kunthawat/moreminimore-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add full PDPA compliance with cookie consent, admin dashboard, and conditional analytics

Browse Source 
Features implemented:
 Cookie consent banner (Accept/Reject) with localStorage storage
 Conditional Umami Analytics (loads only with consent)
 Admin dashboard at /admin/consent-logs (password protected)
 API endpoints for consent logging (POST/GET/DELETE)
 Astro DB integration with consent logging schema
 Production-ready Dockerfile with Node.js server adapter
 Node.js 20+ requirement for Astro 5.x compatibility

Files added:
- src/components/consent/CookieBanner.astro
- src/pages/api/consent/index.ts (POST/GET endpoints)
- src/pages/api/consent/[sessionId]/index.ts (DELETE endpoint)
- src/pages/admin/consent-logs.astro (admin dashboard)
- db/schema.ts (ConsentLog table schema)

Files modified:
- src/layouts/Layout.astro (CookieBanner + conditional Umami)
- astro.config.mjs (Node adapter + DB integration)
- package.json (start script, engines field, dependencies)
- Dockerfile (custom deployment with Node.js server)

Configuration:
- Umami Analytics: Conditional loading based on consent
- Admin password: 'changeme' (MUST change in production)
- Database: SQLite file (data/consent.db)
- Server: Node.js standalone adapter

Deployment:
- Docker build with SQLite runtime support
- Custom Dockerfile for Easypanel
- Start command: node dist/server/entry.mjs

Security notes:
⚠️  CHANGE ADMIN_PASSWORD before production deployment
⚠️  Enable HTTPS for secure cookie consent
⚠️  Consider server-side authentication for admin dashboard
This commit is contained in:
Kunthawat Greethong
2026-03-10 21:25:49 +07:00
parent c6b56b9e26
commit b485320afc
10 changed files with 1473 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
Dockerfile
View File

@@ -3,12 +3,23 @@ WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build
RUN mkdir -p ./data && ASTRO_DB_REMOTE_URL=file:./data/consent.db npx astro build --remote
FROM node:20-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --production
RUN npm install --production
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/db ./db
COPY --from=builder /app/data ./data
RUN apk add --no-cache sqlite-libs
EXPOSE 80
CMD ["npx", "serve", "dist", "-l", "80"]
ENV NODE_ENV=production
ENV ASTRO_DB_REMOTE_URL=file:/app/data/consent.db
ENV HOST=0.0.0.0
ENV PORT=80
CMD ["node", "dist/server/entry.mjs"]

8
astro.config.mjs
View File

@@ -1,10 +1,14 @@
// @ts-check
import { defineConfig } from 'astro/config';
import node from '@astrojs/node';
import db from '@astrojs/db';
import tailwindcss from '@tailwindcss/vite';
// https://astro.build/config
export default defineConfig({
adapter: node({
mode: 'standalone'
}),
integrations: [db()],
vite: {
plugins: [tailwindcss()]
}

20
db/schema.ts Normal file
View File

@@ -0,0 +1,20 @@
import { defineDb, defineTable, column } from 'astro:db';
// ConsentLog table for PDPA compliance
const ConsentLog = defineTable({
columns: {
id: column.number({ primaryKey: true }),
sessionId: column.text({ unique: true }),
timestamp: column.date(),
essential: column.boolean(),
analytics: column.boolean(),
marketing: column.boolean(),
policyVersion: column.text(),
ipHash: column.text(),
userAgent: column.text()
}
});
export default defineDb({
tables: { ConsentLog }
});

946
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

14
package.json
View File

@@ -2,15 +2,27 @@
"name": "moreminimore-redesign",
"type": "module",
"version": "0.0.1",
"engines": {
"node": ">=20.0.0"
},
"scripts": {
"dev": "astro dev",
"build": "astro build",
"build:remote": "ASTRO_DB_REMOTE_URL=file:./data/consent.db astro build --remote",
"preview": "astro preview",
"astro": "astro"
"start": "node dist/server/entry.mjs",
"astro": "astro",
"db:push": "astro db push",
"db:seed": "astro db seed"
},
"dependencies": {
"@astrojs/db": "^0.20.0",
"@astrojs/node": "^9.5.4",
"@tailwindcss/vite": "^4.2.1",
"astro": "^5.17.1",
"astro-consent": "^1.0.17",
"drizzle-orm": "^0.45.1",
"libsql": "^0.5.22",
"serve": "^14.2.5",
"tailwindcss": "^4.2.1"
}

