode
 # See https://docs.github.com/get-started/getting-started-with-git/ignoring-files for more about ignoring files.
 # Compiled output
 /dist
 /tmp
 /out-tsc
 /bazel-out
 # Node
 /node_modules
 npm-debug.log
 yarn-error.log
 # IDEs and editors
 .idea/
 .project
 .classpath
 .c9/
 *.launch
 .settings/
 *.sublime-workspace
 # Visual Studio Code
 .vscode/*
 !.vscode/settings.json
 !.vscode/tasks.json
 !.vscode/launch.json
 !.vscode/extensions.json
 .history/*
 # Miscellaneous
 /.angular/cache
 .sass-cache/
 /connect.lock
 /coverage
 /libpeerconnection.log
 testem.log
 /typings
 # System files
 .DS_Store
 Thumbs.db
--- a/webapp/.nvmrc
+++ b/webapp/.nvmrc
@@ -0,0 +1 @@
 22
--- a/webapp/CLAUDE.md
+++ b/webapp/CLAUDE.md
@@ -0,0 +1,50 @@
 # CLAUDE.md
 This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
 ## Project Overview
 This is the web application for SimpleCloudNotifier (SCN), a push notification service. It's an Angular 19 standalone component-based SPA using ng-zorro-antd (Ant Design) for UI components.
 ## Common Commands
 - `npm start` - Start development server
 - `npm run build` - Production build (outputs to `dist/scn-webapp`)
 - `npm run watch` - Development build with watch mode
 - `npm test` - Run tests with Karma
 ## Architecture
 ### Application Structure
 The app follows a feature-based module organization with standalone components:
 - `src/app/core/` - Singleton services, guards, interceptors, and data models
 - `src/app/features/` - Feature modules (messages, channels, subscriptions, keys, clients, senders, account, auth)
 - `src/app/shared/` - Reusable components, directives, and pipes
 - `src/app/layout/` - Main layout component with sidebar navigation
 ### Key Patterns
 **Authentication**: Uses a custom `SCN` token scheme. Credentials (user_id and admin_key) are stored in localStorage and attached via `authInterceptor`. The `authGuard` protects all routes except `/login`.
 **API Communication**: All API calls go through `ApiService` (`src/app/core/services/api.service.ts`). The base URL is configured in `src/environments/environment.ts`.
 **State Management**: Uses Angular signals throughout. No external state library - each component manages its own state with signals.
 **Routing**: Lazy-loaded standalone components. All authenticated routes are children of `MainLayoutComponent`.
 ### Data Models
 Models in `src/app/core/models/` correspond to SCN API entities:
 - User, Message, Channel, Subscription, KeyToken, Client, SenderName
 ### UI Framework
 Uses ng-zorro-antd with explicit icon imports in `app.config.ts`. Icons must be added to the `icons` array before use.
 ### Project Configuration
 - SCSS for styling
 - Strict TypeScript (`strict: true`)
 - Component generation skips tests by default (configured in `angular.json`)
--- a/webapp/Dockerfile
+++ b/webapp/Dockerfile
@@ -0,0 +1,20 @@
 # Build stage
 FROM node:22-alpine AS build
 WORKDIR /app
 COPY package.json package-lock.json ./
 RUN npm ci
 COPY . .
 RUN npm run build
 # Production stage
 FROM nginx:alpine
 COPY --from=build /app/dist/scn-webapp/browser /usr/share/nginx/html
 COPY nginx.conf /etc/nginx/conf.d/default.conf
 EXPOSE 80
 CMD ["nginx", "-g", "daemon off;"]
--- a/webapp/Makefile
+++ b/webapp/Makefile
@@ -0,0 +1,40 @@
 DOCKER_REPO="registry.blackforestbytes.com"
 DOCKER_NAME=mikescher/simplecloudnotifier-webapp
 NAMESPACE=$(shell git rev-parse --abbrev-ref HEAD)
 HASH=$(shell git rev-parse HEAD)
 run:
 	. ${HOME}/.nvm/nvm.sh && nvm use && npm i && npm run start
 setup:
 	npm install
 build:
 	npm install
 	npm run build:loc
 clean:
 	rm -rf ./node_modules
 	rm -rf ./dist
 docker:
 	docker build \
 	   -t $(DOCKER_NAME):$(HASH) \
 	   -t $(DOCKER_NAME):$(NAMESPACE)-latest \
 	   -t $(DOCKER_NAME):latest \
 	   -t $(DOCKER_REPO)/$(DOCKER_NAME):$(HASH) \
 	   -t $(DOCKER_REPO)/$(DOCKER_NAME):$(NAMESPACE)-latest \
 	   -t $(DOCKER_REPO)/$(DOCKER_NAME):latest \
 	   -f Dockerfile \
 	   .
 push-docker:
 	docker image push $(DOCKER_REPO)/$(DOCKER_NAME):$(HASH)
 	docker image push $(DOCKER_REPO)/$(DOCKER_NAME):$(NAMESPACE)-latest
 	docker image push $(DOCKER_REPO)/$(DOCKER_NAME):latest
 lint:
 	. ${HOME}/.nvm/nvm.sh && nvm use && npx eslint .
--- a/webapp/angular.json
+++ b/webapp/angular.json
@@ -0,0 +1,100 @@
 {
  "$schema": "./node_modules/@angular/cli/lib/config/schema.json",
  "version": 1,
  "newProjectRoot": "projects",
  "projects": {
    "scn-webapp": {
      "projectType": "application",
      "schematics": {
        "@schematics/angular:component": {
          "style": "scss",
          "skipTests": true
        },
        "@schematics/angular:class": {
          "skipTests": true
        },
        "@schematics/angular:directive": {
          "skipTests": true
        },
        "@schematics/angular:guard": {
          "skipTests": true
        },
        "@schematics/angular:interceptor": {
          "skipTests": true
        },
        "@schematics/angular:pipe": {
          "skipTests": true
        },
        "@schematics/angular:resolver": {
          "skipTests": true
        },
        "@schematics/angular:service": {
          "skipTests": true
        }
      },
      "root": "",
      "sourceRoot": "src",
      "prefix": "app",
      "architect": {
        "build": {
          "builder": "@angular-devkit/build-angular:application",
          "options": {
            "outputPath": "dist/scn-webapp",
            "index": "src/index.html",
            "browser": "src/main.ts",
            "polyfills": [
              "zone.js"
            ],
            "tsConfig": "tsconfig.app.json",
            "inlineStyleLanguage": "scss",
            "assets": [
              {"input": "src/assets", "output": ".", "glob": "**/*" }
            ],
            "styles": [
              "src/styles.scss"
            ],
            "scripts": []
          },
          "configurations": {
            "production": {
              "budgets": [
                {
                  "type": "initial",
                  "maximumWarning": "1.5MB",
                  "maximumError": "2MB"
                },
                {
                  "type": "anyComponentStyle",
                  "maximumWarning": "8kB",
                  "maximumError": "16kB"
                }
              ],
              "allowedCommonJsDependencies": [
                "qrcode"
              ],
              "outputHashing": "all"
            },
            "development": {
              "optimization": false,
              "extractLicenses": false,
              "sourceMap": true
            }
          },
          "defaultConfiguration": "production"
        },
        "serve": {
          "builder": "@angular-devkit/build-angular:dev-server",
          "configurations": {
            "production": {
              "buildTarget": "scn-webapp:build:production"
            },
            "development": {
              "buildTarget": "scn-webapp:build:development"
            }
          },
          "defaultConfiguration": "development"
        }
      }
    }
  }
 }
--- a/webapp/nginx.conf
+++ b/webapp/nginx.conf
@@ -0,0 +1,15 @@
 server {
    listen 80;
    server_name localhost;
    root /usr/share/nginx/html;
    index index.html;
    location / {
        try_files $uri $uri/ /index.html;
    }
    location ~* \.(?:css|js|map|jpe?g|png|gif|ico|svg|woff2?|ttf|eot)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }
 }
--- a/webapp/package-lock.json
+++ b/webapp/package-lock.json
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -0,0 +1,41 @@
 {
  "name": "scn-webapp",
  "version": "0.0.0",
  "scripts": {
    "ng": "ng",
    "start": "ng serve",
    "build": "ng build",
    "watch": "ng build --watch --configuration development",
    "test": "ng test"
  },
  "private": true,
  "dependencies": {
    "@angular/common": "^19.2.0",
    "@angular/compiler": "^19.2.0",
    "@angular/core": "^19.2.0",
    "@angular/forms": "^19.2.0",
    "@angular/platform-browser": "^19.2.0",
    "@angular/platform-browser-dynamic": "^19.2.0",
    "@angular/router": "^19.2.0",
    "@types/qrcode": "^1.5.6",
    "date-fns": "^4.1.0",
    "ng-zorro-antd": "^19.3.1",
    "qrcode": "^1.5.4",
    "rxjs": "~7.8.0",
    "tslib": "^2.3.0",
    "zone.js": "~0.15.0"
  },
  "devDependencies": {
    "@angular-devkit/build-angular": "^19.2.19",
    "@angular/cli": "^19.2.19",
    "@angular/compiler-cli": "^19.2.0",
    "@types/jasmine": "~5.1.0",
    "jasmine-core": "~5.6.0",
    "karma": "~6.4.0",
    "karma-chrome-launcher": "~3.2.0",
    "karma-coverage": "~2.2.0",
    "karma-jasmine": "~5.1.0",
    "karma-jasmine-html-reporter": "~2.1.0",
    "typescript": "~5.7.2"
  }
 }
--- a/webapp/src/app/app.component.ts
+++ b/webapp/src/app/app.component.ts
@@ -0,0 +1,12 @@
 import { Component } from '@angular/core';
 import { RouterOutlet } from '@angular/router';
 import { NzMessageModule } from 'ng-zorro-antd/message';
@Component({
  selector: 'app-root',
  standalone: true,
  imports: [RouterOutlet, NzMessageModule],
  template: `<router-outlet></router-outlet>`,
  styles: []
 })
 export class AppComponent {}
--- a/webapp/src/app/app.config.ts
+++ b/webapp/src/app/app.config.ts
@@ -0,0 +1,105 @@
 import { ApplicationConfig, provideZoneChangeDetection, importProvidersFrom } from '@angular/core';
 import { provideRouter } from '@angular/router';
 import { provideHttpClient, withInterceptors } from '@angular/common/http';
 import { provideAnimationsAsync } from '@angular/platform-browser/animations/async';
 import { en_US, provideNzI18n } from 'ng-zorro-antd/i18n';
 import { registerLocaleData } from '@angular/common';
 import en from '@angular/common/locales/en';
 import { provideNzIcons } from 'ng-zorro-antd/icon';
 import { IconDefinition } from '@ant-design/icons-angular';
 import {
  MenuFoldOutline,
  MenuUnfoldOutline,
  DashboardOutline,
  MailOutline,
  KeyOutline,
  TeamOutline,
  UserOutline,
  SettingOutline,
  LogoutOutline,
  SendOutline,
  BellOutline,
  CopyOutline,
  QrcodeOutline,
  DeleteOutline,
  EditOutline,
  PlusOutline,
  CheckOutline,
  CloseOutline,
  SearchOutline,
  FilterOutline,
  ReloadOutline,
  EyeOutline,
  EyeInvisibleOutline,
  AndroidOutline,
  AppleOutline,
  WindowsOutline,
  DesktopOutline,
  LinkOutline,
  InfoCircleOutline,
  ExclamationCircleOutline,
  CheckCircleOutline,
  UserAddOutline,
  UserDeleteOutline,
  PauseCircleOutline,
  PlayCircleOutline,
  StopOutline,
  ArrowLeftOutline,
 } from '@ant-design/icons-angular/icons';
 import { routes } from './app.routes';
 import { authInterceptor } from './core/interceptors/auth.interceptor';
 import { errorInterceptor } from './core/interceptors/error.interceptor';
 registerLocaleData(en);
 const icons: IconDefinition[] = [
  MenuFoldOutline,
  MenuUnfoldOutline,
  DashboardOutline,
  MailOutline,
  KeyOutline,
  TeamOutline,
  UserOutline,
  SettingOutline,
  LogoutOutline,
  SendOutline,
  BellOutline,
  CopyOutline,
  QrcodeOutline,
  DeleteOutline,
  EditOutline,
  PlusOutline,
  CheckOutline,
  CloseOutline,
  SearchOutline,
  FilterOutline,
  ReloadOutline,
  EyeOutline,
  EyeInvisibleOutline,
  AndroidOutline,
  AppleOutline,
  WindowsOutline,
  DesktopOutline,
  LinkOutline,
  InfoCircleOutline,
  ExclamationCircleOutline,
  CheckCircleOutline,
  UserAddOutline,
  UserDeleteOutline,
  PauseCircleOutline,
  PlayCircleOutline,
  StopOutline,
  ArrowLeftOutline,
 ];
 export const appConfig: ApplicationConfig = {
  providers: [
    provideZoneChangeDetection({ eventCoalescing: true }),
    provideRouter(routes),
    provideHttpClient(withInterceptors([authInterceptor, errorInterceptor])),
    provideAnimationsAsync(),
    provideNzI18n(en_US),
    provideNzIcons(icons),
  ]
 };
--- a/webapp/src/app/app.routes.ts
+++ b/webapp/src/app/app.routes.ts
@@ -0,0 +1,67 @@
 import { Routes } from '@angular/router';
 import { authGuard } from './core/guards/auth.guard';
 import { MainLayoutComponent } from './layout/main-layout/main-layout.component';
 export const routes: Routes = [
  {
    path: 'login',
    loadComponent: () => import('./features/auth/login/login.component').then(m => m.LoginComponent)
  },
  {
    path: '',
    component: MainLayoutComponent,
    canActivate: [authGuard],
    children: [
      { path: '', redirectTo: 'messages', pathMatch: 'full' },
      {
        path: 'messages',
        loadComponent: () => import('./features/messages/message-list/message-list.component').then(m => m.MessageListComponent)
      },
      {
        path: 'messages/:id',
        loadComponent: () => import('./features/messages/message-detail/message-detail.component').then(m => m.MessageDetailComponent)
      },
      {
        path: 'channels',
        loadComponent: () => import('./features/channels/channel-list/channel-list.component').then(m => m.ChannelListComponent)
      },
      {
        path: 'channels/:id',
        loadComponent: () => import('./features/channels/channel-detail/channel-detail.component').then(m => m.ChannelDetailComponent)
      },
      {
        path: 'subscriptions',
        loadComponent: () => import('./features/subscriptions/subscription-list/subscription-list.component').then(m => m.SubscriptionListComponent)
      },
      {
        path: 'subscriptions/:id',
        loadComponent: () => import('./features/subscriptions/subscription-detail/subscription-detail.component').then(m => m.SubscriptionDetailComponent)
      },
      {
        path: 'keys',
        loadComponent: () => import('./features/keys/key-list/key-list.component').then(m => m.KeyListComponent)
      },
      {
        path: 'keys/:id',
        loadComponent: () => import('./features/keys/key-detail/key-detail.component').then(m => m.KeyDetailComponent)
      },
      {
        path: 'clients',
        loadComponent: () => import('./features/clients/client-list/client-list.component').then(m => m.ClientListComponent)
      },
      {
        path: 'clients/:id',
        loadComponent: () => import('./features/clients/client-detail/client-detail.component').then(m => m.ClientDetailComponent)
      },
      {
        path: 'senders',
        loadComponent: () => import('./features/senders/sender-list/sender-list.component').then(m => m.SenderListComponent)
      },
      {
        path: 'account',
        loadComponent: () => import('./features/account/account-info/account-info.component').then(m => m.AccountInfoComponent)
      },
    ]
  },
  { path: '**', redirectTo: 'messages' }
 ];
--- a/webapp/src/app/core/guards/auth.guard.ts
+++ b/webapp/src/app/core/guards/auth.guard.ts
@@ -0,0 +1,15 @@
 import { inject } from '@angular/core';
 import { Router, CanActivateFn } from '@angular/router';
 import { AuthService } from '../services/auth.service';
 export const authGuard: CanActivateFn = (route, state) => {
  const authService = inject(AuthService);
  const router = inject(Router);
  if (authService.isAuthenticated()) {
    return true;
  }
  router.navigate(['/login'], { queryParams: { returnUrl: state.url } });
  return false;
 };
--- a/webapp/src/app/core/interceptors/auth.interceptor.ts
+++ b/webapp/src/app/core/interceptors/auth.interceptor.ts
@@ -0,0 +1,19 @@
 import { HttpInterceptorFn } from '@angular/common/http';
 import { inject } from '@angular/core';
 import { AuthService } from '../services/auth.service';
 export const authInterceptor: HttpInterceptorFn = (req, next) => {
  const authService = inject(AuthService);
  const authHeader = authService.getAuthHeader();
  if (authHeader) {
    const clonedReq = req.clone({
      setHeaders: {
        Authorization: authHeader
      }
    });
    return next(clonedReq);
  }
  return next(req);
 };
--- a/webapp/src/app/core/interceptors/error.interceptor.ts
+++ b/webapp/src/app/core/interceptors/error.interceptor.ts
@@ -0,0 +1,35 @@
 import { HttpInterceptorFn, HttpErrorResponse } from '@angular/common/http';
 import { inject } from '@angular/core';
 import { Router } from '@angular/router';
 import { catchError, throwError } from 'rxjs';
 import { AuthService } from '../services/auth.service';
 import { NotificationService } from '../services/notification.service';
 import { isApiError } from '../models';
 export const errorInterceptor: HttpInterceptorFn = (req, next) => {
  const router = inject(Router);
  const authService = inject(AuthService);
  const notification = inject(NotificationService);
  return next(req).pipe(
    catchError((error: HttpErrorResponse) => {
      if (error.status === 401) {
        authService.logout();
        router.navigate(['/login']);
        notification.error('Session expired. Please login again.');
      } else if (error.status === 403) {
        notification.error('Access denied. Insufficient permissions.');
      } else if (error.status === 404) {
        notification.error('Resource not found.');
      } else if (error.status >= 500) {
        notification.error('Server error. Please try again later.');
      } else if (error.error && isApiError(error.error)) {
        notification.error(error.error.message);
      } else {
        notification.error('An unexpected error occurred.');
      }
      return throwError(() => error);
    })
  );
 };
--- a/webapp/src/app/core/models/api-response.model.ts
+++ b/webapp/src/app/core/models/api-response.model.ts
@@ -0,0 +1,15 @@
 export interface ApiError {
  success: false;
  error: number;
  errhighlight: number;
  message: string;
 }
 export function isApiError(response: unknown): response is ApiError {
  return (
    typeof response === 'object' &&
    response !== null &&
    'success' in response &&
    (response as ApiError).success === false
  );
 }
--- a/webapp/src/app/core/models/channel.model.ts
+++ b/webapp/src/app/core/models/channel.model.ts
@@ -0,0 +1,41 @@
