'Invalid subscription data'], 400); } $customerId = null; if (CustomerAuth::isLoggedIn()) { $customerId = CustomerAuth::getUser()['customer_id']; } // Check if subscription already exists $existing = db()->fetch( "SELECT id FROM push_subscriptions WHERE endpoint = :endpoint", ['endpoint' => $endpoint] ); if ($existing) { // Update existing db()->query( "UPDATE push_subscriptions SET customer_id = :cid, p256dh_key = :p256dh, auth_key = :auth, is_active = 1, updated_at = NOW() WHERE endpoint = :endpoint", ['cid' => $customerId, 'p256dh' => $p256dh, 'auth' => $auth, 'endpoint' => $endpoint] ); } else { // Create new db()->insert('push_subscriptions', [ 'customer_id' => $customerId, 'endpoint' => $endpoint, 'p256dh_key' => $p256dh, 'auth_key' => $auth, 'is_active' => 1 ]); } jsonResponse(['success' => true, 'message' => 'Subscribed to notifications']); break; case 'DELETE': // Unsubscribe $endpoint = $input['endpoint'] ?? ''; if (empty($endpoint)) { jsonResponse(['error' => 'Endpoint required'], 400); } db()->query( "UPDATE push_subscriptions SET is_active = 0 WHERE endpoint = :endpoint", ['endpoint' => $endpoint] ); jsonResponse(['success' => true, 'message' => 'Unsubscribed from notifications']); break; case 'GET': // Get VAPID public key require_once __DIR__ . '/../includes/push.php'; jsonResponse(['publicKey' => pushNotify()->getPublicKey()]); break; default: jsonResponse(['error' => 'Method not allowed'], 405); }