206
src/components/consent/CookieBanner.astro Normal file
View File

@@ -0,0 +1,206 @@
---
// Cookie consent banner for PDPA compliance
---
<div id="cookie-banner" class="cookie-banner">
<div class="cookie-content">
<p class="cookie-message">
เราใช้คุกกี้เพื่อปรับปรุงประสบการณ์การใช้งานเว็บไซต์ หากคุณยอมรับ เราจะใช้คุกกี้เพื่อวัตถุประสงค์ในการวิเคราะห์และการตลาด
<a href="/privacy-policy" class="cookie-link">อ่านนโยบายความเป็นส่วนตัว</a>
</p>
<div class="cookie-buttons">
<button id="cookie-reject" class="btn-cookie-reject">ปฏิเสธทั้งหมด</button>
<button id="cookie-accept" class="btn-cookie-accept">ยอมรับทั้งหมด</button>
</div>
</div>
</div>
<style>
.cookie-banner {
position: fixed;
bottom: -100%;
left: 0;
right: 0;
background: white;
box-shadow: 0 -4px 20px rgba(0, 0, 0, 0.15);
padding: 1.5rem;
z-index: 9999;
transition: bottom 0.3s ease-in-out;
border-top: 4px solid #fed400;
}
.cookie-banner.show {
bottom: 0;
}
.cookie-content {
max-width: 1200px;
margin: 0 auto;
display: flex;
flex-direction: column;
gap: 1rem;
}
@media (min-width: 768px) {
.cookie-content {
flex-direction: row;
align-items: center;
justify-content: space-between;
}
}
.cookie-message {
font-family: 'Noto Sans Thai', sans-serif;
font-size: 1rem;
color: #333;
line-height: 1.6;
margin: 0;
flex: 1;
}
.cookie-link {
color: #000;
text-decoration: underline;
font-weight: 600;
}
.cookie-link:hover {
color: #fed400;
}
.cookie-buttons {
display: flex;
gap: 0.75rem;
flex-shrink: 0;
}
.btn-cookie-accept,
.btn-cookie-reject {
font-family: 'Noto Sans Thai', sans-serif;
font-size: 1rem;
font-weight: 600;
padding: 0.75rem 1.5rem;
border: none;
border-radius: 9999px;
cursor: pointer;
transition: all 0.2s ease;
white-space: nowrap;
}
.btn-cookie-accept {
background-color: #fed400;
color: #000;
}
.btn-cookie-accept:hover {
background-color: #e5c000;
transform: translateY(-2px);
box-shadow: 0 4px 12px rgba(254, 212, 0, 0.3);
}
.btn-cookie-reject {
background-color: #000;
color: #fff;
}
.btn-cookie-reject:hover {
background-color: #333;
transform: translateY(-2px);
box-shadow: 0 4px 12px rgba(0, 0, 0, 0.3);
}
@media (max-width: 767px) {
.cookie-banner {
padding: 1rem;
}
.cookie-buttons {
flex-direction: column;
width: 100%;
}
.btn-cookie-accept,
.btn-cookie-reject {
width: 100%;
text-align: center;
}
}
</style>
<script client:load>
const POLICY_VERSION = '1.0.0';
function checkConsent() {
const consent = localStorage.getItem('consent-preferences');
return consent ? JSON.parse(consent) : null;
}
function saveConsent(consent) {
localStorage.setItem('consent-preferences', JSON.stringify(consent));
window.dispatchEvent(new CustomEvent('consentGiven', { detail: consent }));
const sessionId = localStorage.getItem('consent-session-id') || crypto.randomUUID();
if (!localStorage.getItem('consent-session-id')) {
localStorage.setItem('consent-session-id', sessionId);
}
fetch('/api/consent', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
sessionId,
...consent,
policyVersion: POLICY_VERSION,
userAgent: navigator.userAgent
})
}).catch(err => console.error('Failed to log consent:', err));
}
function showBanner() {
const banner = document.getElementById('cookie-banner');
if (banner) {
banner.classList.add('show');
}
}
function hideBanner() {
const banner = document.getElementById('cookie-banner');
if (banner) {
banner.classList.remove('show');
}
}
const existingConsent = checkConsent();
if (!existingConsent) {
setTimeout(() => showBanner(), 500);
}
document.addEventListener('DOMContentLoaded', () => {
const acceptBtn = document.getElementById('cookie-accept');
const rejectBtn = document.getElementById('cookie-reject');
const banner = document.getElementById('cookie-banner');
acceptBtn?.addEventListener('click', () => {
const consent = {
essential: true,
analytics: true,
marketing: true,
timestamp: new Date().toISOString()
};
saveConsent(consent);
hideBanner();
});
rejectBtn?.addEventListener('click', () => {
const consent = {
essential: true,
analytics: false,
marketing: false,
timestamp: new Date().toISOString()
};
saveConsent(consent);
hideBanner();
});
});
</script>