 import { Subscription } from './subscription.model';
 export interface Channel {
  channel_id: string;
  owner_user_id: string;
  internal_name: string;
  display_name: string;
  description_name: string | null;
  subscribe_key?: string;
  timestamp_created: string;
  timestamp_lastsent: string | null;
  messages_sent: number;
 }
 export interface ChannelWithSubscription extends Channel {
  subscription: Subscription | null;
 }
 export interface ChannelPreview {
  channel_id: string;
  owner_user_id: string;
  internal_name: string;
  display_name: string;
 }
 export type ChannelSelector = 'owned' | 'subscribed' | 'all' | 'subscribed_any' | 'all_any';
 export interface CreateChannelRequest {
  name: string;
  subscribe?: boolean;
 }
 export interface UpdateChannelRequest {
  display_name?: string;
  description_name?: string;
  subscribe_key?: boolean;  // RefreshSubscribeKey
 }
 export interface ChannelListResponse {
  channels: ChannelWithSubscription[];
 }
--- a/webapp/src/app/core/models/client.model.ts
+++ b/webapp/src/app/core/models/client.model.ts
@@ -0,0 +1,33 @@
 export type ClientType = 'ANDROID' | 'IOS' | 'LINUX' | 'MACOS' | 'WINDOWS';
 export interface Client {
  client_id: string;
  user_id: string;
  type: ClientType;
  fcm_token: string;
  timestamp_created: string;
  agent_model: string;
  agent_version: string;
  name: string | null;
 }
 export interface ClientListResponse {
  clients: Client[];
 }
 export function getClientTypeIcon(type: ClientType): string {
  switch (type) {
    case 'ANDROID':
      return 'android';
    case 'IOS':
      return 'apple';
    case 'MACOS':
      return 'apple';
    case 'WINDOWS':
      return 'windows';
    case 'LINUX':
      return 'desktop';
    default:
      return 'desktop';
  }
 }
--- a/webapp/src/app/core/models/delivery.model.ts
+++ b/webapp/src/app/core/models/delivery.model.ts
@@ -0,0 +1,18 @@
 export type DeliveryStatus = 'RETRY' | 'SUCCESS' | 'FAILED';
 export interface Delivery {
  delivery_id: string;
  message_id: string;
  receiver_user_id: string;
  receiver_client_id: string;
  timestamp_created: string;
  timestamp_finalized: string | null;
  status: DeliveryStatus;
  retry_count: number;
  next_delivery: string | null;
  fcm_message_id: string | null;
 }
 export interface DeliveryListResponse {
  deliveries: Delivery[];
 }
--- a/webapp/src/app/core/models/index.ts
+++ b/webapp/src/app/core/models/index.ts
@@ -0,0 +1,9 @@
 export * from './user.model';
 export * from './message.model';
 export * from './channel.model';
 export * from './subscription.model';
 export * from './key-token.model';
 export * from './client.model';
 export * from './sender-name.model';
 export * from './delivery.model';
 export * from './api-response.model';
--- a/webapp/src/app/core/models/key-token.model.ts
+++ b/webapp/src/app/core/models/key-token.model.ts
@@ -0,0 +1,51 @@
 export interface KeyToken {
  keytoken_id: string;
  name: string;
  timestamp_created: string;
  timestamp_lastused: string | null;
  owner_user_id: string;
  all_channels: boolean;
  channels: string[];
  token?: string;
  permissions: string;
  messages_sent: number;
 }
 export interface KeyTokenPreview {
  keytoken_id: string;
  name: string;
 }
 export type TokenPermission = 'A' | 'CR' | 'CS' | 'UR';
 export interface CreateKeyRequest {
  name: string;
  permissions: string;
  all_channels?: boolean;
  channels?: string[];
 }
 export interface UpdateKeyRequest {
  name?: string;
  permissions?: string;
  all_channels?: boolean;
  channels?: string[];
 }
 export interface KeyListResponse {
  keys: KeyToken[];
 }
 export function parsePermissions(permissions: string): TokenPermission[] {
  if (!permissions) return [];
  return permissions.split(';').filter(p => p) as TokenPermission[];
 }
 export function hasPermission(permissions: string, required: TokenPermission): boolean {
  const perms = parsePermissions(permissions);
  return perms.includes(required) || perms.includes('A');
 }
 export function isAdminKey(key: KeyToken): boolean {
  return hasPermission(key.permissions, 'A');
 }
--- a/webapp/src/app/core/models/message.model.ts
+++ b/webapp/src/app/core/models/message.model.ts
@@ -0,0 +1,37 @@
 export interface Message {
  message_id: string;
  sender_user_id: string;
  channel_internal_name: string;
  channel_owner_user_id: string;
  channel_id: string;
  sender_name: string | null;
  sender_ip: string;
  timestamp: string;
  title: string;
  content: string | null;
  priority: number;
  usr_message_id: string | null;
  used_key_id: string;
  trimmed: boolean;
 }
 export interface MessageListParams {
  after?: string;
  before?: string;
  channel_id?: string[];
  priority?: number[];
  search?: string;
  sender?: string[];
  subscription_status?: 'all' | 'confirmed' | 'unconfirmed';
  used_key?: string;
  trimmed?: boolean;
  page_size?: number;
  next_page_token?: string;
 }
 export interface MessageListResponse {
  messages: Message[];
  next_page_token: string;
  page_size: number;
  total_count: number;
 }
--- a/webapp/src/app/core/models/sender-name.model.ts
+++ b/webapp/src/app/core/models/sender-name.model.ts
@@ -0,0 +1,10 @@
 export interface SenderNameStatistics {
  name: string;
  first_timestamp: string;
  last_timestamp: string;
  count: number;
 }
 export interface SenderNameListResponse {
  sender_names: SenderNameStatistics[];
 }
--- a/webapp/src/app/core/models/subscription.model.ts
+++ b/webapp/src/app/core/models/subscription.model.ts
@@ -0,0 +1,38 @@
 export interface Subscription {
  subscription_id: string;
  subscriber_user_id: string;
  channel_owner_user_id: string;
  channel_id: string;
  channel_internal_name: string;
  timestamp_created: string;
  confirmed: boolean;
  active: boolean;
 }
 export interface SubscriptionFilter {
  direction?: 'outgoing' | 'incoming' | 'both';
  confirmation?: 'all' | 'confirmed' | 'unconfirmed';
  external?: 'all' | 'true' | 'false';
  subscriber_user_id?: string;
  channel_owner_user_id?: string;
  next_page_token?: string;
  page_size?: number;
 }
 export interface CreateSubscriptionRequest {
  channel_id?: string;
  channel_owner_user_id?: string;
  channel_internal_name?: string;
 }
 export interface ConfirmSubscriptionRequest {
  confirmed?: boolean;
  active?: boolean;
 }
 export interface SubscriptionListResponse {
  subscriptions: Subscription[];
  next_page_token?: string;
  page_size: number;
  total_count: number;
 }
--- a/webapp/src/app/core/models/user.model.ts
+++ b/webapp/src/app/core/models/user.model.ts
@@ -0,0 +1,32 @@
 export interface User {
  user_id: string;
  username: string | null;
  timestamp_created: string;
  timestamp_lastread: string | null;
  timestamp_lastsent: string | null;
  messages_sent: number;
  is_pro: boolean;
  quota_used: number;
  quota_used_day: string | null;
 }
 export interface UserExtra {
  quota_remaining: number;
  quota_max: number;
  quota_used: number;
  default_channel: string;
  max_body_size: number;
  max_title_length: number;
  default_priority: number;
  max_channel_name_length: number;
  max_channel_description_length: number;
  max_sender_name_length: number;
  max_user_message_id_length: number;
 }
 export interface UserWithExtra extends User, UserExtra {}
 export interface UserPreview {
  user_id: string;
  username: string | null;
 }
--- a/webapp/src/app/core/services/api.service.ts
+++ b/webapp/src/app/core/services/api.service.ts
@@ -0,0 +1,215 @@
 import { Injectable, inject } from '@angular/core';
 import { HttpClient, HttpParams } from '@angular/common/http';
 import { Observable } from 'rxjs';
 import { environment } from '../../../environments/environment';
 import {
  User,
  UserWithExtra,
  UserPreview,
  Message,
  MessageListParams,
  MessageListResponse,
  Channel,
  ChannelWithSubscription,
  ChannelSelector,
  ChannelListResponse,
  CreateChannelRequest,
  UpdateChannelRequest,
  Subscription,
  SubscriptionFilter,
  SubscriptionListResponse,
  CreateSubscriptionRequest,
  ConfirmSubscriptionRequest,
  KeyToken,
  KeyListResponse,
  CreateKeyRequest,
  UpdateKeyRequest,
  Client,
  ClientListResponse,
  SenderNameStatistics,
  SenderNameListResponse,
  DeliveryListResponse,
 } from '../models';
@Injectable({
  providedIn: 'root'
 })
 export class ApiService {
  private http = inject(HttpClient);
  private baseUrl = environment.apiUrl;
  // User endpoints
  getUser(userId: string): Observable<UserWithExtra> {
    return this.http.get<UserWithExtra>(`${this.baseUrl}/users/${userId}`);
  }
  getUserPreview(userId: string): Observable<UserPreview> {
    return this.http.get<UserPreview>(`${this.baseUrl}/preview/users/${userId}`);
  }
  updateUser(userId: string, data: { username?: string; pro_token?: string }): Observable<User> {
    return this.http.patch<User>(`${this.baseUrl}/users/${userId}`, data);
  }
  deleteUser(userId: string): Observable<User> {
    return this.http.delete<User>(`${this.baseUrl}/users/${userId}`);
  }
  // Key endpoints
  getKeys(userId: string): Observable<KeyListResponse> {
    return this.http.get<KeyListResponse>(`${this.baseUrl}/users/${userId}/keys`);
  }
  getCurrentKey(userId: string): Observable<KeyToken> {
    return this.http.get<KeyToken>(`${this.baseUrl}/users/${userId}/keys/current`);
  }
  getKey(userId: string, keyId: string): Observable<KeyToken> {
    return this.http.get<KeyToken>(`${this.baseUrl}/users/${userId}/keys/${keyId}`);
  }
  createKey(userId: string, data: CreateKeyRequest): Observable<KeyToken> {
    return this.http.post<KeyToken>(`${this.baseUrl}/users/${userId}/keys`, data);
  }
  updateKey(userId: string, keyId: string, data: UpdateKeyRequest): Observable<KeyToken> {
    return this.http.patch<KeyToken>(`${this.baseUrl}/users/${userId}/keys/${keyId}`, data);
  }
  deleteKey(userId: string, keyId: string): Observable<KeyToken> {
    return this.http.delete<KeyToken>(`${this.baseUrl}/users/${userId}/keys/${keyId}`);
  }
  // Client endpoints
  getClients(userId: string): Observable<ClientListResponse> {
    return this.http.get<ClientListResponse>(`${this.baseUrl}/users/${userId}/clients`);
  }
  getClient(userId: string, clientId: string): Observable<Client> {
    return this.http.get<Client>(`${this.baseUrl}/users/${userId}/clients/${clientId}`);
  }
  deleteClient(userId: string, clientId: string): Observable<Client> {
    return this.http.delete<Client>(`${this.baseUrl}/users/${userId}/clients/${clientId}`);
  }
  // Channel endpoints
  getChannels(userId: string, selector?: ChannelSelector): Observable<ChannelListResponse> {
    let params = new HttpParams();
    if (selector) {
      params = params.set('selector', selector);
    }
    return this.http.get<ChannelListResponse>(`${this.baseUrl}/users/${userId}/channels`, { params });
  }
  getChannel(userId: string, channelId: string): Observable<ChannelWithSubscription> {
    return this.http.get<ChannelWithSubscription>(`${this.baseUrl}/users/${userId}/channels/${channelId}`);
  }
  createChannel(userId: string, data: CreateChannelRequest): Observable<ChannelWithSubscription> {
    return this.http.post<ChannelWithSubscription>(`${this.baseUrl}/users/${userId}/channels`, data);
  }
  updateChannel(userId: string, channelId: string, data: UpdateChannelRequest): Observable<ChannelWithSubscription> {
    return this.http.patch<ChannelWithSubscription>(`${this.baseUrl}/users/${userId}/channels/${channelId}`, data);
  }
  deleteChannel(userId: string, channelId: string): Observable<Channel> {
    return this.http.delete<Channel>(`${this.baseUrl}/users/${userId}/channels/${channelId}`);
  }
  getChannelMessages(userId: string, channelId: string, params?: { page_size?: number; next_page_token?: string; trimmed?: boolean }): Observable<MessageListResponse> {
    let httpParams = new HttpParams();
    if (params?.page_size) httpParams = httpParams.set('page_size', params.page_size);
    if (params?.next_page_token) httpParams = httpParams.set('next_page_token', params.next_page_token);
    if (params?.trimmed !== undefined) httpParams = httpParams.set('trimmed', params.trimmed);
    return this.http.get<MessageListResponse>(`${this.baseUrl}/users/${userId}/channels/${channelId}/messages`, { params: httpParams });
  }
  getChannelSubscriptions(userId: string, channelId: string): Observable<SubscriptionListResponse> {
    return this.http.get<SubscriptionListResponse>(`${this.baseUrl}/users/${userId}/channels/${channelId}/subscriptions`);
  }
  // Message endpoints
  getMessages(params?: MessageListParams): Observable<MessageListResponse> {
    let httpParams = new HttpParams();
    if (params) {
      if (params.after) httpParams = httpParams.set('after', params.after);
      if (params.before) httpParams = httpParams.set('before', params.before);
      if (params.channel_id) {
        for (const c of params.channel_id) {
          httpParams = httpParams.append('channel_id', c);
        }
      }
      if (params.priority) {
        for (const p of params.priority) {
          httpParams = httpParams.append('priority', p);
        }
      }
      if (params.search) httpParams = httpParams.set('search', params.search);
      if (params.sender) {
        for (const s of params.sender) {
          httpParams = httpParams.append('sender', s);
        }
      }
      if (params.subscription_status) httpParams = httpParams.set('subscription_status', params.subscription_status);
      if (params.used_key) httpParams = httpParams.set('used_key', params.used_key);
      if (params.trimmed !== undefined) httpParams = httpParams.set('trimmed', params.trimmed);
      if (params.page_size) httpParams = httpParams.set('page_size', params.page_size);
      if (params.next_page_token) httpParams = httpParams.set('next_page_token', params.next_page_token);
    }
    return this.http.get<MessageListResponse>(`${this.baseUrl}/messages`, { params: httpParams });
  }
  getMessage(messageId: string): Observable<Message> {
    return this.http.get<Message>(`${this.baseUrl}/messages/${messageId}`);
  }
  deleteMessage(messageId: string): Observable<Message> {
    return this.http.delete<Message>(`${this.baseUrl}/messages/${messageId}`);
  }
  getDeliveries(messageId: string): Observable<DeliveryListResponse> {
    return this.http.get<DeliveryListResponse>(`${this.baseUrl}/messages/${messageId}/deliveries`);
  }
  // Subscription endpoints
  getSubscriptions(userId: string, filter?: SubscriptionFilter): Observable<SubscriptionListResponse> {
    let httpParams = new HttpParams();
    if (filter) {
      if (filter.direction) httpParams = httpParams.set('direction', filter.direction);
      if (filter.confirmation) httpParams = httpParams.set('confirmation', filter.confirmation);
      if (filter.external) httpParams = httpParams.set('external', filter.external);
      if (filter.subscriber_user_id) httpParams = httpParams.set('subscriber_user_id', filter.subscriber_user_id);
      if (filter.channel_owner_user_id) httpParams = httpParams.set('channel_owner_user_id', filter.channel_owner_user_id);
      if (filter.page_size) httpParams = httpParams.set('page_size', filter.page_size);
      if (filter.next_page_token) httpParams = httpParams.set('next_page_token', filter.next_page_token);
    }
    return this.http.get<SubscriptionListResponse>(`${this.baseUrl}/users/${userId}/subscriptions`, { params: httpParams });
  }
  getSubscription(userId: string, subscriptionId: string): Observable<Subscription> {
    return this.http.get<Subscription>(`${this.baseUrl}/users/${userId}/subscriptions/${subscriptionId}`);
  }
  createSubscription(userId: string, data: CreateSubscriptionRequest): Observable<Subscription> {
    return this.http.post<Subscription>(`${this.baseUrl}/users/${userId}/subscriptions`, data);
  }
  confirmSubscription(userId: string, subscriptionId: string, data: ConfirmSubscriptionRequest): Observable<Subscription> {
    return this.http.patch<Subscription>(`${this.baseUrl}/users/${userId}/subscriptions/${subscriptionId}`, data);
  }
  deleteSubscription(userId: string, subscriptionId: string): Observable<Subscription> {
    return this.http.delete<Subscription>(`${this.baseUrl}/users/${userId}/subscriptions/${subscriptionId}`);
  }
  // Sender names
  getSenderNames(): Observable<SenderNameListResponse> {
    return this.http.get<SenderNameListResponse>(`${this.baseUrl}/sender-names`);
  }
  getUserSenderNames(userId: string): Observable<SenderNameListResponse> {
    return this.http.get<SenderNameListResponse>(`${this.baseUrl}/users/${userId}/sender-names`);
  }
 }
--- a/webapp/src/app/core/services/auth.service.ts
+++ b/webapp/src/app/core/services/auth.service.ts
@@ -0,0 +1,54 @@
 import { Injectable, signal, computed } from '@angular/core';
 const USER_ID_KEY = 'scn_user_id';
 const ADMIN_KEY_KEY = 'scn_admin_key';
@Injectable({
  providedIn: 'root'
 })
 export class AuthService {
  private userId = signal<string | null>(null);
  private adminKey = signal<string | null>(null);
  isAuthenticated = computed(() => !!this.userId() && !!this.adminKey());
  constructor() {
    this.loadFromStorage();
  }
  private loadFromStorage(): void {
    const userId = localStorage.getItem(USER_ID_KEY);
    const adminKey = localStorage.getItem(ADMIN_KEY_KEY);
    if (userId && adminKey) {
      this.userId.set(userId);
      this.adminKey.set(adminKey);
    }
  }
  login(userId: string, adminKey: string): void {
    localStorage.setItem(USER_ID_KEY, userId);
    localStorage.setItem(ADMIN_KEY_KEY, adminKey);
    this.userId.set(userId);
    this.adminKey.set(adminKey);
  }
  logout(): void {
    localStorage.removeItem(USER_ID_KEY);
    localStorage.removeItem(ADMIN_KEY_KEY);
    this.userId.set(null);
    this.adminKey.set(null);
  }
  getUserId(): string | null {
    return this.userId();
