diff --git a/.env.example b/.env.example index 6374512..f89d5a2 100644 --- a/.env.example +++ b/.env.example @@ -26,10 +26,11 @@ SMTP_AUTH_USERNAME= SMTP_AUTH_PASSWORD= EMAIL_TO= +# all of those can't have a / at the env ↓ USER_URL= AUTH_URL= SCORE_URL= CORS_ORIGIN= -VITE_USER_API= -VITE_AUTH_API= +VITE_USER_URL= +VITE_AUTH_URL= diff --git a/Justfile b/Justfile index ad2eb32..56ba865 100644 --- a/Justfile +++ b/Justfile @@ -42,7 +42,9 @@ set dotenv-load # To completely docker @clean-docker: clean-compose - docker system prune -af + docker builder prune -f + docker volume prune -af + # docker system prune -af # To clean only the container launched by the compose @clean-compose: stop-docker diff --git a/docker/api-base/compose.yml b/docker/api-base/compose.yml index bed06c8..e27bbaa 100644 --- a/docker/api-base/compose.yml +++ b/docker/api-base/compose.yml @@ -16,6 +16,9 @@ services: - LOG_FILE_PATH=/var/log/log.log - JWT_SECRET=${JWT_SECRET} - CORS_ORIGIN=${CORS_ORIGIN} + - USER_URL=${USER_URL} + - AUTH_URL=${AUTH_URL} + - SCORE_URL=${SCORE_URL} restart: unless-stopped auth-api: container_name: transcendence-api-auth @@ -30,13 +33,17 @@ services: - back environment: - TZ=Europe/Paris - - GOOGLE_CALLBACK_URL=${AUTH_URL} + - GOOGLE_CALLBACK_URL=${GOOGLE_CALLBACK_URL} - GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID} - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET} + - CALLBACK_REDIR=${CALLBACK_REDIR} - API_TARGET=auth - LOG_FILE_PATH=/var/log/log.log - JWT_SECRET=${JWT_SECRET} - CORS_ORIGIN=${CORS_ORIGIN} + - USER_URL=${USER_URL} + - AUTH_URL=${AUTH_URL} + - SCORE_URL=${SCORE_URL} restart: unless-stopped scorestore-api: container_name: transcendence-api-scoreStore @@ -47,7 +54,6 @@ services: - db-scoreStore:/db - log-scoreStore:/var/log networks: - - front - back environment: - TZ=Europe/Paris @@ -56,4 +62,7 @@ services: - AVAX_PRIVATE_KEY=${AVAX_PRIVATE_KEY} - AVAX_RPC_URL=${AVAX_RPC_URL} - AVAX_CONTRACT_ADDR=${AVAX_CONTRACT_ADDR} + - USER_URL=${USER_URL} + - AUTH_URL=${AUTH_URL} + - SCORE_URL=${SCORE_URL} restart: unless-stopped diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 6a9b21a..f5bf598 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -3,8 +3,8 @@ name: ft_transcendence include: - ./volumes.yml - ./networks.yml - - ./monitoring/compose.yml + # - ./monitoring/compose.yml - ./api-base/compose.yml - ./front/compose.yml - ./proxy/compose.yml - - ./ELK/compose.yml + # - ./ELK/compose.yml diff --git a/docker/proxy/Dockerfile b/docker/proxy/Dockerfile index c46fb7c..dc60e69 100644 --- a/docker/proxy/Dockerfile +++ b/docker/proxy/Dockerfile @@ -1,17 +1,17 @@ -FROM node:lts-alpine AS builder - -RUN npm install -g pnpm - -WORKDIR /app - -COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./ - -RUN pnpm install --frozen-lockfile - -COPY vite.config.js tailwind.config.js ./ -COPY src ./src - -RUN pnpm vite build +# FROM node:lts-alpine AS builder +# +# RUN npm install -g pnpm +# +# WORKDIR /app +# +# COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./ +# +# RUN pnpm install --frozen-lockfile +# +# COPY vite.config.js tailwind.config.js ./ +# COPY src ./src +# +# RUN pnpm vite build FROM owasp/modsecurity-crs:nginx-alpine @@ -23,7 +23,7 @@ COPY docker/proxy/config/default.conf.template \ COPY --chmod=755 docker/proxy/entry/ssl-cert.sh /docker-entrypoint.d/ssl-cert.sh -COPY --from=builder /app/dist /usr/share/nginx/html +# COPY --from=builder /app/dist /usr/share/nginx/html USER root RUN mkdir -p /var/log/front diff --git a/docker/proxy/config/default.conf.template b/docker/proxy/config/default.conf.template index 0f65e5e..c8dc39b 100644 --- a/docker/proxy/config/default.conf.template +++ b/docker/proxy/config/default.conf.template @@ -19,11 +19,19 @@ server { add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; location / { - proxy_pass http://transcendence-webserv:80/; + proxy_pass http://transcendence-webserv:80; + proxy_http_version 1.1; + proxy_redirect off; + rewrite ^ / break; + } + + location /assets/ { + proxy_pass http://transcendence-webserv:80/assets/; proxy_http_version 1.1; } location /api/v1/user/ { + modsecurity off; proxy_pass http://transcendence-api-user:3000/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; @@ -35,6 +43,7 @@ server { } location /api/v1/auth/ { + modsecurity off; proxy_pass http://transcendence-api-auth:3000/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; diff --git a/src/api/user/default.js b/src/api/user/default.js index 0057207..88c7a4e 100644 --- a/src/api/user/default.js +++ b/src/api/user/default.js @@ -2,7 +2,6 @@ import fastifyJWT from '@fastify/jwt'; import fastifyCookie from '@fastify/cookie'; import cors from '@fastify/cors' import Database from 'better-sqlite3'; -import cors from '@fastify/cors'; import { gUsers } from './gUsers.js'; import { gUser } from './gUser.js'; @@ -163,12 +162,6 @@ export default async function(fastify, options) { }, }); fastify.register(fastifyCookie); - fastify.register(cors, { - origin: process.env.CORS_ORIGIN || 'http://localhost:5173', - credentials: true, - methods: [ "GET", "POST", "PATCH", "DELETE", "OPTIONS" ] - }); - fastify.addContentTypeParser( ['image/jpeg', 'image/png', 'image/gif', 'image/webp'], { parseAs: 'buffer' }, diff --git a/src/api/user/gMatchHistory.js b/src/api/user/gMatchHistory.js index e8d3a55..e47517a 100644 --- a/src/api/user/gMatchHistory.js +++ b/src/api/user/gMatchHistory.js @@ -1,3 +1,5 @@ +const score_url = process.env.SCORE_URL + export async function gMatchHistory(request, reply, fastify, getUserInfo, getMatchHistory) { try { const userId = request.params.userId; @@ -19,7 +21,7 @@ export async function gMatchHistory(request, reply, fastify, getUserInfo, getMat return reply.code(404).send({ error: "No matches exist in the selected range" }); } const promises = matchHistoryId.map(async (match) => { - const res = await fetch(`http://localhost:3003/${match.matchId}`, { method: "GET" }); + const res = await fetch(`${score_url}/${match.matchId}`, { method: "GET" }); if (!res.ok) { throw new Error('Failed to fetch item from blockchain API'); } diff --git a/src/api/user/pMatchHistory.js b/src/api/user/pMatchHistory.js index f722775..94dd63b 100644 --- a/src/api/user/pMatchHistory.js +++ b/src/api/user/pMatchHistory.js @@ -1,3 +1,5 @@ +const score_url = process.env.SCORE_URL || "http://localhost:3003"; + async function fetchSave(request, reply, userId, addMatch) { let opponentName = ''; let opponentScore = 0; @@ -5,7 +7,7 @@ async function fetchSave(request, reply, userId, addMatch) { opponentName = request.body.opponent; opponentScore = request.body.opponentScore; } - const res = await