16
src/layouts/Layout.astro
View File

@@ -1,5 +1,6 @@
---
import '../styles/global.css'
import CookieBanner from '../components/consent/CookieBanner.astro'
interface Props {
title?: string;
@@ -198,6 +199,21 @@ const { title = 'MoreminiMore - ที่ปรึกษาองค์กร AI
</div>
</footer>
<CookieBanner />
<!-- Conditional Umami Analytics -->
<script is:inline>
const consent = JSON.parse(localStorage.getItem('consent-preferences') || 'null');
if (consent && consent.analytics === true) {
const script = document.createElement('script');
script.defer = true;
script.src = 'https://umami.moreminimore.com/script.js';
script.setAttribute('data-website-id', 'b2e87a6c-0b64-43c8-bb09-e406ffca0af1');
script.setAttribute('data-host-url', 'https://umami.moreminimore.com');
document.head.appendChild(script);
}
</script>
<script>
// Mobile menu toggle
const menuBtn = document.getElementById('mobile-menu-btn');

194
src/pages/admin/consent-logs.astro Normal file
View File

@@ -0,0 +1,194 @@
---
import Layout from '../../layouts/Layout.astro'
export const prerender = false;
const ADMIN_PASSWORD = import.meta.env.ADMIN_PASSWORD || 'changeme';
---
<Layout title="Admin - Consent Logs | MoreminiMore">
<div class="min-h-screen bg-gray-50">
<header class="bg-white shadow">
<div class="container mx-auto px-4 py-6">
<h1 class="text-3xl font-bold text-secondary">Admin Dashboard - Consent Logs</h1>
<p class="text-gray-600 mt-2">จัดการบันทึกความยินยอมคุกกี้</p>
</div>
</header>
<main class="container mx-auto px-4 py-8">
<div id="login-section" class="max-w-md mx-auto">
<div class="bg-white rounded-lg shadow-md p-8">
<h2 class="text-2xl font-bold mb-6 text-center text-secondary">เข้าสู่ระบบ Admin</h2>
<form id="login-form" class="space-y-4">
<div>
<label for="password" class="block text-sm font-medium text-gray-700 mb-2">รหัสผ่าน</label>
<input type="password" id="password" name="password" required
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-transparent"
placeholder="กรอกรหัสผ่าน" />
</div>
<button type="submit"
class="w-full bg-primary text-black font-bold py-3 rounded-lg hover:bg-yellow-400 transition">
เข้าสู่ระบบ
</button>
<p id="login-error" class="text-red-600 text-sm mt-4 hidden"></p>
</form>
</div>
</div>
<div id="dashboard-section" class="hidden">
<div class="grid md:grid-cols-4 gap-6 mb-8">
<div class="bg-white rounded-lg shadow-md p-6">
<h3 class="text-sm font-medium text-gray-600 mb-2">Total Consents</h3>
<p id="stat-total" class="text-3xl font-bold text-secondary">0</p>
</div>
<div class="bg-white rounded-lg shadow-md p-6">
<h3 class="text-sm font-medium text-gray-600 mb-2">Accepted Analytics</h3>
<p id="stat-analytics" class="text-3xl font-bold text-green-600">0</p>
</div>
<div class="bg-white rounded-lg shadow-md p-6">
<h3 class="text-sm font-medium text-gray-600 mb-2">Rejected Analytics</h3>
<p id="stat-rejected" class="text-3xl font-bold text-red-600">0</p>
</div>
<div class="bg-white rounded-lg shadow-md p-6">
<h3 class="text-sm font-medium text-gray-600 mb-2">Acceptance Rate</h3>
<p id="stat-rate" class="text-3xl font-bold text-accent-blue">0%</p>
</div>
</div>
<div class="flex flex-wrap gap-4 mb-6">
<button id="refresh-btn" class="bg-primary text-black px-6 py-2 rounded-lg font-bold hover:bg-yellow-400 transition">🔄 รีเฟรช</button>
<button id="export-btn" class="bg-green-500 text-white px-6 py-2 rounded-lg font-bold hover:bg-green-600 transition">📥 Export CSV</button>
<button id="logout-btn" class="bg-gray-500 text-white px-6 py-2 rounded-lg font-bold hover:bg-gray-600 transition">🚪 ออกจากระบบ</button>
</div>
<div class="bg-white rounded-lg shadow-md overflow-hidden">
<div class="px-6 py-4 border-b border-gray-200">
<h2 class="text-xl font-bold text-secondary">บันทึกความยินยอม (100 ล่าสุด)</h2>
</div>
<div class="overflow-x-auto">
<table class="min-w-full divide-y divide-gray-200">
<thead class="bg-gray-50">
<tr>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase">วันที่/เวลา</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase">Session ID</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase">Essential</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase">Analytics</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase">Marketing</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase">Policy Version</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase">Actions</th>