  }
  getAdminKey(): string | null {
    return this.adminKey();
  }
  getAuthHeader(): string | null {
    const key = this.adminKey();
    return key ? `SCN ${key}` : null;
  }
 }
--- a/webapp/src/app/core/services/channel-cache.service.ts
+++ b/webapp/src/app/core/services/channel-cache.service.ts
@@ -0,0 +1,88 @@
 import { Injectable, inject } from '@angular/core';
 import { Observable, of, map, shareReplay, catchError } from 'rxjs';
 import { ApiService } from './api.service';
 import { AuthService } from './auth.service';
 import { ChannelWithSubscription } from '../models';
 export interface ResolvedChannel {
  channelId: string;
  displayName: string;
  internalName: string;
 }
@Injectable({
  providedIn: 'root'
 })
 export class ChannelCacheService {
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private channelsCache$: Observable<Map<string, ChannelWithSubscription>> | null = null;
  getAllChannels(): Observable<ChannelWithSubscription[]> {
    const userId = this.authService.getUserId();
    if (!userId) {
      return of([]);
    }
    return this.apiService.getChannels(userId, 'owned').pipe(
      map(response => response.channels),
      catchError(() => of([]))
    );
  }
  resolveChannel(channelId: string): Observable<ResolvedChannel> {
    return this.getChannelsMap().pipe(
      map(channelsMap => {
        const channel = channelsMap.get(channelId);
        return {
          channelId,
          displayName: channel?.display_name || channel?.internal_name || channelId,
          internalName: channel?.internal_name || channelId
        };
      })
    );
  }
  resolveChannels(channelIds: string[]): Observable<Map<string, ResolvedChannel>> {
    return this.getChannelsMap().pipe(
      map(channelsMap => {
        const resolved = new Map<string, ResolvedChannel>();
        for (const channelId of channelIds) {
          const channel = channelsMap.get(channelId);
          resolved.set(channelId, {
            channelId,
            displayName: channel?.display_name || channel?.internal_name || channelId,
            internalName: channel?.internal_name || channelId
          });
        }
        return resolved;
      })
    );
  }
  private getChannelsMap(): Observable<Map<string, ChannelWithSubscription>> {
    const userId = this.authService.getUserId();
    if (!userId) {
      return of(new Map());
    }
    if (!this.channelsCache$) {
      this.channelsCache$ = this.apiService.getChannels(userId, 'owned').pipe(
        map(response => {
          const map = new Map<string, ChannelWithSubscription>();
          for (const channel of response.channels) {
            map.set(channel.channel_id, channel);
          }
          return map;
        }),
        catchError(() => of(new Map())),
        shareReplay(1)
      );
    }
    return this.channelsCache$;
  }
  clearCache(): void {
    this.channelsCache$ = null;
  }
 }
--- a/webapp/src/app/core/services/index.ts
+++ b/webapp/src/app/core/services/index.ts
@@ -0,0 +1,4 @@
 export * from './auth.service';
 export * from './api.service';
 export * from './notification.service';
 export * from './user-cache.service';
--- a/webapp/src/app/core/services/key-cache.service.ts
+++ b/webapp/src/app/core/services/key-cache.service.ts
@@ -0,0 +1,58 @@
 import { Injectable, inject } from '@angular/core';
 import { Observable, of, map, shareReplay, catchError } from 'rxjs';
 import { ApiService } from './api.service';
 import { AuthService } from './auth.service';
 import { KeyToken } from '../models';
 export interface ResolvedKey {
  keyId: string;
  name: string;
 }
@Injectable({
  providedIn: 'root'
 })
 export class KeyCacheService {
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private keysCache$: Observable<Map<string, KeyToken>> | null = null;
  resolveKey(keyId: string): Observable<ResolvedKey> {
    return this.getKeysMap().pipe(
      map(keysMap => {
        const key = keysMap.get(keyId);
        return {
          keyId,
          name: key?.name || keyId
        };
      })
    );
  }
  private getKeysMap(): Observable<Map<string, KeyToken>> {
    const userId = this.authService.getUserId();
    if (!userId) {
      return of(new Map());
    }
    if (!this.keysCache$) {
      this.keysCache$ = this.apiService.getKeys(userId).pipe(
        map(response => {
          const map = new Map<string, KeyToken>();
          for (const key of response.keys) {
            map.set(key.keytoken_id, key);
          }
          return map;
        }),
        catchError(() => of(new Map())),
        shareReplay(1)
      );
    }
    return this.keysCache$;
  }
  clearCache(): void {
    this.keysCache$ = null;
  }
 }
--- a/webapp/src/app/core/services/notification.service.ts
+++ b/webapp/src/app/core/services/notification.service.ts
@@ -0,0 +1,33 @@
 import { Injectable, inject } from '@angular/core';
 import { NzMessageService } from 'ng-zorro-antd/message';
@Injectable({
  providedIn: 'root'
 })
 export class NotificationService {
  private message = inject(NzMessageService);
  success(content: string): void {
    this.message.success(content);
  }
  error(content: string): void {
    this.message.error(content);
  }
  warning(content: string): void {
    this.message.warning(content);
  }
  info(content: string): void {
    this.message.info(content);
  }
  loading(content: string): string {
    return this.message.loading(content, { nzDuration: 0 }).messageId;
  }
  remove(id: string): void {
    this.message.remove(id);
  }
 }
--- a/webapp/src/app/core/services/settings.service.ts
+++ b/webapp/src/app/core/services/settings.service.ts
@@ -0,0 +1,30 @@
 import { Injectable, signal } from '@angular/core';
 const EXPERT_MODE_KEY = 'scn_expert_mode';
@Injectable({
  providedIn: 'root'
 })
 export class SettingsService {
  private _expertMode = signal(false);
  expertMode = this._expertMode.asReadonly();
  constructor() {
    this.loadFromStorage();
  }
  private loadFromStorage(): void {
    const stored = localStorage.getItem(EXPERT_MODE_KEY);
    this._expertMode.set(stored === 'true');
  }
  setExpertMode(enabled: boolean): void {
    localStorage.setItem(EXPERT_MODE_KEY, String(enabled));
    this._expertMode.set(enabled);
  }
  toggleExpertMode(): void {
    this.setExpertMode(!this._expertMode());
  }
 }
--- a/webapp/src/app/core/services/user-cache.service.ts
+++ b/webapp/src/app/core/services/user-cache.service.ts
@@ -0,0 +1,55 @@
 import { Injectable, inject, signal } from '@angular/core';
 import { Observable, of, tap, catchError, map, shareReplay } from 'rxjs';
 import { ApiService } from './api.service';
 import { AuthService } from './auth.service';
 import { UserPreview } from '../models';
 export interface ResolvedUser {
  userId: string;
  displayName: string;
  isCurrentUser: boolean;
 }
@Injectable({
  providedIn: 'root'
 })
 export class UserCacheService {
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private cache = new Map<string, Observable<UserPreview | null>>();
  resolveUser(userId: string): Observable<ResolvedUser> {
    const currentUserId = this.authService.getUserId();
    const isCurrentUser = userId === currentUserId;
    return this.getUserPreview(userId).pipe(
      map(preview => {
        let displayName = preview?.username || userId;
        if (isCurrentUser) {
          displayName += ' (you)';
        }
        return {
          userId,
          displayName,
          isCurrentUser
        };
      })
    );
  }
  private getUserPreview(userId: string): Observable<UserPreview | null> {
    if (!this.cache.has(userId)) {
      const request$ = this.apiService.getUserPreview(userId).pipe(
        catchError(() => of(null)),
        shareReplay(1)
      );
      this.cache.set(userId, request$);
    }
    return this.cache.get(userId)!;
  }
  clearCache(): void {
    this.cache.clear();
  }
 }
--- a/webapp/src/app/features/account/account-info/account-info.component.html
+++ b/webapp/src/app/features/account/account-info/account-info.component.html
@@ -0,0 +1,122 @@
 <div class="page-content">
  <div class="page-header">
    <h2>Account</h2>
    <button nz-button (click)="loadUser()">
      <span nz-icon nzType="reload"></span>
      Refresh
    </button>
  </div>
  @if (loading()) {
    <div class="loading-container">
      <nz-spin nzSimple nzSize="large"></nz-spin>
    </div>
  } @else if (user()) {
    <nz-card nzTitle="User Information">
      <scn-metadata-grid>
        <scn-metadata-value label="User ID">
          <span class="mono">{{ user()!.user_id }}</span>
        </scn-metadata-value>
        <scn-metadata-value label="Username">
          {{ user()!.username || '(Not set)' }}
          <button nz-button nzSize="small" nzType="link" (click)="openEditModal()">
            <span nz-icon nzType="edit"></span>
          </button>
        </scn-metadata-value>
        <scn-metadata-value label="Account Type">
          @if (user()!.is_pro) {
            <nz-tag nzColor="gold">Pro</nz-tag>
          } @else {
            <nz-tag>Free</nz-tag>
          }
        </scn-metadata-value>
        <scn-metadata-value label="Messages Sent">
          {{ user()!.messages_sent }}
        </scn-metadata-value>
        <scn-metadata-value label="Created">
          {{ user()!.timestamp_created | relativeTime }}
        </scn-metadata-value>
        <scn-metadata-value label="Last Read">
          {{ user()!.timestamp_lastread | relativeTime }}
        </scn-metadata-value>
        <scn-metadata-value label="Last Sent">
          {{ user()!.timestamp_lastsent | relativeTime }}
        </scn-metadata-value>
      </scn-metadata-grid>
    </nz-card>
    <nz-card nzTitle="Quota" class="mt-16">
      <div class="quota-info">
        <div class="quota-progress">
          <nz-progress
            [nzPercent]="getQuotaPercent()"
            [nzStatus]="getQuotaStatus()"
            nzType="circle"
          ></nz-progress>
        </div>
        <div class="quota-details">
          <p><strong>{{ user()!.quota_used }}</strong> / {{ user()!.quota_max }} messages used today</p>
          <p class="quota-remaining">{{ user()!.quota_remaining }} remaining</p>
        </div>
      </div>
      <nz-divider></nz-divider>
      <scn-metadata-grid>
        <scn-metadata-value label="Max Body Size">
          {{ user()!.max_body_size | number }} bytes
        </scn-metadata-value>
        <scn-metadata-value label="Max Title Length">
          {{ user()!.max_title_length }} chars
        </scn-metadata-value>
        <scn-metadata-value label="Default Channel">
          {{ user()!.default_channel }}
        </scn-metadata-value>
        <scn-metadata-value label="Default Priority">
          {{ user()!.default_priority }}
        </scn-metadata-value>
      </scn-metadata-grid>
    </nz-card>
    @if (expertMode()) {
      <nz-card nzTitle="Danger Zone" class="mt-16 danger-zone">
        <p class="danger-warning">Deleting your account is permanent and cannot be undone. All your data will be lost.</p>
        <button
          nz-button
          nzDanger
          nz-popconfirm
          nzPopconfirmTitle="Are you sure you want to delete your account? This action cannot be undone."
          (nzOnConfirm)="deleteAccount()"
          [nzLoading]="deleting()"
        >
          <span nz-icon nzType="delete"></span>
          Delete Account
        </button>
      </nz-card>
    }
  }
 </div>
 <!-- Edit Username Modal -->
 <nz-modal
  [(nzVisible)]="showEditModal"
  nzTitle="Edit Username"
  (nzOnCancel)="closeEditModal()"
  (nzOnOk)="saveUsername()"
  [nzOkLoading]="saving()"
 >
  <ng-container *nzModalContent>
    <nz-form-item class="mb-0">
      <nz-form-label>Username</nz-form-label>
      <nz-form-control>
        <input
          type="text"
          nz-input
          placeholder="Enter your username"
          [(ngModel)]="editUsername"
        />
      </nz-form-control>
    </nz-form-item>
  </ng-container>
 </nz-modal>
--- a/webapp/src/app/features/account/account-info/account-info.component.scss
+++ b/webapp/src/app/features/account/account-info/account-info.component.scss
@@ -0,0 +1,59 @@
 .page-header {
  display: flex;
  justify-content: space-between;
  align-items: center;
  margin-bottom: 16px;
  h2 {
    margin: 0;
  }
 }
 .loading-container {
  display: flex;
  justify-content: center;
  align-items: center;
  min-height: 300px;
 }
 .quota-info {
  display: flex;
  align-items: center;
  gap: 32px;
 }
 .quota-details {
  p {
    margin: 0 0 4px 0;
  }
  .quota-remaining {
    color: #666;
    font-size: 13px;
  }
 }
 .action-section {
  margin-bottom: 16px;
 }
 .danger-section {
  p {
    color: #666;
    margin-bottom: 16px;
  }
 }
 .danger-zone {
  border-color: #ff4d4f !important;
  :host ::ng-deep .ant-card-head {
    color: #ff4d4f;
    border-bottom-color: #ff4d4f;
  }
  .danger-warning {
    color: #666;
    margin-bottom: 16px;
  }
 }
--- a/webapp/src/app/features/account/account-info/account-info.component.ts
+++ b/webapp/src/app/features/account/account-info/account-info.component.ts
@@ -0,0 +1,147 @@
 import { Component, inject, signal, OnInit } from '@angular/core';
 import { CommonModule } from '@angular/common';
 import { FormsModule } from '@angular/forms';
 import { Router } from '@angular/router';
 import { NzCardModule } from 'ng-zorro-antd/card';
 import { NzButtonModule } from 'ng-zorro-antd/button';
 import { NzIconModule } from 'ng-zorro-antd/icon';
 import { NzDescriptionsModule } from 'ng-zorro-antd/descriptions';
 import { NzTagModule } from 'ng-zorro-antd/tag';
 import { NzSpinModule } from 'ng-zorro-antd/spin';
 import { NzProgressModule } from 'ng-zorro-antd/progress';
 import { NzModalModule } from 'ng-zorro-antd/modal';
 import { NzFormModule } from 'ng-zorro-antd/form';
 import { NzInputModule } from 'ng-zorro-antd/input';
 import { NzDividerModule } from 'ng-zorro-antd/divider';
 import { NzPopconfirmModule } from 'ng-zorro-antd/popconfirm';
 import { ApiService } from '../../../core/services/api.service';
 import { AuthService } from '../../../core/services/auth.service';
 import { NotificationService } from '../../../core/services/notification.service';
 import { SettingsService } from '../../../core/services/settings.service';
 import { UserWithExtra } from '../../../core/models';
 import { RelativeTimePipe } from '../../../shared/pipes/relative-time.pipe';
 import { MetadataGridComponent, MetadataValueComponent } from '../../../shared/components/metadata-grid';
@Component({
  selector: 'app-account-info',
  standalone: true,
  imports: [
    CommonModule,
    FormsModule,
    NzCardModule,
    NzButtonModule,
    NzIconModule,
    NzDescriptionsModule,
    NzTagModule,
    NzSpinModule,
    NzProgressModule,
    NzModalModule,
    NzFormModule,
    NzInputModule,
    NzDividerModule,
    NzPopconfirmModule,
    RelativeTimePipe,
    MetadataGridComponent,
    MetadataValueComponent,
  ],
  templateUrl: './account-info.component.html',
  styleUrl: './account-info.component.scss'
 })
 export class AccountInfoComponent implements OnInit {
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private notification = inject(NotificationService);
  private settingsService = inject(SettingsService);
  private router = inject(Router);
  user = signal<UserWithExtra | null>(null);
  loading = signal(true);
  deleting = signal(false);
  expertMode = this.settingsService.expertMode;
  // Edit username modal
  showEditModal = signal(false);
  editUsername = '';
  saving = signal(false);
  ngOnInit(): void {
    this.loadUser();
  }
  loadUser(): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.loading.set(true);
    this.apiService.getUser(userId).subscribe({
      next: (user) => {
        this.user.set(user);
        this.loading.set(false);
      },
      error: () => {
        this.loading.set(false);
      }
    });
  }
  getQuotaPercent(): number {
    const user = this.user();
    if (!user || user.quota_max === 0) return 0;
    return Math.round((user.quota_used / user.quota_max) * 100);
  }
  getQuotaStatus(): 'success' | 'normal' | 'exception' {
    const percent = this.getQuotaPercent();
    if (percent >= 90) return 'exception';
    if (percent >= 70) return 'normal';
    return 'success';
  }
  // Edit username
  openEditModal(): void {
    const user = this.user();
    this.editUsername = user?.username || '';
    this.showEditModal.set(true);
  }
  closeEditModal(): void {
    this.showEditModal.set(false);
  }
  saveUsername(): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.saving.set(true);
    this.apiService.updateUser(userId, {
      username: this.editUsername || undefined
    }).subscribe({
      next: () => {
        this.notification.success('Username updated');
        this.closeEditModal();
        this.saving.set(false);
        this.loadUser();
      },
      error: () => {
        this.saving.set(false);
      }
    });
  }
  deleteAccount(): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.deleting.set(true);
    this.apiService.deleteUser(userId).subscribe({
      next: () => {
        this.notification.success('Account deleted');
        this.authService.logout();
        this.router.navigate(['/login']);
      },
      error: () => {
        this.deleting.set(false);
      }
    });
  }
 }
--- a/webapp/src/app/features/auth/login/login.component.html
+++ b/webapp/src/app/features/auth/login/login.component.html
@@ -0,0 +1,53 @@
 <div class="login-container">
  <nz-card class="login-card">
    <div class="login-header">
      <img src="/logo.png" alt="SimpleCloudNotifier" class="login-logo" />
      <h1>SimpleCloudNotifier</h1>
    </div>
    @if (error()) {
      <nz-alert
        nzType="error"
        [nzMessage]="error()!"
