Push Notifications with FCM (Ring-Powered)

Ring Platform stores FCM tokens in your primary database (PostgreSQL or Firestore by backend mode), one row per user per device. React apps register tokens via a Server Action; non-React clients use a rate-limited API. Both paths call the same server-only DB layer so behavior and security stay consistent everywhere. How modes differ (Postgres-primary vs full Firebase, DB_HYBRID_MODE): Backend modes and databases.

Overview: Ring-Powered FCM Logic

"Ring-powered" FCM means a single, backend-agnostic design:

• Token store as source of truth — The fcm_tokens table (or collection) holds all registration tokens. Stored payload lives in a JSONB data column where applicable (PostgreSQL). No secondary cache; the database is the registry.
• One row per device per user — A composite unique constraint on (user_id, device_fingerprint) ensures one record per device. The token value is not unique, so FCM token rotation updates the same row instead of creating duplicates.
• React app → Server Action — The primary path for browser and React Native web is the upsertFcmToken Server Action. The server derives user_id from auth() only; the client never sends it.
• Non-React clients → API route — Mobile apps or external services call POST /api/notifications/fcm/register with the same payload. This endpoint is rate-limited per user (for example, 10 requests per minute).
• Lifecycle in data — Each row carries status (active | stale | invalid) and invalidatedAt. Reactive cleanup runs when FCM returns errors for a token; scheduled jobs mark stale tokens and optionally hard-delete after a retention window.
• Backend mode — The token store is backend-agnostic. BackendSelector routes by DB_BACKEND_MODE to PostgreSQL (e.g. k8s-postgres-fcm, ) or Firestore (). One code path; no branching in the Server Action or API route.

Push Notifications with FCM (Ring-Powered)

Ring Platform stores FCM tokens in your primary database (PostgreSQL or Firestore by backend mode), one row per user per device. React apps register tokens via a Server Action; non-React clients use a rate-limited API. Both paths call the same server-only DB layer so behavior and security stay consistent everywhere. How modes differ (Postgres-primary vs full Firebase, DB_HYBRID_MODE): Backend modes and databases.

Overview: Ring-Powered FCM Logic

"Ring-powered" FCM means a single, backend-agnostic design:

• Token store as source of truth — The fcm_tokens table (or collection) holds all registration tokens. Stored payload lives in a JSONB data column where applicable (PostgreSQL). No secondary cache; the database is the registry.
• One row per device per user — A composite unique constraint on (user_id, device_fingerprint) ensures one record per device. The token value is not unique, so FCM token rotation updates the same row instead of creating duplicates.
• React app → Server Action — The primary path for browser and React Native web is the upsertFcmToken Server Action. The server derives user_id from auth() only; the client never sends it.
• Non-React clients → API route — Mobile apps or external services call POST /api/notifications/fcm/register with the same payload. This endpoint is rate-limited per user (for example, 10 requests per minute).
• Lifecycle in data — Each row carries status (active | stale | invalid) and invalidatedAt. Reactive cleanup runs when FCM returns errors for a token; scheduled jobs mark stale tokens and optionally hard-delete after a retention window.
• Backend mode — The token store is backend-agnostic. BackendSelector routes by DB_BACKEND_MODE to PostgreSQL (e.g. k8s-postgres-fcm, ) or Firestore (). One code path; no branching in the Server Action or API route.

Push Notifications with FCM (Ring-Powered)

Ring Platform stores FCM tokens in your primary database (PostgreSQL or Firestore by backend mode), one row per user per device. React apps register tokens via a Server Action; non-React clients use a rate-limited API. Both paths call the same server-only DB layer so behavior and security stay consistent everywhere. How modes differ (Postgres-primary vs full Firebase, DB_HYBRID_MODE): Backend modes and databases.