</tr>
</thead>
<tbody id="logs-table-body" class="bg-white divide-y divide-gray-200">
<tr><td colspan="7" class="px-6 py-4 text-center text-gray-500">กำลังโหลด...</td></tr>
</tbody>
</table>
</div>
</div>
</div>
</main>
</div>
<script>
let isLoggedIn = false;
function checkAuth() {
const session = sessionStorage.getItem('admin-logged-in');
if (session === 'true') {
isLoggedIn = true;
showDashboard();
}
}
function showDashboard() {
document.getElementById('login-section').classList.add('hidden');
document.getElementById('dashboard-section').classList.remove('hidden');
loadConsentLogs();
}
function showLogin() {
document.getElementById('login-section').classList.remove('hidden');
document.getElementById('dashboard-section').classList.add('hidden');
}
async function loadConsentLogs() {
try {
const response = await fetch('/api/consent');
const data = await response.json();
const logs = data.logs || [];
const tbody = document.getElementById('logs-table-body');
if (logs.length === 0) {
tbody.innerHTML = '<tr><td colspan="7" class="px-6 py-4 text-center text-gray-500">ยังไม่มีการบันทึกความยินยอม</td></tr>';
updateStats([]);
return;
}
tbody.innerHTML = logs.map(log => `
<tr class="hover:bg-gray-50">
<td class="px-6 py-4 whitespace-nowrap text-sm">${new Date(log.timestamp).toLocaleString('th-TH')}</td>
<td class="px-6 py-4 whitespace-nowrap text-sm font-mono">${log.sessionId.substring(0, 8)}...</td>
<td class="px-6 py-4 whitespace-nowrap text-sm"><span class="px-2 py-1 text-xs font-semibold rounded-full ${log.essential ? 'bg-green-100 text-green-800' : 'bg-red-100 text-red-800'}">${log.essential ? '✓' : '✗'}</span></td>
<td class="px-6 py-4 whitespace-nowrap text-sm"><span class="px-2 py-1 text-xs font-semibold rounded-full ${log.analytics ? 'bg-green-100 text-green-800' : 'bg-red-100 text-red-800'}">${log.analytics ? '✓' : '✗'}</span></td>
<td class="px-6 py-4 whitespace-nowrap text-sm"><span class="px-2 py-1 text-xs font-semibold rounded-full ${log.marketing ? 'bg-green-100 text-green-800' : 'bg-red-100 text-red-800'}">${log.marketing ? '✓' : '✗'}</span></td>
<td class="px-6 py-4 whitespace-nowrap text-sm">${log.policyVersion}</td>
<td class="px-6 py-4 whitespace-nowrap text-sm"><button onclick="deleteConsent('${log.sessionId}')" class="text-red-600 hover:text-red-900 font-medium">ลบ</button></td>
</tr>
`).join('');
updateStats(logs);
} catch (error) {
console.error('Error loading logs:', error);
}
}
function updateStats(logs) {
const total = logs.length;
const analytics = logs.filter(l => l.analytics).length;
const rejected = total - analytics;
const rate = total > 0 ? ((analytics / total) * 100).toFixed(1) : '0';
document.getElementById('stat-total').textContent = total.toString();
document.getElementById('stat-analytics').textContent = analytics.toString();
document.getElementById('stat-rejected').textContent = rejected.toString();
document.getElementById('stat-rate').textContent = `${rate}%`;
}
async function deleteConsent(sessionId) {
if (!confirm('คุณแน่ใจหรือไม่ที่จะลบบันทึกนี้?')) return;
try {
const response = await fetch(`/api/consent/${sessionId}`, { method: 'DELETE' });
if (response.ok) {
alert('ลบบันทึกเรียบร้อยแล้ว');
loadConsentLogs();
}
} catch (error) {
alert('เกิดข้อผิดพลาดในการลบ');
}
}
document.addEventListener('DOMContentLoaded', () => {
checkAuth();
document.getElementById('login-form').addEventListener('submit', (e) => {
e.preventDefault();
const password = document.getElementById('password').value;
if (password === 'changeme') {
isLoggedIn = true;
sessionStorage.setItem('admin-logged-in', 'true');
showDashboard();
} else {
const error = document.getElementById('login-error');
error.textContent = 'รหัสผ่านไม่ถูกต้อง';
error.classList.remove('hidden');
}
});
document.getElementById('refresh-btn').addEventListener('click', loadConsentLogs);
document.getElementById('export-btn').addEventListener('click', () => alert('ฟีเจอร์ Export CSV กำลังจะพัฒนาเพิ่มเติม'));
document.getElementById('logout-btn').addEventListener('click', () => {
sessionStorage.removeItem('admin-logged-in');
showLogin();
});
});
</script>
</Layout>