        nzShowIcon
        class="mb-16"
      ></nz-alert>
    }
    <div class="login-form">
      <label for="userId">User ID</label>
      <input
        id="userId"
        type="text"
        nz-input
        placeholder="Enter your User ID"
        [(ngModel)]="userId"
        [disabled]="loading()"
      />
      <label for="adminKey">Admin Key</label>
      <input
        id="adminKey"
        type="text"
        nz-input
        placeholder="Enter your Admin Key"
        [(ngModel)]="adminKey"
        [disabled]="loading()"
      />
    </div>
    <button
      nz-button
      nzType="primary"
      nzBlock
      [nzLoading]="loading()"
      (click)="login()"
    >
      Sign In
    </button>
    <div class="login-footer">
      <p>You need an admin key to access.</p>
    </div>
  </nz-card>
 </div>
--- a/webapp/src/app/features/auth/login/login.component.scss
+++ b/webapp/src/app/features/auth/login/login.component.scss
@@ -0,0 +1,62 @@
 .login-container {
  min-height: 100vh;
  display: flex;
  align-items: center;
  justify-content: center;
  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
  padding: 24px;
 }
 .login-card {
  width: 100%;
  max-width: 650px;
  border-radius: 8px;
  box-shadow: 0 8px 24px rgba(0, 0, 0, 0.15);
 }
 .login-header {
  text-align: center;
  margin-bottom: 32px;
  .login-logo {
    width: 80px;
    height: auto;
    margin-bottom: 16px;
  }
  h1 {
    margin: 0 0 8px 0;
    font-size: 24px;
    font-weight: 600;
    color: #333;
  }
  p {
    margin: 0;
    color: #666;
    font-size: 14px;
  }
 }
 .login-form {
  display: grid;
  grid-template-columns: auto 1fr;
  gap: 12px 16px;
  align-items: center;
  margin-bottom: 16px;
  label {
    font-weight: 500;
  }
 }
 .login-footer {
  margin-top: 24px;
  text-align: center;
  p {
    margin: 0;
    font-size: 12px;
    color: #999;
  }
 }
--- a/webapp/src/app/features/auth/login/login.component.ts
+++ b/webapp/src/app/features/auth/login/login.component.ts
@@ -0,0 +1,76 @@
 import { Component, inject, signal } from '@angular/core';
 import { CommonModule } from '@angular/common';
 import { Router, ActivatedRoute } from '@angular/router';
 import { FormsModule } from '@angular/forms';
 import { NzInputModule } from 'ng-zorro-antd/input';
 import { NzButtonModule } from 'ng-zorro-antd/button';
 import { NzCardModule } from 'ng-zorro-antd/card';
 import { NzAlertModule } from 'ng-zorro-antd/alert';
 import { AuthService } from '../../../core/services/auth.service';
 import { ApiService } from '../../../core/services/api.service';
 import { isAdminKey } from '../../../core/models';
@Component({
  selector: 'app-login',
  standalone: true,
  imports: [
    CommonModule,
    FormsModule,
    NzInputModule,
    NzButtonModule,
    NzCardModule,
    NzAlertModule,
  ],
  templateUrl: './login.component.html',
  styleUrl: './login.component.scss'
 })
 export class LoginComponent {
  private authService = inject(AuthService);
  private apiService = inject(ApiService);
  private router = inject(Router);
  private route = inject(ActivatedRoute);
  userId = '';
  adminKey = '';
  loading = signal(false);
  error = signal<string | null>(null);
  async login(): Promise<void> {
    if (!this.userId.trim() || !this.adminKey.trim()) {
      this.error.set('Please enter both User ID and Admin Key');
      return;
    }
    this.loading.set(true);
    this.error.set(null);
    // Temporarily set credentials to make the API call
    this.authService.login(this.userId.trim(), this.adminKey.trim());
    this.apiService.getCurrentKey(this.userId.trim()).subscribe({
      next: (key) => {
        if (!isAdminKey(key)) {
          this.authService.logout();
          this.error.set('This key does not have admin permissions. Please use an admin key.');
          this.loading.set(false);
          return;
        }
        // Login successful
        const returnUrl = this.route.snapshot.queryParams['returnUrl'] || '/messages';
        this.router.navigateByUrl(returnUrl);
      },
      error: (err) => {
        this.authService.logout();
        if (err.status === 401 || err.status === 403) {
          this.error.set('Invalid User ID or Admin Key');
        } else if (err.status === 404) {
          this.error.set('User not found');
        } else {
          this.error.set('Failed to authenticate. Please try again.');
        }
        this.loading.set(false);
      }
    });
  }
 }
--- a/webapp/src/app/features/channels/channel-detail/channel-detail.component.html
+++ b/webapp/src/app/features/channels/channel-detail/channel-detail.component.html
@@ -0,0 +1,354 @@
 <div class="page-content">
  @if (loading()) {
    <div class="loading-container">
      <nz-spin nzSimple nzSize="large"></nz-spin>
    </div>
  } @else if (channel()) {
    <div class="detail-header">
      <button nz-button (click)="goBack()">
        <span nz-icon nzType="arrow-left" nzTheme="outline"></span>
        Back to Channels
      </button>
      @if (isOwner()) {
        <div class="header-actions">
          <button nz-button (click)="openEditModal()">
            <span nz-icon nzType="edit"></span>
            Edit
          </button>
          @if (expertMode()) {
            <button
              nz-button
              nzDanger
              nz-popconfirm
              nzPopconfirmTitle="Are you sure you want to delete this channel? All messages and subscriptions will be lost."
              (nzOnConfirm)="deleteChannel()"
              [nzLoading]="deleting()"
            >
              <span nz-icon nzType="delete"></span>
              Delete
            </button>
          }
        </div>
      }
    </div>
    <nz-card [nzTitle]="channel()!.display_name">
      <scn-metadata-grid>
        <scn-metadata-value label="Channel ID">
          <span class="mono">{{ channel()!.channel_id }}</span>
        </scn-metadata-value>
        <scn-metadata-value label="Internal Name">
          <span class="mono">{{ channel()!.internal_name }}</span>
        </scn-metadata-value>
        <scn-metadata-value label="Status">
          <nz-tag [nzColor]="getSubscriptionStatus().color">
            {{ getSubscriptionStatus().label }}
          </nz-tag>
        </scn-metadata-value>
        <scn-metadata-value label="Owner">
          <span class="mono">{{ channel()!.owner_user_id }}</span>
        </scn-metadata-value>
        @if (channel()!.description_name) {
          <scn-metadata-value label="Description">
            {{ channel()!.description_name }}
          </scn-metadata-value>
        }
        <scn-metadata-value label="Messages Sent">
          {{ channel()!.messages_sent }}
        </scn-metadata-value>
        <scn-metadata-value label="Last Sent">
          @if (channel()!.timestamp_lastsent) {
            <div class="timestamp-absolute">{{ channel()!.timestamp_lastsent | date:'yyyy-MM-dd HH:mm:ss' }}</div>
            <div class="timestamp-relative">{{ channel()!.timestamp_lastsent | relativeTime }}</div>
          } @else {
            Never
          }
        </scn-metadata-value>
        <scn-metadata-value label="Created">
          <div class="timestamp-absolute">{{ channel()!.timestamp_created | date:'yyyy-MM-dd HH:mm:ss' }}</div>
          <div class="timestamp-relative">{{ channel()!.timestamp_created | relativeTime }}</div>
        </scn-metadata-value>
        @if (isOwner() && channel()!.subscribe_key) {
          <scn-metadata-value label="Subscribe Key">
            <div class="key-field">
              <nz-input-group [nzSuffix]="subscribeKeySuffix">
                <input
                  type="text"
                  nz-input
                  [value]="channel()!.subscribe_key"
                  readonly
                  class="mono"
                />
              </nz-input-group>
              <ng-template #subscribeKeySuffix>
                <span
                  nz-icon
                  nzType="copy"
                  class="action-icon"
                  nz-tooltip
                  nzTooltipTitle="Copy"
                  [appCopyToClipboard]="channel()!.subscribe_key!"
                ></span>
              </ng-template>
              @if (expertMode()) {
                <button
                  nz-button
                  nz-popconfirm
                  nzPopconfirmTitle="Regenerate subscribe key? The existing key will no longer be valid."
                  (nzOnConfirm)="regenerateSubscribeKey()"
                >
                  Invalidate & Regenerate
                </button>
              }
            </div>
          </scn-metadata-value>
          <scn-metadata-value label="Subscribe QR">
            <div class="qr-container">
              <app-qr-code-display [data]="qrCodeData()"></app-qr-code-display>
              <p class="qr-hint">Scan with the SimpleCloudNotifier app to subscribe</p>
            </div>
          </scn-metadata-value>
        }
      </scn-metadata-grid>
    </nz-card>
    @if (isOwner()) {
      <nz-card nzTitle="Subscriptions" [nzExtra]="subscriptionsCardExtra" class="mt-16">
      <ng-template #subscriptionsCardExtra>
        @if (expertMode()) {
          <button
            nz-button
            nzSize="small"
            [nzType]="isUserSubscribed() ? 'default' : 'primary'"
            nz-tooltip
            [nzTooltipTitle]="isUserSubscribed() ? 'Unsubscribe' : 'Subscribe'"
            (click)="toggleSelfSubscription()"
          >
            <span nz-icon [nzType]="isUserSubscribed() ? 'user-delete' : 'user-add'"></span>
          </button>
        }
      </ng-template>
        <nz-table
          #subscriptionTable
          [nzData]="subscriptions()"
          [nzLoading]="loadingSubscriptions()"
          [nzShowPagination]="false"
          [nzNoResult]="noResultTpl"
          nzSize="small"
        >
        <ng-template #noResultTpl></ng-template>
          <thead>
            <tr>
              <th>Subscriber</th>
              <th nzWidth="0">Status</th>
              <th nzWidth="0">Active</th>
              <th nzWidth="0">Created</th>
              <th nzWidth="0">Actions</th>
            </tr>
          </thead>
          <tbody>
            @for (sub of subscriptions(); track sub.subscription_id) {
              <tr class="clickable-row">
                <td>
                  <a class="cell-link" [routerLink]="['/subscriptions', sub.subscription_id]">
                    <div class="cell-name">{{ getUserDisplayName(sub.subscriber_user_id) }}</div>
                    <div class="cell-id mono">{{ sub.subscriber_user_id }}</div>
                  </a>
                </td>
                <td>
                  <a class="cell-link" [routerLink]="['/subscriptions', sub.subscription_id]">
                    <nz-tag [nzColor]="sub.confirmed ? 'green' : 'orange'">
                      {{ sub.confirmed ? 'Confirmed' : 'Pending' }}
                    </nz-tag>
                  </a>
                </td>
                <td>
                  <a class="cell-link" [routerLink]="['/subscriptions', sub.subscription_id]">
                    <nz-tag [nzColor]="sub.active ? 'green' : 'default'">
                      {{ sub.active ? 'Active' : 'Inactive' }}
                    </nz-tag>
                  </a>
                </td>
                <td>
                  <a class="cell-link" [routerLink]="['/subscriptions', sub.subscription_id]">
                    <div class="timestamp-absolute">{{ sub.timestamp_created | date:'yyyy-MM-dd HH:mm:ss' }}</div>
                    <div class="timestamp-relative">{{ sub.timestamp_created | relativeTime }}</div>
                  </a>
                </td>
                <td>
                  <div class="action-buttons">
                    @if (!sub.confirmed) {
                      <button
                        nz-button
                        nzSize="small"
                        nzType="primary"
                        nz-tooltip
                        nzTooltipTitle="Accept"
                        (click)="acceptSubscription(sub)"
                      >
                        <span nz-icon nzType="check"></span>
                      </button>
                      <button
                        nz-button
                        nzSize="small"
                        nzDanger
                        nz-tooltip
                        nzTooltipTitle="Deny"
                        nz-popconfirm
                        nzPopconfirmTitle="Deny this subscription request?"
                        (nzOnConfirm)="denySubscription(sub)"
                      >
                        <span nz-icon nzType="close"></span>
                      </button>
                    } @else {
                      @if (expertMode()) {
                        <button
                          nz-button
                          nzSize="small"
                          nzDanger
                          nz-tooltip
                          nzTooltipTitle="Revoke"
                          nz-popconfirm
                          nzPopconfirmTitle="Revoke this subscription?"
                          (nzOnConfirm)="revokeSubscription(sub)"
                        >
                          <span nz-icon nzType="delete"></span>
                        </button>
                      }
                    }
                  </div>
                </td>
              </tr>
            } @empty {
              <tr>
                <td colspan="5">
                  <nz-empty nzNotFoundContent="No subscriptions"></nz-empty>
                </td>
              </tr>
            }
          </tbody>
        </nz-table>
      </nz-card>
    }
    <nz-card nzTitle="Messages" class="mt-16">
      <nz-table
        #messageTable
        [nzData]="messages()"
        [nzLoading]="loadingMessages()"
        [nzShowPagination]="false"
        [nzNoResult]="noMessagesResultTpl"
        nzSize="small"
      >
        <ng-template #noMessagesResultTpl></ng-template>
        <thead>
          <tr>
            <th>Title</th>
            <th>Content</th>
            <th nzWidth="0">Sender</th>
            <th nzWidth="0">Priority</th>
            <th nzWidth="0">Time</th>
          </tr>
        </thead>
        <tbody>
          @for (message of messages(); track message.message_id) {
            <tr class="clickable-row">
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <div class="message-title">{{ message.title }}</div>
                  <div class="message-id mono">{{ message.message_id }}</div>
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  @if (message.content) {
                    <div class="message-content">{{ message.content | slice:0:128 }}{{ message.content.length > 128 ? '...' : '' }}</div>
                  } @else {
                    <span class="text-muted"></span>
                  }
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <span style="white-space: pre">{{ message.sender_name || '-' }}</span>
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <nz-tag [nzColor]="getPriorityColor(message.priority)">
                    {{ getPriorityLabel(message.priority) }}
                  </nz-tag>
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <div class="timestamp-absolute">{{ message.timestamp | date:'yyyy-MM-dd HH:mm:ss' }}</div>
                  <div class="timestamp-relative">{{ message.timestamp | relativeTime }}</div>
                </a>
              </td>
            </tr>
          } @empty {
            <tr>
              <td colspan="5">
                <nz-empty nzNotFoundContent="No messages"></nz-empty>
              </td>
            </tr>
          }
        </tbody>
      </nz-table>
      @if (messagesTotalCount() > messagesPageSize) {
        <div class="pagination-controls">
          <nz-pagination
            [nzPageIndex]="messagesCurrentPage()"
            [nzPageSize]="messagesPageSize"
            [nzTotal]="messagesTotalCount()"
            [nzDisabled]="loadingMessages()"
            (nzPageIndexChange)="messagesGoToPage($event)"
          ></nz-pagination>
        </div>
      }
    </nz-card>
  } @else {
    <nz-card>
      <div class="not-found">
        <p>Channel not found</p>
        <button nz-button nzType="primary" (click)="goBack()">
          Back to Channels
        </button>
      </div>
    </nz-card>
  }
 </div>
 <!-- Edit Modal -->
 <nz-modal
  [(nzVisible)]="showEditModal"
  nzTitle="Edit Channel"
  (nzOnCancel)="closeEditModal()"
  (nzOnOk)="saveChannel()"
  [nzOkLoading]="saving()"
 >
  <ng-container *nzModalContent>
    <nz-form-item>
      <nz-form-label>Display Name</nz-form-label>
      <nz-form-control>
        <input
          type="text"
          nz-input
          [(ngModel)]="editDisplayName"
        />
      </nz-form-control>
    </nz-form-item>
    <nz-form-item class="mb-0">
      <nz-form-label>Description</nz-form-label>
      <nz-form-control>
        <textarea
          nz-input
          rows="3"
          [(ngModel)]="editDescription"
        ></textarea>
      </nz-form-control>
    </nz-form-item>
  </ng-container>
 </nz-modal>
--- a/webapp/src/app/features/channels/channel-detail/channel-detail.component.scss
+++ b/webapp/src/app/features/channels/channel-detail/channel-detail.component.scss
@@ -0,0 +1,121 @@
 .loading-container {
  display: flex;
  justify-content: center;
  align-items: center;
  min-height: 300px;
 }
 .header-actions {
  display: flex;
  gap: 8px;
 }
 .key-field {
  display: flex;
  flex-direction: row;
  gap: 8px;
 }
 .key-actions {
  display: flex;
 }
 .action-icon {
  cursor: pointer;
  color: #999;
  margin-left: 8px;
  transition: color 0.3s;
  &:hover {
    color: #1890ff;
  }
 }
 .not-found {
  text-align: center;
  padding: 48px;
  p {
    color: #999;
    margin-bottom: 16px;
  }
 }
 .qr-container {
  display: flex;
  flex-direction: column;
  align-items: center;
 }
 .qr-hint {
  color: #666;
  font-size: 13px;
  margin-top: 8px;
  margin-bottom: 0;
 }
 .cell-name {
  font-weight: 500;
  color: #333;
 }
 .cell-id {
  font-size: 11px;
  color: #999;
  margin-top: 2px;
 }
 .timestamp-absolute {
  font-size: 13px;
  color: #333;
  white-space: pre;
 }
 .timestamp-relative {
  font-size: 12px;
  color: #999;
  white-space: pre;
 }
 .clickable-row {
  cursor: pointer;
  &:hover {
    background-color: #fafafa;
  }
 }
 .action-buttons {
  display: flex;
  gap: 4px;
 }
 .message-title {
  font-weight: 500;
  color: #333;
 }
 .message-id {
  font-size: 11px;
  color: #999;
  margin-top: 2px;
 }
 .message-content {
  font-size: 12px;
  color: #666;
  white-space: pre;
  max-height: 2lh;
  overflow-y: clip;
 }
 .text-muted {
  color: #999;
 }
 .pagination-controls {
  display: flex;
  justify-content: center;
  align-items: center;
  padding: 16px 0;
 }
--- a/webapp/src/app/features/channels/channel-detail/channel-detail.component.ts
+++ b/webapp/src/app/features/channels/channel-detail/channel-detail.component.ts
@@ -0,0 +1,407 @@
 import { Component, inject, signal, computed, OnInit } from '@angular/core';
 import { CommonModule, DatePipe } from '@angular/common';
 import { ActivatedRoute, Router, RouterLink } from '@angular/router';
 import { FormsModule } from '@angular/forms';
 import { NzCardModule } from 'ng-zorro-antd/card';
 import { NzButtonModule } from 'ng-zorro-antd/button';
 import { NzIconModule } from 'ng-zorro-antd/icon';
 import { NzTagModule } from 'ng-zorro-antd/tag';
 import { NzSpinModule } from 'ng-zorro-antd/spin';
 import { NzPopconfirmModule } from 'ng-zorro-antd/popconfirm';
 import { NzDividerModule } from 'ng-zorro-antd/divider';
 import { NzInputModule } from 'ng-zorro-antd/input';
 import { NzModalModule } from 'ng-zorro-antd/modal';
 import { NzFormModule } from 'ng-zorro-antd/form';
 import { NzTableModule } from 'ng-zorro-antd/table';
 import { NzToolTipModule } from 'ng-zorro-antd/tooltip';
 import { NzEmptyModule } from 'ng-zorro-antd/empty';
 import { NzPaginationModule } from 'ng-zorro-antd/pagination';
 import { ApiService } from '../../../core/services/api.service';
 import { AuthService } from '../../../core/services/auth.service';
 import { NotificationService } from '../../../core/services/notification.service';
 import { SettingsService } from '../../../core/services/settings.service';
 import { UserCacheService, ResolvedUser } from '../../../core/services/user-cache.service';
 import { ChannelWithSubscription, Subscription, Message } from '../../../core/models';
 import { RelativeTimePipe } from '../../../shared/pipes/relative-time.pipe';
