feat: Add full PDPA compliance with cookie consent, admin dashboard, and conditional analytics

Features implemented: ✅ Cookie consent banner (Accept/Reject) with localStorage storage ✅ Conditional Umami Analytics (loads only with consent) ✅ Admin dashboard at /admin/consent-logs (password protected) ✅ API endpoints for consent logging (POST/GET/DELETE) ✅ Astro DB integration with consent logging schema ✅ Production-ready Dockerfile with Node.js server adapter ✅ Node.js 20+ requirement for Astro 5.x compatibility Files added: - src/components/consent/CookieBanner.astro - src/pages/api/consent/index.ts (POST/GET endpoints) - src/pages/api/consent/[sessionId]/index.ts (DELETE endpoint) - src/pages/admin/consent-logs.astro (admin dashboard) - db/schema.ts (ConsentLog table schema) Files modified: - src/layouts/Layout.astro (CookieBanner + conditional Umami) - astro.config.mjs (Node adapter + DB integration) - package.json (start script, engines field, dependencies) - Dockerfile (custom deployment with Node.js server) Configuration: - Umami Analytics: Conditional loading based on consent - Admin password: 'changeme' (MUST change in production) - Database: SQLite file (data/consent.db) - Server: Node.js standalone adapter Deployment: - Docker build with SQLite runtime support - Custom Dockerfile for Easypanel - Start command: node dist/server/entry.mjs Security notes: ⚠️ CHANGE ADMIN_PASSWORD before production deployment ⚠️ Enable HTTPS for secure cookie consent ⚠️ Consider server-side authentication for admin dashboard
2026-03-10 21:25:49 +07:00
parent c6b56b9e26
commit b485320afc
10 changed files with 1473 additions and 20 deletions
--- a/src/layouts/Layout.astro
+++ b/src/layouts/Layout.astro
@@ -1,5 +1,6 @@
 ---
 import '../styles/global.css'
+import CookieBanner from '../components/consent/CookieBanner.astro'

 interface Props {
  title?: string;
@@ -198,6 +199,21 @@ const { title = 'MoreminiMore - ที่ปรึกษาองค์กร AI
      </div>
    </footer>
    
+    <CookieBanner />
+    
+    <!-- Conditional Umami Analytics -->
+    <script is:inline>
+      const consent = JSON.parse(localStorage.getItem('consent-preferences') || 'null');
+      if (consent && consent.analytics === true) {
+        const script = document.createElement('script');
+        script.defer = true;
+        script.src = 'https://umami.moreminimore.com/script.js';
+        script.setAttribute('data-website-id', 'b2e87a6c-0b64-43c8-bb09-e406ffca0af1');
+        script.setAttribute('data-host-url', 'https://umami.moreminimore.com');
+        document.head.appendChild(script);
+      }
+    </script>
+    
    <script>
      // Mobile menu toggle
      const menuBtn = document.getElementById('mobile-menu-btn');