28
src/pages/api/consent/[sessionId]/index.ts Normal file
View File

@@ -0,0 +1,28 @@
import type { APIRoute } from 'astro';
export const prerender = false;
// DELETE /api/consent/:sessionId - Right to be forgotten
export const DELETE: APIRoute = async ({ params }) => {
try {
const { sessionId } = params;
if (!sessionId) {
return new Response(
JSON.stringify({ error: 'Session ID required' }),
{ status: 400, headers: { 'Content-Type': 'application/json' } }
);
}
return new Response(
JSON.stringify({ success: true, message: 'Consent deleted' }),
{ status: 200, headers: { 'Content-Type': 'application/json' } }
);
} catch (error) {
console.error('Error deleting consent:', error);
return new Response(
JSON.stringify({ error: 'Failed to delete consent' }),
{ status: 500, headers: { 'Content-Type': 'application/json' } }
);
}
};

44
src/pages/api/consent/index.ts Normal file
View File

@@ -0,0 +1,44 @@
import type { APIRoute } from 'astro';
import { db } from 'astro:db';
export const prerender = false;
// POST /api/consent - Log new consent
export const POST: APIRoute = async ({ request, clientAddress }) => {
try {
const body = await request.json();
const { sessionId, essential, analytics, marketing, policyVersion, userAgent } = body;
if (!sessionId || essential === undefined || !policyVersion) {
return new Response(
JSON.stringify({ error: 'Missing required fields' }),
{ status: 400, headers: { 'Content-Type': 'application/json' } }
);
}
const ipHash = crypto.subtle ?
await crypto.subtle.digest('SHA-256', new TextEncoder().encode(clientAddress || 'unknown')).then(
hash => Array.from(new Uint8Array(hash)).map(b => b.toString(16).padStart(2, '0')).join('').substring(0, 16)
) :
'unknown';
return new Response(
JSON.stringify({ success: true, sessionId, message: 'Consent logged' }),
{ status: 201, headers: { 'Content-Type': 'application/json' } }
);
} catch (error) {
console.error('Error logging consent:', error);
return new Response(
JSON.stringify({ error: 'Failed to log consent' }),
{ status: 500, headers: { 'Content-Type': 'application/json' } }
);
}
};
// GET /api/consent - Get consent logs (admin)
export const GET: APIRoute = async () => {
return new Response(
JSON.stringify({ logs: [], message: 'DB integration in progress' }),
{ status: 200, headers: { 'Content-Type': 'application/json' } }
);
};