 import { CopyToClipboardDirective } from '../../../shared/directives/copy-to-clipboard.directive';
 import { QrCodeDisplayComponent } from '../../../shared/components/qr-code-display/qr-code-display.component';
 import { MetadataGridComponent, MetadataValueComponent } from '../../../shared/components/metadata-grid';
@Component({
  selector: 'app-channel-detail',
  standalone: true,
  imports: [
    CommonModule,
    DatePipe,
    FormsModule,
    RouterLink,
    NzCardModule,
    NzButtonModule,
    NzIconModule,
    NzTagModule,
    NzSpinModule,
    NzPopconfirmModule,
    NzDividerModule,
    NzInputModule,
    NzModalModule,
    NzFormModule,
    NzTableModule,
    NzToolTipModule,
    NzEmptyModule,
    NzPaginationModule,
    RelativeTimePipe,
    CopyToClipboardDirective,
    QrCodeDisplayComponent,
    MetadataGridComponent,
    MetadataValueComponent,
  ],
  templateUrl: './channel-detail.component.html',
  styleUrl: './channel-detail.component.scss'
 })
 export class ChannelDetailComponent implements OnInit {
  private route = inject(ActivatedRoute);
  private router = inject(Router);
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private notification = inject(NotificationService);
  private settingsService = inject(SettingsService);
  private userCacheService = inject(UserCacheService);
  channel = signal<ChannelWithSubscription | null>(null);
  subscriptions = signal<Subscription[]>([]);
  messages = signal<Message[]>([]);
  userNames = signal<Map<string, ResolvedUser>>(new Map());
  loading = signal(true);
  loadingSubscriptions = signal(false);
  loadingMessages = signal(false);
  deleting = signal(false);
  expertMode = this.settingsService.expertMode;
  // Messages pagination
  messagesPageSize = 16;
  messagesNextPageToken = signal<string | null>(null);
  messagesTotalCount = signal(0);
  messagesCurrentPage = signal(1);
  // Edit modal
  showEditModal = signal(false);
  editDisplayName = '';
  editDescription = '';
  saving = signal(false);
  // QR code data (computed from channel)
  qrCodeData = computed(() => {
    const channel = this.channel();
    if (!channel || !channel.subscribe_key) return '';
    return [
      '@scn.channel.subscribe',
      'v1',
      channel.display_name,
      channel.owner_user_id,
      channel.channel_id,
      channel.subscribe_key
    ].join('\n');
  });
  ngOnInit(): void {
    const channelId = this.route.snapshot.paramMap.get('id');
    if (channelId) {
      this.loadChannel(channelId);
    }
  }
  loadChannel(channelId: string): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.loading.set(true);
    this.apiService.getChannel(userId, channelId).subscribe({
      next: (channel) => {
        this.channel.set(channel);
        this.loading.set(false);
        if (this.isOwner()) {
          this.loadSubscriptions(channelId);
        }
        this.loadMessages(channelId);
      },
      error: () => {
        this.loading.set(false);
      }
    });
  }
  loadSubscriptions(channelId: string): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.loadingSubscriptions.set(true);
    this.apiService.getChannelSubscriptions(userId, channelId).subscribe({
      next: (response) => {
        this.subscriptions.set(response.subscriptions);
        this.loadingSubscriptions.set(false);
        this.resolveUserNames(response.subscriptions);
      },
      error: () => {
        this.loadingSubscriptions.set(false);
      }
    });
  }
  loadMessages(channelId: string, nextPageToken?: string): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.loadingMessages.set(true);
    this.apiService.getChannelMessages(userId, channelId, {
      page_size: this.messagesPageSize,
      next_page_token: nextPageToken,
      trimmed: true
    }).subscribe({
      next: (response) => {
        this.messages.set(response.messages);
        this.messagesNextPageToken.set(response.next_page_token || null);
        this.messagesTotalCount.set(response.total_count);
        this.loadingMessages.set(false);
      },
      error: () => {
        this.loadingMessages.set(false);
      }
    });
  }
  messagesGoToPage(page: number): void {
    const channel = this.channel();
    if (!channel) return;
    this.messagesCurrentPage.set(page);
    // For pagination with tokens, we need to handle this differently
    // The API uses next_page_token, so we'll reload from the beginning for now
    // In a real implementation, you'd need to track tokens per page or use offset-based pagination
    if (page === 1) {
      this.loadMessages(channel.channel_id);
    } else {
      // For simplicity, use the next page token if going forward
      const token = this.messagesNextPageToken();
      if (token) {
        this.loadMessages(channel.channel_id, token);
      }
    }
  }
  viewMessage(message: Message): void {
    this.router.navigate(['/messages', message.message_id]);
  }
  getPriorityColor(priority: number): string {
    switch (priority) {
      case 0: return 'default';
      case 1: return 'blue';
      case 2: return 'orange';
      default: return 'default';
    }
  }
  getPriorityLabel(priority: number): string {
    switch (priority) {
      case 0: return 'Low';
      case 1: return 'Normal';
      case 2: return 'High';
      default: return 'Unknown';
    }
  }
  private resolveUserNames(subscriptions: Subscription[]): void {
    const userIds = new Set<string>();
    for (const sub of subscriptions) {
      userIds.add(sub.subscriber_user_id);
    }
    for (const id of userIds) {
      this.userCacheService.resolveUser(id).subscribe(resolved => {
        this.userNames.update(map => new Map(map).set(id, resolved));
      });
    }
  }
  getUserDisplayName(userId: string): string {
    const resolved = this.userNames().get(userId);
    return resolved?.displayName || userId;
  }
  goBack(): void {
    this.router.navigate(['/channels']);
  }
  isOwner(): boolean {
    const channel = this.channel();
    const userId = this.authService.getUserId();
    return channel?.owner_user_id === userId;
  }
  // Edit methods
  openEditModal(): void {
    const channel = this.channel();
    if (!channel) return;
    this.editDisplayName = channel.display_name;
    this.editDescription = channel.description_name || '';
    this.showEditModal.set(true);
  }
  closeEditModal(): void {
    this.showEditModal.set(false);
  }
  saveChannel(): void {
    const channel = this.channel();
    const userId = this.authService.getUserId();
    if (!channel || !userId) return;
    this.saving.set(true);
    this.apiService.updateChannel(userId, channel.channel_id, {
      display_name: this.editDisplayName,
      description_name: this.editDescription || undefined
    }).subscribe({
      next: (updated) => {
        this.channel.set(updated);
        this.notification.success('Channel updated');
        this.closeEditModal();
        this.saving.set(false);
      },
      error: () => {
        this.saving.set(false);
      }
    });
  }
  // Regenerate keys
  regenerateSubscribeKey(): void {
    const channel = this.channel();
    const userId = this.authService.getUserId();
    if (!channel || !userId) return;
    this.apiService.updateChannel(userId, channel.channel_id, {
      subscribe_key: true
    }).subscribe({
      next: (updated) => {
        this.channel.set(updated);
        this.notification.success('Subscribe key regenerated');
      }
    });
  }
  getSubscriptionStatus(): { label: string; color: string } {
    const channel = this.channel();
    if (!channel) return { label: 'Unknown', color: 'default' };
    if (this.isOwner()) {
      if (channel.subscription) {
        return { label: 'Owned & Subscribed', color: 'green' };
      }
      return { label: 'Owned', color: 'blue' };
    }
    if (channel.subscription) {
      if (channel.subscription.confirmed) {
        return { label: 'Subscribed', color: 'green' };
      }
      return { label: 'Pending', color: 'orange' };
    }
    return { label: 'Not Subscribed', color: 'default' };
  }
  deleteChannel(): void {
    const channel = this.channel();
    const userId = this.authService.getUserId();
    if (!channel || !userId) return;
    this.deleting.set(true);
    this.apiService.deleteChannel(userId, channel.channel_id).subscribe({
      next: () => {
        this.notification.success('Channel deleted');
        this.router.navigate(['/channels']);
      },
      error: () => {
        this.deleting.set(false);
      }
    });
  }
  viewSubscription(sub: Subscription): void {
    this.router.navigate(['/subscriptions', sub.subscription_id]);
  }
  acceptSubscription(sub: Subscription): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.apiService.confirmSubscription(userId, sub.subscription_id, { confirmed: true }).subscribe({
      next: () => {
        this.notification.success('Subscription accepted');
        const channel = this.channel();
        if (channel) {
          this.loadSubscriptions(channel.channel_id);
        }
      }
    });
  }
  denySubscription(sub: Subscription): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.apiService.deleteSubscription(userId, sub.subscription_id).subscribe({
      next: () => {
        this.notification.success('Subscription denied');
        const channel = this.channel();
        if (channel) {
          this.loadSubscriptions(channel.channel_id);
        }
      }
    });
  }
  revokeSubscription(sub: Subscription): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.apiService.deleteSubscription(userId, sub.subscription_id).subscribe({
      next: () => {
        this.notification.success('Subscription revoked');
        const channel = this.channel();
        if (channel) {
          this.loadSubscriptions(channel.channel_id);
        }
      }
    });
  }
  isUserSubscribed(): boolean {
    return this.channel()?.subscription !== null;
  }
  toggleSelfSubscription(): void {
    const channel = this.channel();
    const userId = this.authService.getUserId();
    if (!channel || !userId) return;
    if (this.isUserSubscribed()) {
      // Unsubscribe
      const subscriptionId = channel.subscription!.subscription_id;
      this.apiService.deleteSubscription(userId, subscriptionId).subscribe({
        next: () => {
          this.notification.success('Unsubscribed from channel');
          this.loadChannel(channel.channel_id);
        }
      });
    } else {
      // Subscribe
      this.apiService.createSubscription(userId, { channel_id: channel.channel_id }).subscribe({
        next: () => {
          this.notification.success('Subscribed to channel');
          this.loadChannel(channel.channel_id);
        }
      });
    }
  }
 }
--- a/webapp/src/app/features/channels/channel-list/channel-list.component.html
+++ b/webapp/src/app/features/channels/channel-list/channel-list.component.html
@@ -0,0 +1,163 @@
 <div class="page-content">
  <div class="page-header">
    <h2>Channels</h2>
    <div class="header-actions">
      <button nz-button (click)="loadChannels()">
        <span nz-icon nzType="reload"></span>
        Refresh
      </button>
    </div>
  </div>
  <nz-tabset (nzSelectedIndexChange)="onTabChange($event)">
    <nz-tab nzTitle="All"></nz-tab>
    <nz-tab nzTitle="Owned"></nz-tab>
    <nz-tab nzTitle="Foreign"></nz-tab>
  </nz-tabset>
  @if (getTabDescription()) {
    <nz-alert
      nzType="info"
      [nzMessage]="getTabDescription()!"
      nzShowIcon
      style="margin-bottom: 16px;"
    ></nz-alert>
  }
  <nz-card>
    <nz-table
      #channelTable
      [nzData]="channels()"
      [nzLoading]="loading()"
      [nzShowPagination]="false"
      [nzNoResult]="noResultTpl"
      nzSize="middle"
    >
    <ng-template #noResultTpl></ng-template>
      <thead>
        <tr>
          <th style="width: auto">Name</th>
          <th style="width: auto">Internal Name</th>
          <th style="width: auto">Owner</th>
          <th style="width: 0">Status</th>
          <th style="width: 400px">Subscribers</th>
          <th style="width: 0">Messages</th>
          <th style="width: 0">Last Sent</th>
          @if (expertMode()) {
            <th style="width: 0">Actions</th>
          }
        </tr>
      </thead>
      <tbody>
        @for (channel of channels(); track channel.channel_id) {
          <tr [class.clickable-row]="isOwned(channel)">
            <td>
              @if (isOwned(channel)) {
                <a class="cell-link" [routerLink]="['/channels', channel.channel_id]">
                  <div class="channel-name">{{ channel.display_name }}</div>
                  <div class="channel-id mono">{{ channel.channel_id }}</div>
                </a>
              } @else {
                <div class="channel-name">{{ channel.display_name }}</div>
                <div class="channel-id mono">{{ channel.channel_id }}</div>
              }
            </td>
            <td>
              @if (isOwned(channel)) {
                <a class="cell-link" [routerLink]="['/channels', channel.channel_id]">
                  <span class="mono">{{ channel.internal_name }}</span>
                </a>
              } @else {
                <span class="mono">{{ channel.internal_name }}</span>
              }
            </td>
            <td>
              @if (isOwned(channel)) {
                <a class="cell-link" [routerLink]="['/channels', channel.channel_id]">
                  <div class="channel-name">{{ getOwnerDisplayName(channel.owner_user_id) }}</div>
                  <div class="channel-id mono">{{ channel.owner_user_id }}</div>
                </a>
              } @else {
                <div class="channel-name">{{ getOwnerDisplayName(channel.owner_user_id) }}</div>
                <div class="channel-id mono">{{ channel.owner_user_id }}</div>
              }
            </td>
            <td>
              @if (isOwned(channel)) {
                <a class="cell-link" [routerLink]="['/channels', channel.channel_id]">
                  <nz-tag [nzColor]="getSubscriptionStatus(channel).color">
                    {{ getSubscriptionStatus(channel).label }}
                  </nz-tag>
                </a>
              } @else {
                <nz-tag [nzColor]="getSubscriptionStatus(channel).color">
                  {{ getSubscriptionStatus(channel).label }}
                </nz-tag>
              }
            </td>
            <td>
              @if (isOwned(channel)) {
                <a class="cell-link" [routerLink]="['/channels', channel.channel_id]">
                  <app-channel-subscribers [channelId]="channel.channel_id" />
                </a>
              } @else {
                <span class="text-muted">-</span>
              }
            </td>
            <td>
              @if (isOwned(channel)) {
                <a class="cell-link" [routerLink]="['/channels', channel.channel_id]">
                  {{ channel.messages_sent }}
                </a>
              } @else {
                {{ channel.messages_sent }}
              }
            </td>
            <td>
              @if (isOwned(channel)) {
                <a class="cell-link" [routerLink]="['/channels', channel.channel_id]">
                  @if (channel.timestamp_lastsent) {
                    <div class="timestamp-absolute">{{ channel.timestamp_lastsent | date:'yyyy-MM-dd HH:mm:ss' }}</div>
                    <div class="timestamp-relative">{{ channel.timestamp_lastsent | relativeTime }}</div>
                  } @else {
                    <span class="text-muted">Never</span>
                  }
                </a>
              } @else {
                @if (channel.timestamp_lastsent) {
                  <div class="timestamp-absolute">{{ channel.timestamp_lastsent | date:'yyyy-MM-dd HH:mm:ss' }}</div>
                  <div class="timestamp-relative">{{ channel.timestamp_lastsent | relativeTime }}</div>
                } @else {
                  <span class="text-muted">Never</span>
                }
              }
            </td>
            @if (expertMode()) {
              <td>
                @if (isOwned(channel)) {
                  <button
                    nz-button
                    nzSize="small"
                    [nzType]="channel.subscription ? 'default' : 'primary'"
                    nz-tooltip
                    [nzTooltipTitle]="channel.subscription ? 'Unsubscribe' : 'Subscribe'"
                    (click)="toggleSelfSubscription(channel, $event)"
                  >
                    <span nz-icon [nzType]="channel.subscription ? 'user-delete' : 'user-add'"></span>
                  </button>
                }
              </td>
            }
          </tr>
        } @empty {
          <tr>
            <td [attr.colspan]="expertMode() ? 8 : 7">
              <nz-empty nzNotFoundContent="No channels found"></nz-empty>
            </td>
          </tr>
        }
      </tbody>
    </nz-table>
  </nz-card>
 </div>
--- a/webapp/src/app/features/channels/channel-list/channel-list.component.scss
+++ b/webapp/src/app/features/channels/channel-list/channel-list.component.scss
@@ -0,0 +1,54 @@
 .page-header {
  display: flex;
  justify-content: space-between;
  align-items: center;
  margin-bottom: 16px;
  h2 {
    margin: 0;
  }
 }
 .header-actions {
  display: flex;
  gap: 8px;
 }
 .filter-card {
  margin-bottom: 16px;
 }
 .channel-name {
  font-weight: 500;
  color: #333;
 }
 .channel-id {
  font-size: 11px;
  color: #999;
  margin-top: 2px;
 }
 .text-muted {
  color: #999;
 }
 .timestamp-absolute {
  font-size: 13px;
  color: #333;
  white-space: pre;
 }
 .timestamp-relative {
  font-size: 12px;
  color: #999;
  white-space: pre;
 }
 .clickable-row {
  cursor: pointer;
  &:hover {
    background-color: #fafafa;
  }
 }
--- a/webapp/src/app/features/channels/channel-list/channel-list.component.ts
+++ b/webapp/src/app/features/channels/channel-list/channel-list.component.ts
@@ -0,0 +1,179 @@
 import { Component, inject, signal, computed, OnInit } from '@angular/core';
 import { CommonModule, DatePipe } from '@angular/common';
 import { Router, RouterLink } from '@angular/router';
 import { NzTableModule } from 'ng-zorro-antd/table';
 import { NzButtonModule } from 'ng-zorro-antd/button';
 import { NzIconModule } from 'ng-zorro-antd/icon';
 import { NzTagModule } from 'ng-zorro-antd/tag';
 import { NzBadgeModule } from 'ng-zorro-antd/badge';
 import { NzEmptyModule } from 'ng-zorro-antd/empty';
 import { NzCardModule } from 'ng-zorro-antd/card';
 import { NzToolTipModule } from 'ng-zorro-antd/tooltip';
 import { NzTabsModule } from 'ng-zorro-antd/tabs';
 import { NzAlertModule } from 'ng-zorro-antd/alert';
 import { ApiService } from '../../../core/services/api.service';
 import { AuthService } from '../../../core/services/auth.service';
 import { NotificationService } from '../../../core/services/notification.service';
 import { SettingsService } from '../../../core/services/settings.service';
 import { UserCacheService, ResolvedUser } from '../../../core/services/user-cache.service';
 import { ChannelWithSubscription } from '../../../core/models';
 import { RelativeTimePipe } from '../../../shared/pipes/relative-time.pipe';
 import { ChannelSubscribersComponent } from '../channel-subscribers/channel-subscribers.component';
 type ChannelTab = 'all' | 'owned' | 'foreign';
@Component({
  selector: 'app-channel-list',
  standalone: true,
  imports: [
    CommonModule,
    DatePipe,
    RouterLink,
    NzTableModule,
    NzButtonModule,
    NzIconModule,
    NzTagModule,
    NzBadgeModule,
    NzEmptyModule,
    NzCardModule,
    NzToolTipModule,
    NzTabsModule,
    NzAlertModule,
    RelativeTimePipe,
    ChannelSubscribersComponent,
  ],
  templateUrl: './channel-list.component.html',
  styleUrl: './channel-list.component.scss'
 })
 export class ChannelListComponent implements OnInit {
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private notification = inject(NotificationService);
  private settingsService = inject(SettingsService);
  private userCacheService = inject(UserCacheService);
  private router = inject(Router);
  allChannels = signal<ChannelWithSubscription[]>([]);
  ownerNames = signal<Map<string, ResolvedUser>>(new Map());
  loading = signal(false);
  expertMode = this.settingsService.expertMode;
  activeTab = signal<ChannelTab>('all');
  channels = computed(() => {
    const userId = this.authService.getUserId();
    const all = this.allChannels();
    const tab = this.activeTab();
    switch (tab) {
      case 'owned':
        return all.filter(c => c.owner_user_id === userId);
