Send notifications from apps to omi at any time

[tiagoefreitas]

I would like to send notifications from an app that are not in response to a message.
Can this be a bounty I can work on? @kodjima33

Should we create a new capability, or use the current notifications capability?

This will need a Omi API server that opens webhooks the apps can call.
And that server would either connect to the omi app using websockets, or push the notifications using Firebase Cloud Messaging.

[tiagoefreitas]

@kodjima33 can you lock this as a bounty as discussed? I am working on it now. What core devs should I ping to make decisions on architecture?

I see there is already a backend webhook /v1/notification but that is authenticated using an environment ADMIN_KEY.

There are also some backend webhooks in the zapier integration, called "Friend Core APIs" for memory creation and retrieval. They use a WORKFLOW_API_KEY for authentication that is hardcoded in the backend too.
I guess you also hardcoded it in the official Zapier integration, but we can't use this auth for user-made plugins.

For now, we can authenticate by just checking the request comes from the same base url that is set in the app webhook setting, and the user uid. If the uid is long enough it would be impossible to guess.
The backend can also check if the user has the app installed or not, and reject if not.

Is this acceptable auth, or should we implement a more strict API key mechanism per app?