fetch('http://localhost:3003/', { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ p1: userId, p2: opponentName, p1Score: request.body.myScore, p2Score: opponentScore }) }); + const res = await fetch(score_url + "/", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ p1: userId, p2: opponentName, p1Score: request.body.myScore, p2Score: opponentScore }) }); if (!res.ok) { throw new Error('Internal server error'); } diff --git a/src/front/static/ts/main.ts b/src/front/static/ts/main.ts index 35338a5..6299759 100644 --- a/src/front/static/ts/main.ts +++ b/src/front/static/ts/main.ts @@ -4,11 +4,11 @@ import FriendsMenu from "./views/Friends.ts"; let profile_view = new ProfileMenu; let friends_view = new FriendsMenu; -export const user_api = import.meta.env.VITE_USER_API as String; -export const auth_api = import.meta.env.VITE_AUTH_API as String; +export const user_api = import.meta.env.VITE_USER_URL as String; +export const auth_api = import.meta.env.VITE_AUTH_URL as String; export async function isLogged(): Promise { - let uuid_req = await fetch(auth_api + "/me", { + let uuid_req = await fetch(`${auth_api}/me`, { method: "GET", credentials: "include", }); @@ -132,9 +132,9 @@ function updateClock() async function pingClock() { if (await isLogged()) { - fetch(user_api + "/ping", { + fetch(`${user_api}/ping`, { method: "POST", - credentials: "include" + credentials: "include" }); } } @@ -156,13 +156,13 @@ async function startMenuPP() { uuid = document.cookie.match(new RegExp('(^| )' + "uuid" + '=([^;]+)'))[2]; - const a = await fetch(`http://localhost:3002/users/${uuid}/avatar`, { + const a = await fetch(`${user_api}/users/${uuid}/avatar`, { method: "GET", credentials: "include" }); profileButton.src = a.status === 200 - ? `http://localhost:3002/users/${uuid}/avatar?t=${Date.now()}` + ? `${user_api}/users/${uuid}/avatar?t=${Date.now()}` : "https://api.kanel.ovh/pp"; } catch (err){ // console.log("not yet logged, going default for start icon..."); diff --git a/src/front/static/ts/views/Friends.ts b/src/front/static/ts/views/Friends.ts index 2d6d72a..1819f95 100644 --- a/src/front/static/ts/views/Friends.ts +++ b/src/front/static/ts/views/Friends.ts @@ -103,7 +103,7 @@ export default class extends Aview { } if (data.n_friends > 0) { - const list_req = await fetch(user_api + "/users/" + uuid + "/friends?iStart=0&iEnd=2147483647", { + const list_req = await fetch(user_api + "/users/" + uuid + "/friends?iStart=0&iEnd=50", { method: "GET", headers: { "Content-Type": "application/json", diff --git a/src/front/static/ts/views/Settings.ts b/src/front/static/ts/views/Settings.ts index f2ab968..3f115f6 100644 --- a/src/front/static/ts/views/Settings.ts +++ b/src/front/static/ts/views/Settings.ts @@ -149,7 +149,7 @@ export default class extends Aview { totpButton.innerHTML = "disable 2fa"; document.getElementById("2fa-button")?.addEventListener("click", async () => { - const totp_req = await fetch(`${user_api}/2fa`, { + const totp_req = await fetch(`${auth_api}/2fa`, { method: "DELETE", credentials: "include" }) @@ -164,7 +164,7 @@ export default class extends Aview { totpButton.innerHTML = "enable 2fa"; document.getElementById("2fa-button")?.addEventListener("click", async () => { - const totp_req = await fetch(`${user_api}/2fa`, { + const totp_req = await fetch(`${auth_api}/2fa`, { method: "POST", credentials: "include" })