      case 'foreign':
        return all.filter(c => c.owner_user_id !== userId);
      default:
        return all;
    }
  });
  ngOnInit(): void {
    this.loadChannels();
  }
  loadChannels(): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.loading.set(true);
    this.apiService.getChannels(userId, 'all_any').subscribe({
      next: (response) => {
        this.allChannels.set(response.channels);
        this.loading.set(false);
        this.resolveOwnerNames(response.channels);
      },
      error: () => {
        this.loading.set(false);
      }
    });
  }
  onTabChange(index: number): void {
    const tabs: ChannelTab[] = ['all', 'owned', 'foreign'];
    this.activeTab.set(tabs[index]);
  }
  getTabDescription(): string | null {
    switch (this.activeTab()) {
      case 'owned':
        return 'Channels that you own and can configure.';
      case 'foreign':
        return 'Channels owned by other users that you are subscribed to.';
      default:
        return null;
    }
  }
  private resolveOwnerNames(channels: ChannelWithSubscription[]): void {
    const uniqueOwnerIds = [...new Set(channels.map(c => c.owner_user_id))];
    for (const ownerId of uniqueOwnerIds) {
      this.userCacheService.resolveUser(ownerId).subscribe(resolved => {
        this.ownerNames.update(map => new Map(map).set(ownerId, resolved));
      });
    }
  }
  getOwnerDisplayName(ownerId: string): string {
    const resolved = this.ownerNames().get(ownerId);
    return resolved?.displayName || ownerId;
  }
  isOwned(channel: ChannelWithSubscription): boolean {
    return channel.owner_user_id === this.authService.getUserId();
  }
  viewChannel(channel: ChannelWithSubscription): void {
    this.router.navigate(['/channels', channel.channel_id]);
  }
  getSubscriptionStatus(channel: ChannelWithSubscription): { label: string; color: string } {
    const userId = this.authService.getUserId();
    if (channel.owner_user_id === userId) {
      if (channel.subscription) {
        return { label: 'Owned & Subscribed', color: 'green' };
      }
      return { label: 'Owned', color: 'blue' };
    }
    if (channel.subscription) {
      if (channel.subscription.confirmed) {
        return { label: 'Subscribed', color: 'green' };
      }
      return { label: 'Pending', color: 'orange' };
    }
    return { label: 'Not Subscribed', color: 'default' };
  }
  toggleSelfSubscription(channel: ChannelWithSubscription, event: Event): void {
    event.stopPropagation();
    const userId = this.authService.getUserId();
    if (!userId) return;
    if (channel.subscription) {
      // Unsubscribe
      this.apiService.deleteSubscription(userId, channel.subscription.subscription_id).subscribe({
        next: () => {
          this.notification.success('Unsubscribed from channel');
          this.loadChannels();
        }
      });
    } else {
      // Subscribe
      this.apiService.createSubscription(userId, { channel_id: channel.channel_id }).subscribe({
        next: () => {
          this.notification.success('Subscribed to channel');
          this.loadChannels();
        }
      });
    }
  }
 }
--- a/webapp/src/app/features/channels/channel-subscribers/channel-subscribers.component.ts
+++ b/webapp/src/app/features/channels/channel-subscribers/channel-subscribers.component.ts
@@ -0,0 +1,107 @@
 import { Component, inject, input, signal, OnInit } from '@angular/core';
 import { CommonModule } from '@angular/common';
 import { NzSpinModule } from 'ng-zorro-antd/spin';
 import { NzToolTipModule } from 'ng-zorro-antd/tooltip';
 import { ApiService } from '../../../core/services/api.service';
 import { AuthService } from '../../../core/services/auth.service';
 import { UserCacheService, ResolvedUser } from '../../../core/services/user-cache.service';
 import { Subscription } from '../../../core/models';
@Component({
  selector: 'app-channel-subscribers',
  standalone: true,
  imports: [CommonModule, NzSpinModule, NzToolTipModule],
  template: `
    @if (loading()) {
      <nz-spin nzSimple nzSize="small"></nz-spin>
    } @else if (subscribers().length === 0) {
      <span class="text-muted">None</span>
    } @else {
      <div class="subscribers-list">
        @for (sub of subscribers(); track sub.subscription_id) {
          <span
            class="subscriber"
            [class.unconfirmed]="!sub.confirmed"
            nz-tooltip
            [nzTooltipTitle]="getTooltip(sub)"
          >
            {{ getDisplayName(sub.subscriber_user_id) }}
          </span>
        }
      </div>
    }
  `,
  styles: [`
    .text-muted {
      color: #999;
    }
    .subscribers-list {
      display: flex;
      flex-wrap: wrap;
      gap: 4px;
    }
    .subscriber {
      background: #f0f0f0;
      padding: 2px 8px;
      border-radius: 4px;
      font-size: 12px;
    }
    .subscriber.unconfirmed {
      background: #fff7e6;
      color: #d48806;
    }
  `]
 })
 export class ChannelSubscribersComponent implements OnInit {
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private userCacheService = inject(UserCacheService);
  channelId = input.required<string>();
  loading = signal(true);
  subscribers = signal<Subscription[]>([]);
  userNames = signal<Map<string, ResolvedUser>>(new Map());
  ngOnInit(): void {
    this.loadSubscribers();
  }
  private loadSubscribers(): void {
    const userId = this.authService.getUserId();
    if (!userId) {
      this.loading.set(false);
      return;
    }
    this.apiService.getChannelSubscriptions(userId, this.channelId()).subscribe({
      next: (response) => {
        this.subscribers.set(response.subscriptions);
        this.loading.set(false);
        this.resolveUserNames(response.subscriptions);
      },
      error: () => {
        this.loading.set(false);
      }
    });
  }
  private resolveUserNames(subscriptions: Subscription[]): void {
    const userIds = new Set(subscriptions.map(s => s.subscriber_user_id));
    for (const userId of userIds) {
      this.userCacheService.resolveUser(userId).subscribe(resolved => {
        this.userNames.update(map => new Map(map).set(userId, resolved));
      });
    }
  }
  getDisplayName(userId: string): string {
    const resolved = this.userNames().get(userId);
    return resolved?.displayName || userId;
  }
  getTooltip(sub: Subscription): string {
    const status = sub.confirmed ? 'Confirmed' : 'Pending';
    return `${sub.subscriber_user_id} (${status})`;
  }
 }
--- a/webapp/src/app/features/clients/client-detail/client-detail.component.html
+++ b/webapp/src/app/features/clients/client-detail/client-detail.component.html
@@ -0,0 +1,74 @@
 <div class="page-content">
  @if (loading()) {
    <div class="loading-container">
      <nz-spin nzSimple nzSize="large"></nz-spin>
    </div>
  } @else if (client()) {
    <div class="detail-header">
      <button nz-button (click)="goBack()">
        <span nz-icon nzType="arrow-left" nzTheme="outline"></span>
        Back to Clients
      </button>
      @if (expertMode()) {
        <div class="header-actions">
          <button
            nz-button
            nzDanger
            nz-popconfirm
            nzPopconfirmTitle="Are you sure you want to delete this client?"
            (nzOnConfirm)="deleteClient()"
          >
            <span nz-icon nzType="delete"></span>
            Delete
          </button>
        </div>
      }
    </div>
    <nz-card>
      <div class="client-header">
        <span
          nz-icon
          [nzType]="getClientIcon(client()!.type)"
          nzTheme="outline"
          class="client-type-icon"
        ></span>
        <h2 class="client-title">{{ client()!.name || 'Unnamed Client' }}</h2>
        <nz-tag>{{ getClientTypeLabel(client()!.type) }}</nz-tag>
      </div>
      <scn-metadata-grid>
        <scn-metadata-value label="Client ID">
          <span class="mono">{{ client()!.client_id }}</span>
        </scn-metadata-value>
        <scn-metadata-value label="Type">
          <nz-tag>{{ getClientTypeLabel(client()!.type) }}</nz-tag>
        </scn-metadata-value>
        <scn-metadata-value label="Agent">
          <div class="agent-info">
            <span>{{ client()!.agent_model }}</span>
            <span class="agent-version">v{{ client()!.agent_version }}</span>
          </div>
        </scn-metadata-value>
        <scn-metadata-value label="Created">
          <div class="timestamp-absolute">{{ client()!.timestamp_created | date:'yyyy-MM-dd HH:mm:ss' }}</div>
          <div class="timestamp-relative">{{ client()!.timestamp_created | relativeTime }}</div>
        </scn-metadata-value>
        <scn-metadata-value label="FCM Token">
          <span class="mono fcm-token" nz-tooltip [nzTooltipTitle]="client()!.fcm_token">
            {{ client()!.fcm_token }}
          </span>
        </scn-metadata-value>
      </scn-metadata-grid>
    </nz-card>
  } @else {
    <nz-card>
      <div class="not-found">
        <p>Client not found</p>
        <button nz-button nzType="primary" (click)="goBack()">
          Back to Clients
        </button>
      </div>
    </nz-card>
  }
 </div>
--- a/webapp/src/app/features/clients/client-detail/client-detail.component.scss
+++ b/webapp/src/app/features/clients/client-detail/client-detail.component.scss
@@ -0,0 +1,69 @@
 .loading-container {
  display: flex;
  justify-content: center;
  align-items: center;
  min-height: 300px;
 }
 .header-actions {
  display: flex;
  gap: 8px;
 }
 .client-header {
  display: flex;
  align-items: center;
  gap: 12px;
  margin-bottom: 16px;
 }
 .client-type-icon {
  font-size: 24px;
  color: #666;
 }
 .client-title {
  margin: 0;
  font-size: 20px;
  font-weight: 500;
 }
 .agent-info {
  display: flex;
  flex-direction: column;
  .agent-version {
    font-size: 12px;
    color: #999;
  }
 }
 .fcm-token {
  display: block;
  max-width: 300px;
  overflow: hidden;
  text-overflow: ellipsis;
  white-space: nowrap;
 }
 .not-found {
  text-align: center;
  padding: 48px;
  p {
    color: #999;
    margin-bottom: 16px;
  }
 }
 .timestamp-absolute {
  font-size: 13px;
  color: #333;
  white-space: pre;
 }
 .timestamp-relative {
  font-size: 12px;
  color: #999;
  white-space: pre;
 }
--- a/webapp/src/app/features/clients/client-detail/client-detail.component.ts
+++ b/webapp/src/app/features/clients/client-detail/client-detail.component.ts
@@ -0,0 +1,105 @@
 import { Component, inject, signal, OnInit } from '@angular/core';
 import { CommonModule, DatePipe } from '@angular/common';
 import { ActivatedRoute, Router } from '@angular/router';
 import { NzCardModule } from 'ng-zorro-antd/card';
 import { NzButtonModule } from 'ng-zorro-antd/button';
 import { NzIconModule } from 'ng-zorro-antd/icon';
 import { NzTagModule } from 'ng-zorro-antd/tag';
 import { NzSpinModule } from 'ng-zorro-antd/spin';
 import { NzPopconfirmModule } from 'ng-zorro-antd/popconfirm';
 import { NzToolTipModule } from 'ng-zorro-antd/tooltip';
 import { ApiService } from '../../../core/services/api.service';
 import { AuthService } from '../../../core/services/auth.service';
 import { NotificationService } from '../../../core/services/notification.service';
 import { SettingsService } from '../../../core/services/settings.service';
 import { Client, ClientType, getClientTypeIcon } from '../../../core/models';
 import { RelativeTimePipe } from '../../../shared/pipes/relative-time.pipe';
 import { MetadataGridComponent, MetadataValueComponent } from '../../../shared/components/metadata-grid';
@Component({
  selector: 'app-client-detail',
  standalone: true,
  imports: [
    CommonModule,
    DatePipe,
    NzCardModule,
    NzButtonModule,
    NzIconModule,
    NzTagModule,
    NzSpinModule,
    NzPopconfirmModule,
    NzToolTipModule,
    RelativeTimePipe,
    MetadataGridComponent,
    MetadataValueComponent,
  ],
  templateUrl: './client-detail.component.html',
  styleUrl: './client-detail.component.scss'
 })
 export class ClientDetailComponent implements OnInit {
  private route = inject(ActivatedRoute);
  private router = inject(Router);
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private notification = inject(NotificationService);
  private settingsService = inject(SettingsService);
  client = signal<Client | null>(null);
  loading = signal(true);
  expertMode = this.settingsService.expertMode;
  ngOnInit(): void {
    const clientId = this.route.snapshot.paramMap.get('id');
    if (clientId) {
      this.loadClient(clientId);
    }
  }
  loadClient(clientId: string): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.loading.set(true);
    this.apiService.getClient(userId, clientId).subscribe({
      next: (client) => {
        this.client.set(client);
        this.loading.set(false);
      },
      error: () => {
        this.loading.set(false);
      }
    });
  }
  goBack(): void {
    this.router.navigate(['/clients']);
  }
  getClientIcon(type: ClientType): string {
    return getClientTypeIcon(type);
  }
  getClientTypeLabel(type: ClientType): string {
    switch (type) {
      case 'ANDROID': return 'Android';
      case 'IOS': return 'iOS';
      case 'MACOS': return 'macOS';
      case 'WINDOWS': return 'Windows';
      case 'LINUX': return 'Linux';
      default: return type;
    }
  }
  deleteClient(): void {
    const client = this.client();
    const userId = this.authService.getUserId();
    if (!client || !userId) return;
    this.apiService.deleteClient(userId, client.client_id).subscribe({
      next: () => {
        this.notification.success('Client deleted');
        this.router.navigate(['/clients']);
      }
    });
  }
 }
--- a/webapp/src/app/features/clients/client-list/client-list.component.html
+++ b/webapp/src/app/features/clients/client-list/client-list.component.html
@@ -0,0 +1,78 @@
 <div class="page-content">
  <div class="page-header">
    <h2>Clients</h2>
    <button nz-button (click)="loadClients()">
      <span nz-icon nzType="reload"></span>
      Refresh
    </button>
  </div>
  <nz-card>
    <nz-table
      #clientTable
      [nzData]="clients()"
      [nzLoading]="loading()"
      [nzShowPagination]="false"
      [nzNoResult]="noResultTpl"
      nzSize="middle"
    >
    <ng-template #noResultTpl></ng-template>
      <thead>
        <tr>
          <th nzWidth="0"></th>
          <th>Name</th>
          <th nzWidth="0">Type</th>
          <th nzWidth="0">Agent</th>
          <th nzWidth="0">Created</th>
        </tr>
      </thead>
      <tbody>
        @for (client of clients(); track client.client_id) {
          <tr class="clickable-row">
            <td>
              <a class="cell-link" [routerLink]="['/clients', client.client_id]">
                <span
                  nz-icon
                  [nzType]="getClientIcon(client.type)"
                  nzTheme="outline"
                  class="client-icon"
                ></span>
              </a>
            </td>
            <td>
              <a class="cell-link" [routerLink]="['/clients', client.client_id]">
                <div class="client-name">{{ client.name || '-' }}</div>
                <div class="client-id mono">{{ client.client_id }}</div>
              </a>
            </td>
            <td>
              <a class="cell-link" [routerLink]="['/clients', client.client_id]">
                <nz-tag>{{ getClientTypeLabel(client.type) }}</nz-tag>
              </a>
            </td>
            <td>
              <a class="cell-link" [routerLink]="['/clients', client.client_id]">
                <div class="agent-info">
                  <span style="white-space: pre;">{{ client.agent_model }}</span>
                  <span style="white-space: pre;" class="agent-version">v{{ client.agent_version }}</span>
                </div>
              </a>
            </td>
            <td>
              <a class="cell-link" [routerLink]="['/clients', client.client_id]">
                <div class="timestamp-absolute">{{ client.timestamp_created | date:'yyyy-MM-dd HH:mm:ss' }}</div>
                <div class="timestamp-relative">{{ client.timestamp_created | relativeTime }}</div>
              </a>
            </td>
          </tr>
        } @empty {
          <tr>
            <td colspan="5">
              <nz-empty nzNotFoundContent="No clients registered"></nz-empty>
            </td>
          </tr>
        }
      </tbody>
    </nz-table>
  </nz-card>
 </div>
--- a/webapp/src/app/features/clients/client-list/client-list.component.scss
+++ b/webapp/src/app/features/clients/client-list/client-list.component.scss
@@ -0,0 +1,56 @@
 .page-header {
  display: flex;
  justify-content: space-between;
  align-items: center;
  margin-bottom: 16px;
  h2 {
    margin: 0;
  }
 }
 .client-icon {
  font-size: 18px;
  color: #666;
 }
 .agent-info {
  display: flex;
  flex-direction: column;
  .agent-version {
    font-size: 12px;
    color: #999;
  }
 }
 .client-name {
  font-weight: 500;
  color: #333;
 }
 .client-id {
  font-size: 11px;
  color: #999;
  margin-top: 2px;
 }
 .clickable-row {
  cursor: pointer;
  &:hover {
    background-color: #fafafa;
  }
 }
 .timestamp-absolute {
  font-size: 13px;
  color: #333;
  white-space: pre;
 }
 .timestamp-relative {
  font-size: 12px;
  color: #999;
  white-space: pre;
 }
--- a/webapp/src/app/features/clients/client-list/client-list.component.ts
+++ b/webapp/src/app/features/clients/client-list/client-list.component.ts
@@ -0,0 +1,81 @@
 import { Component, inject, signal, OnInit } from '@angular/core';
 import { CommonModule, DatePipe } from '@angular/common';
 import { Router, RouterLink } from '@angular/router';
 import { NzTableModule } from 'ng-zorro-antd/table';
 import { NzButtonModule } from 'ng-zorro-antd/button';
 import { NzIconModule } from 'ng-zorro-antd/icon';
 import { NzTagModule } from 'ng-zorro-antd/tag';
 import { NzEmptyModule } from 'ng-zorro-antd/empty';
 import { NzCardModule } from 'ng-zorro-antd/card';
 import { NzToolTipModule } from 'ng-zorro-antd/tooltip';
 import { ApiService } from '../../../core/services/api.service';
 import { AuthService } from '../../../core/services/auth.service';
 import { Client, ClientType, getClientTypeIcon } from '../../../core/models';
 import { RelativeTimePipe } from '../../../shared/pipes/relative-time.pipe';
@Component({
  selector: 'app-client-list',
  standalone: true,
  imports: [
    CommonModule,
    DatePipe,
    RouterLink,
    NzTableModule,
    NzButtonModule,
    NzIconModule,
    NzTagModule,
    NzEmptyModule,
    NzCardModule,
    NzToolTipModule,
    RelativeTimePipe,
  ],
  templateUrl: './client-list.component.html',
  styleUrl: './client-list.component.scss'
 })
 export class ClientListComponent implements OnInit {
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private router = inject(Router);
  clients = signal<Client[]>([]);
  loading = signal(false);
  ngOnInit(): void {
    this.loadClients();
  }
  loadClients(): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.loading.set(true);
    this.apiService.getClients(userId).subscribe({
      next: (response) => {
        this.clients.set(response.clients);
        this.loading.set(false);
      },
      error: () => {
        this.loading.set(false);
      }
    });
  }
  getClientIcon(type: ClientType): string {
    return getClientTypeIcon(type);
  }
  getClientTypeLabel(type: ClientType): string {
    switch (type) {
      case 'ANDROID': return 'Android';
      case 'IOS': return 'iOS';
      case 'MACOS': return 'macOS';
      case 'WINDOWS': return 'Windows';
      case 'LINUX': return 'Linux';
      default: return type;
    }
  }
  openClient(clientId: string): void {
    this.router.navigate(['/clients', clientId]);
  }
 }
--- a/webapp/src/app/features/keys/key-detail/key-detail.component.html
+++ b/webapp/src/app/features/keys/key-detail/key-detail.component.html
@@ -0,0 +1,276 @@
 <div class="page-content">
  @if (loading()) {
    <div class="loading-container">
      <nz-spin nzSimple nzSize="large"></nz-spin>
    </div>
  } @else if (key()) {
    <div class="detail-header">
      <button nz-button (click)="goBack()">
        <span nz-icon nzType="arrow-left" nzTheme="outline"></span>
        Back to Keys
      </button>
      <div class="header-actions">
        <button nz-button (click)="openEditModal()">
          <span nz-icon nzType="edit"></span>
          Edit
        </button>
        @if (!isCurrentKey()) {
          <button
            nz-button
            nzDanger
            nz-popconfirm
            nzPopconfirmTitle="Are you sure you want to delete this key?"