Overview: Ring-Powered FCM Logic

"Ring-powered" FCM means a single, backend-agnostic design:

• Token store as source of truth — The fcm_tokens table (or collection) holds all registration tokens. Stored payload lives in a JSONB data column where applicable (PostgreSQL). No secondary cache; the database is the registry.
• One row per device per user — A composite unique constraint on (user_id, device_fingerprint) ensures one record per device. The token value is not unique, so FCM token rotation updates the same row instead of creating duplicates.
• React app → Server Action — The primary path for browser and React Native web is the upsertFcmToken Server Action. The server derives user_id from auth() only; the client never sends it.
• Non-React clients → API route — Mobile apps or external services call POST /api/notifications/fcm/register with the same payload. This endpoint is rate-limited per user (for example, 10 requests per minute).
• Lifecycle in data — Each row carries status (active | stale | invalid) and invalidatedAt. Reactive cleanup runs when FCM returns errors for a token; scheduled jobs mark stale tokens and optionally hard-delete after a retention window.
• Backend mode — The token store is backend-agnostic. BackendSelector routes by DB_BACKEND_MODE to PostgreSQL (e.g. k8s-postgres-fcm, ) or Firestore (). One code path; no branching in the Server Action or API route.

Prerequisites

• Authentication — A signed-in user (Auth.js session). Token registration is always tied to the authenticated user; the server never trusts a client-supplied user id.
• Web push (browser) — HTTPS (or localhost for development), browser support for Web Push, a registered service worker, and the Firebase client SDK. The service worker file is typically served at /firebase-messaging-sw.js.
• API clients — Valid session (cookie or Bearer) and the same request body contract as below (token, deviceFingerprint, deviceInfo).

React App: Server Action Path

Use the Server Action as the primary way to register and refresh FCM tokens from any React or Next.js client. This path is not rate-limited like the API route and keeps user id server-derived only.

Prerequisites

• Authentication — A signed-in user (Auth.js session). Token registration is always tied to the authenticated user; the server never trusts a client-supplied user id.
• Web push (browser) — HTTPS (or localhost for development), browser support for Web Push, a registered service worker, and the Firebase client SDK. The service worker file is typically served at /firebase-messaging-sw.js.
• API clients — Valid session (cookie or Bearer) and the same request body contract as below (token, deviceFingerprint, deviceInfo).

React App: Server Action Path

Use the Server Action as the primary way to register and refresh FCM tokens from any React or Next.js client. This path is not rate-limited like the API route and keeps user id server-derived only.

Prerequisites

• Authentication — A signed-in user (Auth.js session). Token registration is always tied to the authenticated user; the server never trusts a client-supplied user id.
• Web push (browser) — HTTPS (or localhost for development), browser support for Web Push, a registered service worker, and the Firebase client SDK. The service worker file is typically served at /firebase-messaging-sw.js.
• API clients — Valid session (cookie or Bearer) and the same request body contract as below (token, deviceFingerprint, deviceInfo).

React App: Server Action Path

Use the Server Action as the primary way to register and refresh FCM tokens from any React or Next.js client. This path is not rate-limited like the API route and keeps user id server-derived only.

Example: registering and refreshing the token from a client component.

Non-React Clients: API Route

Mobile apps or other non-React clients register tokens by calling the same contract over HTTP.

Endpoint: POST /api/notifications/fcm/register

Request body:

• token (string, required) — FCM registration token from the client SDK.
• deviceFingerprint (string, required) — Stable device identifier (e.g. UUID in local storage). Maximum 128 characters; alphanumeric, hyphens, and underscores only.
• deviceInfo (object, optional) — Arbitrary device metadata (e.g. platform, userAgent).

Authentication: Required (session cookie or Bearer token). The server uses the authenticated user id; do not send userId in the body.

Responses:

• 200 — { "success": true }
• 400 — Validation error (e.g. missing or invalid deviceFingerprint)
• 401 — Not authenticated
• 429 — Rate limit exceeded (see Retry-After header)
• 500 — Server error

Example with cURL (replace session cookie or use Bearer token as required by your auth setup):

Example: registering and refreshing the token from a client component.

Non-React Clients: API Route

Mobile apps or other non-React clients register tokens by calling the same contract over HTTP.

Endpoint: POST /api/notifications/fcm/register

Request body:

• token (string, required) — FCM registration token from the client SDK.
• deviceFingerprint (string, required) — Stable device identifier (e.g. UUID in local storage). Maximum 128 characters; alphanumeric, hyphens, and underscores only.
• deviceInfo (object, optional) — Arbitrary device metadata (e.g. platform, userAgent).

