=== AddonLogic Browser Push Notifications ===
Contributors: snehalpancholi
Tags: push notifications, web push, service worker, VAPID, desktop notifications
Requires at least: 6.0
Tested up to: 6.7
Stable tag: 1.0.0
Requires PHP: 8.1
License: GPL-2.0+
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Self-hosted web push notifications — no third-party services, no API keys, no fees.

== Description ==

Let visitors subscribe to web push notifications directly from their browser. When a new post publishes, a desktop or mobile notification fires automatically — without any third-party push service.

**How it works**

1. Generate a VAPID key pair from the settings page (one-time).
2. Visitors see a small opt-in bar — click Allow to subscribe, "No thanks" to dismiss.
3. Subscriptions are stored in a private database table.
4. When a post publishes, a WordPress cron event fires the Web Push protocol messages (RFC 8030 / RFC 8291) using your server's OpenSSL — no external dependencies.

**Features**

* Self-hosted — zero third-party services.
* VAPID key generation built-in.
* aes128gcm payload encryption (RFC 8291).
* Stale subscription auto-pruning (HTTP 410 responses).
* Post-type selector — push on posts, pages, CPTs, or any combination.
* Customisable opt-in prompt text and notification icon.
* Live subscriber count in the settings page.

== Installation ==

1. Upload the `browser-push-notifications` folder to `/wp-content/plugins/`.
2. Activate via **Plugins → Installed Plugins**.
3. Go to **Settings → Push Notifications**, tick "Generate new VAPID key pair", and save.
4. Your site is ready — visit the front end to see the opt-in prompt.

== Frequently Asked Questions ==

= Do I need an account with any push service? =
No. Notifications are sent directly from your server to the browser's push service using the standardised VAPID protocol.

= Do existing subscriptions break if I regenerate VAPID keys? =
Yes — the browser validates the key. Regenerate only if you suspect your private key is compromised.

= Is HTTPS required? =
Yes. The Service Worker API and Push API are restricted to secure origins.

== Changelog ==

= 1.0.0 =
* Initial release.

== Upgrade Notice ==

= 1.0.0 =
Initial release.