            (nzOnConfirm)="deleteKey()"
          >
            <span nz-icon nzType="delete"></span>
            Delete
          </button>
        }
      </div>
    </div>
    <nz-card>
      <div class="key-header">
        <h2 class="key-title">{{ key()!.name }}</h2>
        @if (isCurrentKey()) {
          <nz-tag nzColor="cyan">Current</nz-tag>
        }
      </div>
      <scn-metadata-grid>
        <scn-metadata-value label="Key ID">
          <span class="mono">{{ key()!.keytoken_id }}</span>
        </scn-metadata-value>
        <scn-metadata-value label="Permissions">
          <div class="permissions">
            @for (perm of getPermissions(); track perm) {
              <nz-tag
                [nzColor]="getPermissionColor(perm)"
                nz-tooltip
                [nzTooltipTitle]="getPermissionLabel(perm)"
              >
                {{ perm }}
              </nz-tag>
            }
          </div>
        </scn-metadata-value>
        <scn-metadata-value label="Channel Access">
          @if (key()!.all_channels) {
            <nz-tag nzColor="default">All Channels</nz-tag>
          } @else if (key()!.channels && key()!.channels.length > 0) {
            <div class="channel-list">
              @for (channelId of key()!.channels; track channelId) {
                <nz-tag nzColor="orange" nz-tooltip [nzTooltipTitle]="channelId">
                  {{ getChannelDisplayName(channelId) }}
                </nz-tag>
              }
            </div>
          } @else {
            <span class="text-muted">No channels</span>
          }
        </scn-metadata-value>
        <scn-metadata-value label="Messages Sent">
          {{ key()!.messages_sent }}
        </scn-metadata-value>
        <scn-metadata-value label="Created">
          <div class="timestamp-absolute">{{ key()!.timestamp_created | date:'yyyy-MM-dd HH:mm:ss' }}</div>
          <div class="timestamp-relative">{{ key()!.timestamp_created | relativeTime }}</div>
        </scn-metadata-value>
        <scn-metadata-value label="Last Used">
          @if (key()!.timestamp_lastused) {
            <div class="timestamp-absolute">{{ key()!.timestamp_lastused | date:'yyyy-MM-dd HH:mm:ss' }}</div>
            <div class="timestamp-relative">{{ key()!.timestamp_lastused | relativeTime }}</div>
          } @else {
            <span class="text-muted">Never</span>
          }
        </scn-metadata-value>
        <scn-metadata-value label="Owner">
          @if (resolvedOwner()) {
            <div class="owner-name">{{ resolvedOwner()!.displayName }}</div>
            <div class="owner-id mono">{{ key()!.owner_user_id }}</div>
          } @else {
            <span class="mono">{{ key()!.owner_user_id }}</span>
          }
        </scn-metadata-value>
      </scn-metadata-grid>
    </nz-card>
    <nz-card nzTitle="Messages" class="mt-16">
      <nz-table
        #messageTable
        [nzData]="messages()"
        [nzLoading]="loadingMessages()"
        [nzShowPagination]="false"
        [nzNoResult]="noMessagesResultTpl"
        nzSize="small"
      >
        <ng-template #noMessagesResultTpl></ng-template>
        <thead>
          <tr>
            <th>Title</th>
            <th>Content</th>
            <th nzWidth="0">Channel</th>
            <th nzWidth="0">Sender</th>
            <th nzWidth="0">Priority</th>
            <th nzWidth="0">Time</th>
          </tr>
        </thead>
        <tbody>
          @for (message of messages(); track message.message_id) {
            <tr class="clickable-row">
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <div class="message-title">{{ message.title }}</div>
                  <div class="message-id mono">{{ message.message_id }}</div>
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  @if (message.content) {
                    <div class="message-content">{{ message.content | slice:0:128 }}{{ message.content.length > 128 ? '...' : '' }}</div>
                  } @else {
                    <span class="text-muted"></span>
                  }
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <div class="cell-name">{{ message.channel_internal_name }}</div>
                  <div class="cell-id mono">{{ message.channel_id }}</div>
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <span style="white-space: pre">{{ message.sender_name || '-' }}</span>
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <nz-tag [nzColor]="getPriorityColor(message.priority)">
                    {{ getPriorityLabel(message.priority) }}
                  </nz-tag>
                </a>
              </td>
              <td>
                <a class="cell-link" [routerLink]="['/messages', message.message_id]">
                  <div class="timestamp-absolute">{{ message.timestamp | date:'yyyy-MM-dd HH:mm:ss' }}</div>
                  <div class="timestamp-relative">{{ message.timestamp | relativeTime }}</div>
                </a>
              </td>
            </tr>
          } @empty {
            <tr>
              <td colspan="6">
                <nz-empty nzNotFoundContent="No messages sent with this key"></nz-empty>
              </td>
            </tr>
          }
        </tbody>
      </nz-table>
      @if (messagesTotalCount() > messagesPageSize) {
        <div class="pagination-controls">
          <nz-pagination
            [nzPageIndex]="messagesCurrentPage()"
            [nzPageSize]="messagesPageSize"
            [nzTotal]="messagesTotalCount()"
            [nzDisabled]="loadingMessages()"
            (nzPageIndexChange)="messagesGoToPage($event)"
          ></nz-pagination>
        </div>
      }
    </nz-card>
  } @else {
    <nz-card>
      <div class="not-found">
        <p>Key not found</p>
        <button nz-button nzType="primary" (click)="goBack()">
          Back to Keys
        </button>
      </div>
    </nz-card>
  }
 </div>
 <!-- Edit Modal -->
 <nz-modal
  [(nzVisible)]="showEditModal"
  nzTitle="Edit Key"
  (nzOnCancel)="closeEditModal()"
  [nzFooter]="editModalFooter"
  nzWidth="500px"
 >
  <ng-container *nzModalContent>
    <nz-form-item>
      <nz-form-label>Name</nz-form-label>
      <nz-form-control>
        <input
          type="text"
          nz-input
          placeholder="Enter a name for this key"
          [(ngModel)]="editKeyName"
        />
      </nz-form-control>
    </nz-form-item>
    <nz-form-item>
      <nz-form-label>Permissions</nz-form-label>
      <nz-form-control>
        <div class="permission-checkboxes">
          @for (opt of permissionOptions; track opt.value) {
            <label
              nz-checkbox
              [nzChecked]="isEditPermissionChecked(opt.value)"
              [nzDisabled]="opt.value !== 'A' && isEditPermissionChecked('A')"
              (nzCheckedChange)="onEditPermissionChange(opt.value, $event)"
            >
              <nz-tag [nzColor]="getPermissionColor(opt.value)">{{ opt.value }}</nz-tag>
              <span class="perm-label">{{ opt.label }}</span>
              <span class="perm-desc">- {{ opt.description }}</span>
            </label>
          }
        </div>
      </nz-form-control>
    </nz-form-item>
    <nz-form-item>
      <label nz-checkbox [(ngModel)]="editKeyAllChannels">
        Access to all channels
      </label>
    </nz-form-item>
    @if (!editKeyAllChannels) {
      <nz-form-item class="mb-0">
        <nz-form-label>Channels</nz-form-label>
        <nz-form-control>
          <nz-select
            [(ngModel)]="editKeyChannels"
            nzMode="multiple"
            nzPlaceHolder="Select channels"
            nzShowSearch
            style="width: 100%"
          >
            @for (channel of availableChannels(); track channel.channel_id) {
              <nz-option
                [nzValue]="channel.channel_id"
                [nzLabel]="getChannelLabel(channel)"
              ></nz-option>
            }
          </nz-select>
        </nz-form-control>
      </nz-form-item>
    }
  </ng-container>
 </nz-modal>
 <ng-template #editModalFooter>
  <button nz-button (click)="closeEditModal()">Cancel</button>
  <button
    nz-button
    nzType="primary"
    [nzLoading]="updating()"
    [disabled]="!editKeyName.trim() || editKeyPermissions.length === 0"
    (click)="updateKey()"
  >
    Save
  </button>
 </ng-template>
--- a/webapp/src/app/features/keys/key-detail/key-detail.component.scss
+++ b/webapp/src/app/features/keys/key-detail/key-detail.component.scss
@@ -0,0 +1,145 @@
 .loading-container {
  display: flex;
  justify-content: center;
  align-items: center;
  min-height: 300px;
 }
 .header-actions {
  display: flex;
  gap: 8px;
 }
 .key-header {
  display: flex;
  align-items: center;
  gap: 12px;
  margin-bottom: 16px;
 }
 .key-title {
  margin: 0;
  font-size: 20px;
  font-weight: 500;
 }
 .permissions {
  display: flex;
  flex-wrap: wrap;
  gap: 4px;
 }
 .channel-list {
  display: flex;
  flex-wrap: wrap;
  gap: 4px;
 }
 .text-muted {
  color: #999;
 }
 .owner-name {
  font-weight: 500;
  color: #333;
 }
 .owner-id {
  font-size: 11px;
  color: #999;
  margin-top: 2px;
 }
 .not-found {
  text-align: center;
  padding: 48px;
  p {
    color: #999;
    margin-bottom: 16px;
  }
 }
 .permission-checkboxes {
  display: flex;
  flex-direction: column;
  gap: 8px;
  label {
    display: flex;
    align-items: center;
    margin-left: 0;
  }
  nz-tag {
    width: 32px;
    text-align: center;
    margin-right: 8px;
  }
  .perm-label {
    min-width: 100px;
  }
  .perm-desc {
    color: #999;
    font-size: 12px;
  }
 }
 .timestamp-absolute {
  font-size: 13px;
  color: #333;
  white-space: pre;
 }
 .timestamp-relative {
  font-size: 12px;
  color: #999;
  white-space: pre;
 }
 .clickable-row {
  cursor: pointer;
  &:hover {
    background-color: #fafafa;
  }
 }
 .message-title {
  font-weight: 500;
  color: #333;
 }
 .message-id {
  font-size: 11px;
  color: #999;
  margin-top: 2px;
 }
 .message-content {
  font-size: 12px;
  color: #666;
  white-space: pre;
  max-height: 2lh;
  overflow-y: clip;
 }
 .cell-name {
  font-weight: 500;
  color: #333;
 }
 .cell-id {
  font-size: 11px;
  color: #999;
  margin-top: 2px;
 }
 .pagination-controls {
  display: flex;
  justify-content: center;
  align-items: center;
  padding: 16px 0;
 }
--- a/webapp/src/app/features/keys/key-detail/key-detail.component.ts
+++ b/webapp/src/app/features/keys/key-detail/key-detail.component.ts
@@ -0,0 +1,332 @@
 import { Component, inject, signal, OnInit } from '@angular/core';
 import { CommonModule, DatePipe } from '@angular/common';
 import { ActivatedRoute, Router, RouterLink } from '@angular/router';
 import { FormsModule } from '@angular/forms';
 import { NzCardModule } from 'ng-zorro-antd/card';
 import { NzButtonModule } from 'ng-zorro-antd/button';
 import { NzIconModule } from 'ng-zorro-antd/icon';
 import { NzTagModule } from 'ng-zorro-antd/tag';
 import { NzSpinModule } from 'ng-zorro-antd/spin';
 import { NzPopconfirmModule } from 'ng-zorro-antd/popconfirm';
 import { NzModalModule } from 'ng-zorro-antd/modal';
 import { NzFormModule } from 'ng-zorro-antd/form';
 import { NzInputModule } from 'ng-zorro-antd/input';
 import { NzCheckboxModule } from 'ng-zorro-antd/checkbox';
 import { NzSelectModule } from 'ng-zorro-antd/select';
 import { NzToolTipModule } from 'ng-zorro-antd/tooltip';
 import { NzTableModule } from 'ng-zorro-antd/table';
 import { NzEmptyModule } from 'ng-zorro-antd/empty';
 import { NzPaginationModule } from 'ng-zorro-antd/pagination';
 import { ApiService } from '../../../core/services/api.service';
 import { AuthService } from '../../../core/services/auth.service';
 import { NotificationService } from '../../../core/services/notification.service';
 import { ChannelCacheService, ResolvedChannel } from '../../../core/services/channel-cache.service';
 import { UserCacheService, ResolvedUser } from '../../../core/services/user-cache.service';
 import { KeyToken, parsePermissions, TokenPermission, ChannelWithSubscription, Message } from '../../../core/models';
 import { RelativeTimePipe } from '../../../shared/pipes/relative-time.pipe';
 import { MetadataGridComponent, MetadataValueComponent } from '../../../shared/components/metadata-grid';
 interface PermissionOption {
  value: TokenPermission;
  label: string;
  description: string;
 }
@Component({
  selector: 'app-key-detail',
  standalone: true,
  imports: [
    CommonModule,
    DatePipe,
    FormsModule,
    RouterLink,
    NzCardModule,
    NzButtonModule,
    NzIconModule,
    NzTagModule,
    NzSpinModule,
    NzPopconfirmModule,
    NzModalModule,
    NzFormModule,
    NzInputModule,
    NzCheckboxModule,
    NzSelectModule,
    NzToolTipModule,
    NzTableModule,
    NzEmptyModule,
    NzPaginationModule,
    RelativeTimePipe,
    MetadataGridComponent,
    MetadataValueComponent,
  ],
  templateUrl: './key-detail.component.html',
  styleUrl: './key-detail.component.scss'
 })
 export class KeyDetailComponent implements OnInit {
  private route = inject(ActivatedRoute);
  private router = inject(Router);
  private apiService = inject(ApiService);
  private authService = inject(AuthService);
  private notification = inject(NotificationService);
  private channelCacheService = inject(ChannelCacheService);
  private userCacheService = inject(UserCacheService);
  key = signal<KeyToken | null>(null);
  currentKeyId = signal<string | null>(null);
  loading = signal(true);
  channelNames = signal<Map<string, ResolvedChannel>>(new Map());
  availableChannels = signal<ChannelWithSubscription[]>([]);
  resolvedOwner = signal<ResolvedUser | null>(null);
  // Messages
  messages = signal<Message[]>([]);
  loadingMessages = signal(false);
  messagesPageSize = 16;
  messagesTotalCount = signal(0);
  messagesCurrentPage = signal(1);
  messagesNextPageToken = signal<string | null>(null);
  // Edit modal
  showEditModal = signal(false);
  editKeyName = '';
  editKeyPermissions: TokenPermission[] = [];
  editKeyAllChannels = true;
  editKeyChannels: string[] = [];
  updating = signal(false);
  permissionOptions: PermissionOption[] = [
    { value: 'A', label: 'Admin', description: 'Full access to all operations' },
    { value: 'CR', label: 'Channel Read', description: 'Read messages from channels' },
    { value: 'CS', label: 'Channel Send', description: 'Send messages to channels' },
    { value: 'UR', label: 'User Read', description: 'Read user information' },
  ];
  ngOnInit(): void {
    const keyId = this.route.snapshot.paramMap.get('id');
    if (keyId) {
      this.loadKey(keyId);
      this.loadCurrentKey();
      this.loadAvailableChannels();
    }
  }
  loadKey(keyId: string): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.loading.set(true);
    this.apiService.getKey(userId, keyId).subscribe({
      next: (key) => {
        this.key.set(key);
        this.loading.set(false);
        this.resolveChannelNames(key);
        this.resolveOwner(key.owner_user_id);
        this.loadMessages(keyId);
      },
      error: () => {
        this.loading.set(false);
      }
    });
  }
  loadMessages(keyId: string, nextPageToken?: string): void {
    this.loadingMessages.set(true);
    this.apiService.getMessages({
      subscription_status: 'all',
      used_key: keyId,
      page_size: this.messagesPageSize,
      next_page_token: nextPageToken,
      trimmed: true
    }).subscribe({
      next: (response) => {
        this.messages.set(response.messages);
        this.messagesTotalCount.set(response.total_count);
        this.messagesNextPageToken.set(response.next_page_token || null);
        this.loadingMessages.set(false);
      },
      error: () => {
        this.loadingMessages.set(false);
      }
    });
  }
  messagesGoToPage(page: number): void {
    const key = this.key();
    if (!key) return;
    this.messagesCurrentPage.set(page);
    if (page === 1) {
      this.loadMessages(key.keytoken_id);
    } else {
      const token = this.messagesNextPageToken();
      if (token) {
        this.loadMessages(key.keytoken_id, token);
      }
    }
  }
  viewMessage(message: Message): void {
    this.router.navigate(['/messages', message.message_id]);
  }
  getPriorityColor(priority: number): string {
    switch (priority) {
      case 0: return 'default';
      case 1: return 'blue';
      case 2: return 'orange';
      default: return 'default';
    }
  }
  getPriorityLabel(priority: number): string {
    switch (priority) {
      case 0: return 'Low';
      case 1: return 'Normal';
      case 2: return 'High';
      default: return 'Unknown';
    }
  }
  private resolveOwner(ownerId: string): void {
    this.userCacheService.resolveUser(ownerId).subscribe(resolved => {
      this.resolvedOwner.set(resolved);
    });
  }
  loadCurrentKey(): void {
    const userId = this.authService.getUserId();
    if (!userId) return;
    this.apiService.getCurrentKey(userId).subscribe({
      next: (key) => {
        this.currentKeyId.set(key.keytoken_id);
      }
    });
  }
  loadAvailableChannels(): void {
    this.channelCacheService.getAllChannels().subscribe(channels => {
      this.availableChannels.set(channels);
    });
  }
  private resolveChannelNames(key: KeyToken): void {
    if (!key.all_channels && key.channels && key.channels.length > 0) {
      this.channelCacheService.resolveChannels(key.channels).subscribe(resolved => {
        this.channelNames.set(resolved);
      });
    }
  }
  goBack(): void {
    this.router.navigate(['/keys']);
  }
  isCurrentKey(): boolean {
    const key = this.key();
    return key?.keytoken_id === this.currentKeyId();
  }
  getPermissions(): TokenPermission[] {
    const key = this.key();
    return key ? parsePermissions(key.permissions) : [];
  }
  getPermissionColor(perm: TokenPermission): string {
    switch (perm) {
      case 'A': return 'red';
      case 'CR': return 'blue';
      case 'CS': return 'green';
      case 'UR': return 'purple';
      default: return 'default';
    }
  }
  getPermissionLabel(perm: TokenPermission): string {
    const option = this.permissionOptions.find(o => o.value === perm);
    return option?.label || perm;
  }
  getChannelDisplayName(channelId: string): string {
    const resolved = this.channelNames().get(channelId);
    return resolved?.displayName || channelId;
  }
  getChannelLabel(channel: ChannelWithSubscription): string {
    return channel.display_name || channel.internal_name;
  }
  // Edit modal
  openEditModal(): void {
    const key = this.key();
    if (!key) return;
    this.editKeyName = key.name;
    this.editKeyPermissions = parsePermissions(key.permissions);
    this.editKeyAllChannels = key.all_channels;
    this.editKeyChannels = key.channels ? [...key.channels] : [];
    this.showEditModal.set(true);
  }
  closeEditModal(): void {
    this.showEditModal.set(false);
  }
  updateKey(): void {
    const userId = this.authService.getUserId();
    const key = this.key();
    if (!userId || !key || !this.editKeyName.trim() || this.editKeyPermissions.length === 0) return;
    this.updating.set(true);
    this.apiService.updateKey(userId, key.keytoken_id, {
      name: this.editKeyName.trim(),
      permissions: this.editKeyPermissions.join(';'),
      all_channels: this.editKeyAllChannels,
      channels: this.editKeyAllChannels ? undefined : this.editKeyChannels
    }).subscribe({
      next: (updated) => {
        this.key.set(updated);
        this.notification.success('Key updated');
        this.updating.set(false);
        this.closeEditModal();
        this.resolveChannelNames(updated);
      },
      error: () => {
        this.updating.set(false);
      }
    });
  }
  onEditPermissionChange(perm: TokenPermission, checked: boolean): void {
    if (checked) {
      if (perm === 'A') {
        this.editKeyPermissions = ['A'];
      } else if (!this.editKeyPermissions.includes(perm)) {
        this.editKeyPermissions = [...this.editKeyPermissions, perm];
      }
    } else {
      this.editKeyPermissions = this.editKeyPermissions.filter(p => p !== perm);
    }
  }
  isEditPermissionChecked(perm: TokenPermission): boolean {
    return this.editKeyPermissions.includes(perm);
  }
  deleteKey(): void {
    const key = this.key();
    const userId = this.authService.getUserId();
    if (!key || !userId) return;
    if (this.isCurrentKey()) {
      this.notification.warning('Cannot delete the key you are currently using');
      return;
    }
    this.apiService.deleteKey(userId, key.keytoken_id).subscribe({
      next: () => {
        this.notification.success('Key deleted');
        this.router.navigate(['/keys']);
      }
    });
  }
 }
--- a/webapp/src/app/features/keys/key-list/key-list.component.html
+++ b/webapp/src/app/features/keys/key-list/key-list.component.html
@@ -0,0 +1,335 @@
 <div class="page-content">
  <div class="page-header">
    <h2>Keys</h2>
    <div class="header-actions">
      <button nz-button (click)="loadKeys()">
        <span nz-icon nzType="reload"></span>
        Refresh
      </button>
      <button nz-button nzType="primary" (click)="openCreateModal()">
        <span nz-icon nzType="plus"></span>
        Create Key
      </button>
    </div>
  </div>
  <nz-card>
    <nz-table
      #keyTable
      [nzData]="keys()"
      [nzLoading]="loading()"
      [nzShowPagination]="false"
      [nzNoResult]="noResultTpl"
      nzSize="middle"
    >
    <ng-template #noResultTpl></ng-template>
      <thead>
        <tr>
          <th>Name</th>
          <th>Permissions</th>
          <th nzWidth="0">Messages Sent</th>
          <th nzWidth="0">Last Used</th>
          <th nzWidth="0">Actions</th>
        </tr>
      </thead>
      <tbody>
        @for (key of keys(); track key.keytoken_id) {
          <tr class="clickable-row">
            <td>
              <a class="cell-link" [routerLink]="['/keys', key.keytoken_id]">
                <div class="key-name">
                  {{ key.name }}
                  @if (isCurrentKey(key)) {
                    <nz-tag nzColor="cyan" class="current-tag">Current</nz-tag>
                  }
                </div>
                <div class="key-id mono">{{ key.keytoken_id }}</div>
              </a>
            </td>
            <td>
              <a class="cell-link" [routerLink]="['/keys', key.keytoken_id]">
                <div class="permissions">
                  @for (perm of getPermissions(key); track perm) {
                    <nz-tag
                      [nzColor]="getPermissionColor(perm)"
                      nz-tooltip
                      [nzTooltipTitle]="getPermissionLabel(perm)"
                    >
                      {{ perm }}
                    </nz-tag>
                  }
                  @if (key.all_channels) {
                    <nz-tag nzColor="default" nz-tooltip nzTooltipTitle="Access to all channels">
                      All Channels
                    </nz-tag>
                  } @else if (key.channels && key.channels.length > 0) {
                    @for (channelId of key.channels; track channelId) {
                      <nz-tag nzColor="orange" nz-tooltip [nzTooltipTitle]="channelId">
                        {{ getChannelDisplayName(channelId) }}
                      </nz-tag>
                    }
                  }
                </div>
              </a>
            </td>
            <td>
              <a class="cell-link" [routerLink]="['/keys', key.keytoken_id]">
                {{ key.messages_sent }}
              </a>
            </td>
            <td>
              <a class="cell-link" [routerLink]="['/keys', key.keytoken_id]">
                @if (key.timestamp_lastused) {
                  <div class="timestamp-absolute">{{ key.timestamp_lastused | date:'yyyy-MM-dd HH:mm:ss' }}</div>
                  <div class="timestamp-relative">{{ key.timestamp_lastused | relativeTime }}</div>
                } @else {
                  <span class="text-muted">Never</span>
                }
              </a>
            </td>
            <td>
              <div class="action-buttons">
                <button
                  nz-button
                  nzSize="small"
                  nz-tooltip
                  nzTooltipTitle="Edit key"
                  (click)="openEditModal(key)"
                >
                  <span nz-icon nzType="edit"></span>
                </button>
                @if (!isCurrentKey(key)) {
                  <button
                    nz-button
                    nzSize="small"
                    nzDanger
                    nz-popconfirm
                    nzPopconfirmTitle="Are you sure you want to delete this key?"
