「🏗️」 wip: started fixing shit

.env.example

@@ -26,10 +26,11 @@ SMTP_AUTH_USERNAME=<smtp-user>
 SMTP_AUTH_PASSWORD=<smtp pass>
 EMAIL_TO=<mail to send to>
 
+# all of those can't have a / at the env ↓
 USER_URL=<the internal url to the user api>
 AUTH_URL=<the internal url to the auth api>
 SCORE_URL=<the internal url to the score store api>
 
 CORS_ORIGIN=<the external url of origin for cors>
-VITE_USER_API=<the external url of the user api>
+VITE_USER_URL=<the external url of the user api>
-VITE_AUTH_API=<the external url of the auth api>
+VITE_AUTH_URL=<the external url of the auth api>

Justfile

@@ -42,7 +42,9 @@ set dotenv-load
 
 # To completely docker
 @clean-docker: clean-compose
-	docker system prune -af
+	docker builder prune -f
+	docker volume prune -af
+	# docker system prune -af
 
 # To clean only the container launched by the compose
 @clean-compose: stop-docker

docker/api-base/compose.yml

@@ -16,6 +16,9 @@ services:
       - LOG_FILE_PATH=/var/log/log.log
       - JWT_SECRET=${JWT_SECRET}
       - CORS_ORIGIN=${CORS_ORIGIN}
+      - USER_URL=${USER_URL}
+      - AUTH_URL=${AUTH_URL}
+      - SCORE_URL=${SCORE_URL}
     restart: unless-stopped
   auth-api:
     container_name: transcendence-api-auth
@@ -30,13 +33,17 @@ services:
       - back
     environment:
       - TZ=Europe/Paris
-      - GOOGLE_CALLBACK_URL=${AUTH_URL}
+      - GOOGLE_CALLBACK_URL=${GOOGLE_CALLBACK_URL}
       - GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID}
       - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET}
+      - CALLBACK_REDIR=${CALLBACK_REDIR}
       - API_TARGET=auth
       - LOG_FILE_PATH=/var/log/log.log
       - JWT_SECRET=${JWT_SECRET}
       - CORS_ORIGIN=${CORS_ORIGIN}
+      - USER_URL=${USER_URL}
+      - AUTH_URL=${AUTH_URL}
+      - SCORE_URL=${SCORE_URL}
     restart: unless-stopped
   scorestore-api:
     container_name: transcendence-api-scoreStore
@@ -47,7 +54,6 @@ services:
       - db-scoreStore:/db
       - log-scoreStore:/var/log
     networks:
-      - front
       - back
     environment:
       - TZ=Europe/Paris
@@ -56,4 +62,7 @@ services:
       - AVAX_PRIVATE_KEY=${AVAX_PRIVATE_KEY}
       - AVAX_RPC_URL=${AVAX_RPC_URL}
       - AVAX_CONTRACT_ADDR=${AVAX_CONTRACT_ADDR}
+      - USER_URL=${USER_URL}
+      - AUTH_URL=${AUTH_URL}
+      - SCORE_URL=${SCORE_URL}
     restart: unless-stopped

docker/docker-compose.yml

@@ -3,8 +3,8 @@ name: ft_transcendence
 include:
   - ./volumes.yml
   - ./networks.yml
-  - ./monitoring/compose.yml
+  # - ./monitoring/compose.yml
   - ./api-base/compose.yml
   - ./front/compose.yml
   - ./proxy/compose.yml
-  - ./ELK/compose.yml
+  # - ./ELK/compose.yml

docker/proxy/Dockerfile

@@ -1,17 +1,17 @@
-FROM		node:lts-alpine AS builder
+# FROM		node:lts-alpine AS builder
-
+#
-RUN			npm install -g pnpm
+# RUN			npm install -g pnpm
-
+#
-WORKDIR		/app
+# WORKDIR		/app
-
+#
-COPY		package.json pnpm-lock.yaml pnpm-workspace.yaml ./
+# COPY		package.json pnpm-lock.yaml pnpm-workspace.yaml ./
-
+#
-RUN			pnpm install --frozen-lockfile
+# RUN			pnpm install --frozen-lockfile
-
+#
-COPY		vite.config.js tailwind.config.js ./
+# COPY		vite.config.js tailwind.config.js ./
-COPY		src ./src
+# COPY		src ./src
-
+#
-RUN			pnpm vite build
+# RUN			pnpm vite build
 
 FROM		owasp/modsecurity-crs:nginx-alpine
 
@@ -23,7 +23,7 @@ COPY		docker/proxy/config/default.conf.template \
 
 COPY		--chmod=755 docker/proxy/entry/ssl-cert.sh /docker-entrypoint.d/ssl-cert.sh
 
-COPY		--from=builder /app/dist /usr/share/nginx/html
+# COPY		--from=builder /app/dist /usr/share/nginx/html
 
 USER		root
 RUN			mkdir -p /var/log/front

docker/proxy/config/default.conf.template

@@ -19,11 +19,19 @@ server {
     add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
 
 	location / {
-		proxy_pass http://transcendence-webserv:80/;
+		proxy_pass http://transcendence-webserv:80;
+		proxy_http_version 1.1;
+		proxy_redirect off;
+		rewrite ^ / break;
+	}
+
+	location /assets/ {
+		proxy_pass http://transcendence-webserv:80/assets/;
 		proxy_http_version 1.1;
 	}
 
     location /api/v1/user/ {
+		modsecurity off;
         proxy_pass http://transcendence-api-user:3000/;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
@@ -35,6 +43,7 @@ server {
 	}
 
     location /api/v1/auth/ {
+		modsecurity off;
         proxy_pass http://transcendence-api-auth:3000/;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;

