From aeacc762ce2155ab3693d97a897cf554916d7a54 Mon Sep 17 00:00:00 2001
From: multipleof4 <planetrenox@protonmail.com>
Date: Wed, 21 Jan 2026 16:22:39 -0800
Subject: [PATCH] Fix: Await ntfy notifications to ensure delivery

---
 functions/api/login.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/functions/api/login.js b/functions/api/login.js
index 11cd9fc..a8e07ae 100644
--- a/functions/api/login.js
+++ b/functions/api/login.js
@@ -4,7 +4,7 @@ const json = (d, o = {}) => {
   return new Response(JSON.stringify(d), { ...o, headers: h });
 };
 const tsEq=(a,b)=>{let d=a.length^b.length;for(let i=0;i<a.length;i++)d|=a.charCodeAt(i)^b.charCodeAt(i);return d===0};
-const notify=(url,msg,prio=3)=>{if(!url)return;const target=url.startsWith('http')?url:`https://${url}`;fetch(target,{method:'POST',body:msg,headers:{'X-Priority':prio.toString()}}).catch(()=>{})};
+const notify=async(url,msg,prio=3)=>{if(!url)return;const target=url.startsWith('http')?url:`https://${url}`;try{await fetch(target,{method:'POST',body:msg,headers:{'X-Priority':prio.toString()}})}catch(e){}};
 
 export async function onRequestPost({ request, env }) {
   try {
@@ -22,7 +22,7 @@ export async function onRequestPost({ request, env }) {
     const user = await env.D1_SPCHCAP.prepare('SELECT id, pass_hash, role FROM users WHERE username = ?').bind(username).first();
     if (!user || !tsEq(user.pass_hash, pass_hash)) return json({ error: 'Invalid credentials' }, { status: 401 });
     
-    notify(env.NTFY_URL, `User Login: ${username}`, 3);
+    await notify(env.NTFY_URL, `User Login: ${username}`, 3);
 
     const exp = new Date(Date.now() + 2592e6); // 30 days
     const opts = `Domain=.speech.capital; Path=/; Expires=${exp.toUTCString()}; HttpOnly; Secure; SameSite=Strict`;