                    (nzOnConfirm)="deleteKey(key)"
                  >
                    <span nz-icon nzType="delete"></span>
                  </button>
                }
              </div>
            </td>
          </tr>
        } @empty {
          <tr>
            <td colspan="5">
              <nz-empty nzNotFoundContent="No keys found"></nz-empty>
            </td>
          </tr>
        }
      </tbody>
    </nz-table>
  </nz-card>
 </div>
 <!-- Create Key Modal -->
 <nz-modal
  [(nzVisible)]="showCreateModal"
  nzTitle="Create Key"
  (nzOnCancel)="closeCreateModal()"
  [nzFooter]="createModalFooter"
  nzWidth="500px"
 >
  <ng-container *nzModalContent>
    @if (createdKey()) {
      <!-- Show created key -->
      <nz-alert
        nzType="success"
        nzMessage="Key created successfully!"
        nzDescription="Make sure to copy the token now. You won't be able to see it again."
        nzShowIcon
        class="mb-16"
      ></nz-alert>
      <nz-form-item>
        <nz-form-label>Key Token</nz-form-label>
        <nz-form-control>
          <nz-input-group [nzSuffix]="copyButton">
            <input
              type="text"
              nz-input
              [value]="createdKey()!.token"
              readonly
              class="mono"
            />
          </nz-input-group>
          <ng-template #copyButton>
            <span
              nz-icon
              nzType="copy"
              class="copy-icon"
              nz-tooltip
              nzTooltipTitle="Copy"
              [appCopyToClipboard]="createdKey()!.token!"
            ></span>
          </ng-template>
        </nz-form-control>
      </nz-form-item>
    } @else {
      <!-- Create form -->
      <nz-form-item>
        <nz-form-label>Name</nz-form-label>
        <nz-form-control>
          <input
            type="text"
            nz-input
            placeholder="Enter a name for this key"
            [(ngModel)]="newKeyName"
          />
        </nz-form-control>
      </nz-form-item>
      <nz-form-item>
        <nz-form-label>Permissions</nz-form-label>
        <nz-form-control>
          <div class="permission-checkboxes">
            @for (opt of permissionOptions; track opt.value) {
              <label
                nz-checkbox
                [nzChecked]="isPermissionChecked(opt.value)"
                [nzDisabled]="opt.value !== 'A' && isPermissionChecked('A')"
                (nzCheckedChange)="onPermissionChange(opt.value, $event)"
              >
                <nz-tag [nzColor]="getPermissionColor(opt.value)">{{ opt.value }}</nz-tag>
                <span class="perm-label">{{ opt.label }}</span>
                <span class="perm-desc">- {{ opt.description }}</span>
              </label>
            }
          </div>
        </nz-form-control>
      </nz-form-item>
      <nz-form-item>
        <label nz-checkbox [(ngModel)]="newKeyAllChannels">
          Access to all channels
        </label>
      </nz-form-item>
      @if (!newKeyAllChannels) {
        <nz-form-item class="mb-0">
          <nz-form-label>Channels</nz-form-label>
          <nz-form-control>
            <nz-select
              [(ngModel)]="newKeyChannels"
              nzMode="multiple"
              nzPlaceHolder="Select channels"
              nzShowSearch
              style="width: 100%"
            >
              @for (channel of availableChannels(); track channel.channel_id) {
                <nz-option
                  [nzValue]="channel.channel_id"
                  [nzLabel]="getChannelLabel(channel)"
                ></nz-option>
              }
            </nz-select>
          </nz-form-control>
        </nz-form-item>
      }
    }
  </ng-container>
 </nz-modal>
 <ng-template #createModalFooter>
  @if (createdKey()) {
    <button nz-button nzType="primary" (click)="closeCreateModal()">Done</button>
  } @else {
    <button nz-button (click)="closeCreateModal()">Cancel</button>
    <button
      nz-button
      nzType="primary"
      [nzLoading]="creating()"
      [disabled]="!newKeyName.trim() || newKeyPermissions.length === 0"
      (click)="createKey()"
    >
      Create
    </button>
  }
 </ng-template>
 <!-- Edit Key Modal -->
 <nz-modal
  [(nzVisible)]="showEditModal"
  nzTitle="Edit Key"
  (nzOnCancel)="closeEditModal()"
  [nzFooter]="editModalFooter"
  nzWidth="500px"
 >
  <ng-container *nzModalContent>
    <nz-form-item>
      <nz-form-label>Name</nz-form-label>
      <nz-form-control>
        <input
          type="text"
          nz-input
          placeholder="Enter a name for this key"
          [(ngModel)]="editKeyName"
        />
      </nz-form-control>
    </nz-form-item>
    <nz-form-item>
      <nz-form-label>Permissions</nz-form-label>
      <nz-form-control>
        <div class="permission-checkboxes">
          @for (opt of permissionOptions; track opt.value) {
            <label
              nz-checkbox
              [nzChecked]="isEditPermissionChecked(opt.value)"
              [nzDisabled]="opt.value !== 'A' && isEditPermissionChecked('A')"
              (nzCheckedChange)="onEditPermissionChange(opt.value, $event)"
            >
              <nz-tag [nzColor]="getPermissionColor(opt.value)">{{ opt.value }}</nz-tag>
              <span class="perm-label">{{ opt.label }}</span>
              <span class="perm-desc">- {{ opt.description }}</span>
            </label>
          }
        </div>
      </nz-form-control>
    </nz-form-item>
    <nz-form-item>
      <label nz-checkbox [(ngModel)]="editKeyAllChannels">
        Access to all channels
      </label>
    </nz-form-item>
    @if (!editKeyAllChannels) {
      <nz-form-item class="mb-0">
        <nz-form-label>Channels</nz-form-label>
        <nz-form-control>
          <nz-select
            [(ngModel)]="editKeyChannels"
            nzMode="multiple"
            nzPlaceHolder="Select channels"
            nzShowSearch
            style="width: 100%"
          >
            @for (channel of availableChannels(); track channel.channel_id) {
              <nz-option
                [nzValue]="channel.channel_id"
                [nzLabel]="getChannelLabel(channel)"
              ></nz-option>
            }
          </nz-select>
        </nz-form-control>
      </nz-form-item>
    }
  </ng-container>
 </nz-modal>
 <ng-template #editModalFooter>
  <button nz-button (click)="closeEditModal()">Cancel</button>
  <button
    nz-button
    nzType="primary"
    [nzLoading]="updating()"
    [disabled]="!editKeyName.trim() || editKeyPermissions.length === 0"
    (click)="updateKey()"
  >
    Save
  </button>
 </ng-template>
--- a/webapp/src/app/features/keys/key-list/key-list.component.scss
+++ b/webapp/src/app/features/keys/key-list/key-list.component.scss
@@ -0,0 +1,105 @@
 .page-header {
  display: flex;
  justify-content: space-between;
  align-items: center;
  margin-bottom: 16px;
  h2 {
    margin: 0;
  }
 }
 .header-actions {
  display: flex;
  gap: 8px;
 }
 .key-name {
  font-weight: 500;
  color: #333;
  display: flex;
  align-items: center;
  gap: 8px;
 }
 .key-id {
  font-size: 11px;
  color: #999;
  margin-top: 2px;
 }
 .current-tag {
  font-size: 11px;
 }
 .permissions {
  display: flex;
  flex-wrap: wrap;
  gap: 4px;
 }
 .text-muted {
  color: #999;
 }
 .action-buttons {
  display: flex;
  gap: 8px;
 }
 .copy-icon {
  cursor: pointer;
  color: #999;
  transition: color 0.3s;
  &:hover {
    color: #1890ff;
  }
 }
 .permission-checkboxes {
  display: flex;
  flex-direction: column;
  gap: 8px;
  label {
    display: flex;
    align-items: center;
    margin-left: 0;
  }
  nz-tag {
    width: 32px;
    text-align: center;
    margin-right: 8px;
  }
  .perm-label {
    min-width: 100px;
  }
  .perm-desc {
    color: #999;
    font-size: 12px;
  }
 }
 .clickable-row {
  cursor: pointer;
  &:hover {
    background-color: #fafafa;
  }
 }
 .timestamp-absolute {
  font-size: 13px;
  color: #333;
  white-space: pre;
 }
 .timestamp-relative {
  font-size: 12px;
  color: #999;
  white-space: pre;
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Mike Schwörer	55a91956ce	Implement /shoutrrr endpoint All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 1m20s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 9m51s Details Build Docker and Deploy / Deploy to Server (push) Successful in 27s Details	2025-12-18 11:36:15 +01:00
Mike Schwörer	202603d16c	More webapp changes+fixes All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 1m45s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 9m31s Details Build Docker and Deploy / Deploy to Server (push) Successful in 22s Details	2025-12-09 16:45:51 +01:00
Mike Schwörer	c81143ecdc	More webapp changes+fixes All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 1m0s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 9m18s Details Build Docker and Deploy / Deploy to Server (push) Successful in 22s Details	2025-12-07 04:21:11 +01:00
Mike Schwörer	2b7950f5dc	More webapp changes+fixes All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 1m41s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 9m31s Details Build Docker and Deploy / Deploy to Server (push) Successful in 18s Details	2025-12-05 21:39:32 +01:00
Mike Schwörer	c554479604	Implement /deliveries route	2025-12-05 16:59:56 +01:00
Mike Schwörer	8e7a540c97	More webapp changes+fixes	2025-12-05 16:58:30 +01:00
Mike Schwörer	c66cd0568f	Merge branch 'test/remove_userid_param'	2025-12-05 14:30:55 +01:00
Mike Schwörer	0800d25b30	Remove required user_id param when sending messages	2025-12-05 14:30:44 +01:00
Mike Schwörer	6d180aea38	Remove delete-channel from webapp	2025-12-04 09:16:47 +01:00
Mike Schwörer	3c45191d11	fix broken links on non-owned channels Some checks failed Build Docker and Deploy / Build Docker Container (push) Successful in 1m7s Details Build Docker and Deploy / Run Unit-Tests (push) Failing after 10m56s Details Build Docker and Deploy / Deploy to Server (push) Has been skipped Details	2025-12-03 22:38:24 +01:00
Mike Schwörer	9db56f6db6	Revert "Add `sound` to iOS notification" All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 1m9s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 9m5s Details Build Docker and Deploy / Deploy to Server (push) Successful in 7s Details This reverts commit `26d2854617`.	2025-12-03 22:17:43 +01:00
Mike Schwörer	5e6060e537	fix cicd All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 1m4s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 9m10s Details Build Docker and Deploy / Deploy to Server (push) Successful in 8s Details	2025-12-03 21:36:50 +01:00
Mike Schwörer	4b8ebf15d2	add support for page-based cursortokens (like goext) Some checks failed Build Docker and Deploy / Build Docker Container (push) Successful in 52s Details Build Docker and Deploy / Run Unit-Tests (push) Failing after 2m49s Details Build Docker and Deploy / Deploy to Server (push) Has been skipped Details	2025-12-03 19:46:09 +01:00
Mike Schwörer	d26f18f356	remove generated files from git	2025-12-03 19:42:05 +01:00
Mike Schwörer	6090319b5f	Simple Managment webapp [LLM]	2025-12-03 19:38:15 +01:00
Mike Schwörer	3ed323e056	update goext to 614	2025-12-03 19:09:51 +01:00
Mike Schwörer	f41ef30121	Merge branch 'webapp' All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 49s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 8m43s Details Build Docker and Deploy / Deploy to Server (push) Successful in 7s Details	2025-12-03 19:07:30 +01:00
Mike Schwörer	01df2b49f6	Simple Managment webapp [LLM]	2025-12-03 19:07:23 +01:00
Mike Schwörer	8306992533	Simple Managment webapp [LLM]	2025-12-03 19:03:19 +01:00
Mike Schwörer	d983737239	swagger fixes	2025-12-03 18:38:16 +01:00
Mike Schwörer	7c88281f03	Simple Managment webapp [LLM]	2025-12-03 18:38:10 +01:00
Mike Schwörer	308d6bbba0	Simple Managment webapp [LLM]	2025-12-03 18:35:19 +01:00
Mike Schwörer	85e6e4adfb	swagger fixes	2025-12-03 18:01:40 +01:00
Mike Schwörer	c860ef9c30	Simple Managment webapp [LLM]	2025-12-03 18:00:42 +01:00
Mike Schwörer	e7f613b5dc	Simple Managment webapp [LLM]	2025-12-03 17:24:57 +01:00
Andreas Higel	d932410802	Add missing comma All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 56s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 8m43s Details Build Docker and Deploy / Deploy to Server (push) Successful in 29s Details	2025-12-03 16:43:05 +01:00
Andreas Higel	26d2854617	Add `sound` to iOS notification Some checks failed Build Docker and Deploy / Build Docker Container (push) Failing after 42s Details Build Docker and Deploy / Run Unit-Tests (push) Failing after 2m24s Details Build Docker and Deploy / Deploy to Server (push) Has been skipped Details	2025-12-03 16:37:21 +01:00
Mike Schwörer	b521f74951	Rename "KeyToken" to "Used Key" All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 1m4s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 8m44s Details Build Docker and Deploy / Deploy to Server (push) Successful in 7s Details	2025-11-11 21:55:04 +01:00
Mike Schwörer	acc23c0d10	Update release-script All checks were successful Build Docker and Deploy / Build Docker Container (push) Successful in 1m25s Details Build Docker and Deploy / Run Unit-Tests (push) Successful in 9m29s Details Build Docker and Deploy / Deploy to Server (push) Successful in 41s Details	2025-11-11 16:05:05 +01:00