src/api/user/default.js

@@ -2,7 +2,6 @@ import fastifyJWT from '@fastify/jwt';
 import fastifyCookie from '@fastify/cookie';
 import cors from '@fastify/cors'
 import Database from 'better-sqlite3';
-import cors from '@fastify/cors';
 
 import { gUsers } from './gUsers.js';
 import { gUser } from './gUser.js';
@@ -163,12 +162,6 @@ export default async function(fastify, options) {
 		},
 	});
 	fastify.register(fastifyCookie);
-	fastify.register(cors, {
-		origin: process.env.CORS_ORIGIN || 'http://localhost:5173',
-		credentials: true,
-		methods: [ "GET", "POST", "PATCH", "DELETE", "OPTIONS" ]
-	});
-
 	fastify.addContentTypeParser(
 		['image/jpeg', 'image/png', 'image/gif', 'image/webp'],
 		{ parseAs: 'buffer' },

src/api/user/gMatchHistory.js

@@ -1,3 +1,5 @@
+const score_url = process.env.SCORE_URL
+
 export async function gMatchHistory(request, reply, fastify, getUserInfo, getMatchHistory) {
 	try {
 		const userId = request.params.userId;
@@ -19,7 +21,7 @@ export async function gMatchHistory(request, reply, fastify, getUserInfo, getMat
 			return reply.code(404).send({ error: "No matches exist in the selected range" });
 		}
 		const promises = matchHistoryId.map(async (match) => {
-			const res = await fetch(`http://localhost:3003/${match.matchId}`, { method: "GET" });
+			const res = await fetch(`${score_url}/${match.matchId}`, { method: "GET" });
 			if (!res.ok) {
 				throw new Error('Failed to fetch item from blockchain API');
 			}

src/api/user/pMatchHistory.js

@@ -1,3 +1,5 @@
+const score_url = process.env.SCORE_URL || "http://localhost:3003";
+
 async function fetchSave(request, reply, userId, addMatch) {
 	let opponentName = '';
 	let opponentScore = 0;
@@ -5,7 +7,7 @@ async function fetchSave(request, reply, userId, addMatch) {
 		opponentName = request.body.opponent;
 		opponentScore = request.body.opponentScore;
 	}
-	const res = await fetch('http://localhost:3003/', { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ p1: userId, p2: opponentName, p1Score: request.body.myScore, p2Score: opponentScore }) });
+	const res = await fetch(score_url + "/", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ p1: userId, p2: opponentName, p1Score: request.body.myScore, p2Score: opponentScore }) });
 	if (!res.ok) {
 		throw new Error('Internal server error');
 	}

src/front/static/ts/main.ts

@@ -4,11 +4,11 @@ import FriendsMenu from "./views/Friends.ts";
 let profile_view = new ProfileMenu;
 let friends_view = new FriendsMenu;
 
-export const user_api = import.meta.env.VITE_USER_API as String;
+export const user_api = import.meta.env.VITE_USER_URL as String;
-export const auth_api = import.meta.env.VITE_AUTH_API as String;
+export const auth_api = import.meta.env.VITE_AUTH_URL as String;
 
 export async function isLogged(): Promise<boolean> {
-	let uuid_req = await fetch(auth_api + "/me", {
+	let uuid_req = await fetch(`${auth_api}/me`, {
 		method: "GET",
 		credentials: "include",
 	});
@@ -132,9 +132,9 @@ function updateClock()
 
 async function pingClock() {
 	if (await isLogged()) {
-		fetch(user_api + "/ping", {
+		fetch(`${user_api}/ping`, {
 			method: "POST",
-		credentials: "include"
+			credentials: "include"
 		});
 	}
 }
@@ -156,13 +156,13 @@ async function startMenuPP() {
 		uuid = document.cookie.match(new RegExp('(^| )' + "uuid" + '=([^;]+)'))[2];
 
 
-		const a = await fetch(`http://localhost:3002/users/${uuid}/avatar`, {
+		const a = await fetch(`${user_api}/users/${uuid}/avatar`, {
 			method: "GET",
 			credentials: "include"
 		});
 
 		profileButton.src = a.status === 200
-			? `http://localhost:3002/users/${uuid}/avatar?t=${Date.now()}`
+			? `${user_api}/users/${uuid}/avatar?t=${Date.now()}`
 			: "https://api.kanel.ovh/pp";
 	} catch (err){
 		// console.log("not yet logged, going default for start icon...");

src/front/static/ts/views/Friends.ts

@@ -103,7 +103,7 @@ export default class extends Aview {
 			}
 
 			if (data.n_friends > 0) {
-				const list_req = await fetch(user_api + "/users/" + uuid + "/friends?iStart=0&iEnd=2147483647", {
+				const list_req = await fetch(user_api + "/users/" + uuid + "/friends?iStart=0&iEnd=50", {
 					method: "GET",
 					headers: {
 						"Content-Type": "application/json",

src/front/static/ts/views/Settings.ts

@@ -149,7 +149,7 @@ export default class extends Aview {
 			totpButton.innerHTML = "disable 2fa";
 
 			document.getElementById("2fa-button")?.addEventListener("click", async () => {
-				const totp_req = await fetch(`${user_api}/2fa`, {
+				const totp_req = await fetch(`${auth_api}/2fa`, {
 					method: "DELETE",
 					credentials: "include"
 				})
@@ -164,7 +164,7 @@ export default class extends Aview {
 			totpButton.innerHTML = "enable 2fa";
 
 			document.getElementById("2fa-button")?.addEventListener("click", async () => {
-				const totp_req = await fetch(`${user_api}/2fa`, {
+				const totp_req = await fetch(`${auth_api}/2fa`, {
 					method: "POST",
 					credentials: "include"
 				})