Authentication: Required (session cookie or Bearer token). The server uses the authenticated user id; do not send userId in the body.

Responses:

• 200 — { "success": true }
• 400 — Validation error (e.g. missing or invalid deviceFingerprint)
• 401 — Not authenticated
• 429 — Rate limit exceeded (see Retry-After header)
• 500 — Server error

Example with cURL (replace session cookie or use Bearer token as required by your auth setup):

Example: registering and refreshing the token from a client component.

Non-React Clients: API Route

Mobile apps or other non-React clients register tokens by calling the same contract over HTTP.

Endpoint: POST /api/notifications/fcm/register

Request body:

• token (string, required) — FCM registration token from the client SDK.
• deviceFingerprint (string, required) — Stable device identifier (e.g. UUID in local storage). Maximum 128 characters; alphanumeric, hyphens, and underscores only.
• deviceInfo (object, optional) — Arbitrary device metadata (e.g. platform, userAgent).

Authentication: Required (session cookie or Bearer token). The server uses the authenticated user id; do not send userId in the body.

Responses:

• 200 — { "success": true }
• 400 — Validation error (e.g. missing or invalid deviceFingerprint)
• 401 — Not authenticated
• 429 — Rate limit exceeded (see Retry-After header)
• 500 — Server error

Example with cURL (replace session cookie or use Bearer token as required by your auth setup):

Environment Variables

Split configuration so that only public, safe values are exposed to the client.

Environment Variables

Split configuration so that only public, safe values are exposed to the client.

Environment Variables

Split configuration so that only public, safe values are exposed to the client.

Unregister and Logout

On logout or when the user disables push:

• Browser / React — Call deleteToken(messaging) from the Firebase client SDK, then unregister on the server. Send DELETE /api/notifications/fcm/register with body { "deviceFingerprint": "same-uuid-as-register" }. Idempotent; safe to call even if the row is already removed or invalidated.
• Non-React — Same DELETE request with the same deviceFingerprint used at registration.

The server marks the row as status: 'invalid' and sets invalidatedAt; delivery to that token is stopped.

Troubleshooting

Unregister and Logout

On logout or when the user disables push:

• Browser / React — Call deleteToken(messaging) from the Firebase client SDK, then unregister on the server. Send DELETE /api/notifications/fcm/register with body { "deviceFingerprint": "same-uuid-as-register" }. Idempotent; safe to call even if the row is already removed or invalidated.
• Non-React — Same DELETE request with the same deviceFingerprint used at registration.

The server marks the row as status: 'invalid' and sets invalidatedAt; delivery to that token is stopped.

Troubleshooting

Unregister and Logout

On logout or when the user disables push:

• Browser / React — Call deleteToken(messaging) from the Firebase client SDK, then unregister on the server. Send DELETE /api/notifications/fcm/register with body { "deviceFingerprint": "same-uuid-as-register" }. Idempotent; safe to call even if the row is already removed or invalidated.
• Non-React — Same DELETE request with the same deviceFingerprint used at registration.

The server marks the row as status: 'invalid' and sets invalidatedAt; delivery to that token is stopped.

Troubleshooting

See Also

• Notifications — Overview of notification types, channels, and preferences
• Schema and migration for fcm_tokens (e.g. data/schema.sql, data/migrations/fcm_jsonb_schema.sql) in your Ring clone
• FCM specialist truth lens (AI-LEGIOX/legiox-truth-lens/fcm-specialist.json) for token lifecycle, reactive cleanup, and send path details

See Also

• Notifications — Overview of notification types, channels, and preferences
• Schema and migration for fcm_tokens (e.g. data/schema.sql, data/migrations/fcm_jsonb_schema.sql) in your Ring clone
• FCM specialist truth lens (AI-LEGIOX/legiox-truth-lens/fcm-specialist.json) for token lifecycle, reactive cleanup, and send path details

See Also

• Notifications — Overview of notification types, channels, and preferences
• Schema and migration for fcm_tokens (e.g. data/schema.sql, data/migrations/fcm_jsonb_schema.sql) in your Ring clone
• FCM specialist truth lens (AI-LEGIOX/legiox-truth-lens/fcm-specialist.json) for token lifecycle, reactive cleanup, and send path details