From db5858a344655b6b9c9b4dbcb57cc90f88fb6151 Mon Sep 17 00:00:00 2001 From: Adam <45126464+KeyZox71@users.noreply.github.com> Date: Mon, 29 Sep 2025 20:35:25 +0200 Subject: [PATCH 01/12] les crampte la XD --- doc/auth/me.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/doc/auth/me.md b/doc/auth/me.md index 4c907e2..26a2e15 100644 --- a/doc/auth/me.md +++ b/doc/auth/me.md @@ -3,3 +3,9 @@ GET `/me` Inputs : just need the JWT cookie Returns the user of the account + +``` +{ + user: ":userId" +} +``` From ae4838166be24eedee63dac2c645b110d05566fc Mon Sep 17 00:00:00 2001 From: adjoly Date: Wed, 1 Oct 2025 19:44:48 +0200 Subject: [PATCH 02/12] =?UTF-8?q?=E3=80=8C=E2=9C=A8=E3=80=8D=20feat(auth-a?= =?UTF-8?q?pi):=20/logout=20added?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/api/auth/default.js | 3 +++ src/api/auth/logout.js | 17 +++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 src/api/auth/logout.js diff --git a/src/api/auth/default.js b/src/api/auth/default.js index 6a15651..78e7411 100644 --- a/src/api/auth/default.js +++ b/src/api/auth/default.js @@ -10,6 +10,7 @@ import { gRegisterCallback } from './gRegisterCallback.js'; import { totpSetup } from './totpSetup.js'; import { totpDelete } from './totpDelete.js'; import { totpVerify } from './totpVerify.js'; +import { logout } from './logout.js'; const saltRounds = 10; export const appName = process.env.APP_NAME || 'knl_meowscendence'; @@ -107,4 +108,6 @@ export default async function(fastify, options) { } } }, async (request, reply) => { return register(request, reply, saltRounds, fastify); }); + + fastify.get('/logout', {}, async (request, reply) => { return logout(request, reply, fastify); }) } diff --git a/src/api/auth/logout.js b/src/api/auth/logout.js new file mode 100644 index 0000000..d4117b8 --- /dev/null +++ b/src/api/auth/logout.js @@ -0,0 +1,17 @@ +/** + * @async + * @param {import("fastify").FastifyReply} reply + * + * @returns {import("fastify").FastifyReply} + */ +export async function logout(reply) { + try { + return reply + .code(200) + .clearCookie() + .send({ msg: "Logout successful" }); + } catch { + fastify.log.error(err); + return reply.code(500).send({ error: "Internal server error" }); + } +} From e23922d4e3441ccb7b74df9d53a483e3c0a613e5 Mon Sep 17 00:00:00 2001 From: adjoly Date: Wed, 1 Oct 2025 19:50:03 +0200 Subject: [PATCH 03/12] =?UTF-8?q?=E3=80=8C=F0=9F=93=9D=E3=80=8D=20doc(auth?= =?UTF-8?q?-api):=20logout=20doc=20added?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/auth/logout.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 doc/auth/logout.md diff --git a/doc/auth/logout.md b/doc/auth/logout.md new file mode 100644 index 0000000..98b6edc --- /dev/null +++ b/doc/auth/logout.md @@ -0,0 +1,24 @@ +# Logout + +Available endpoints: +- GET `/logout` + +Common return: +- 500 with response +```json +{ + "error": "Internal server error" +} +``` + +## GET `/logout` + +Used to logout the client (it just delete the cookie) + +Returns: +- 200 with response and clear cookie +```json +{ + "msg": "Logout successful" +} +``` From 544289e2af9f88ae64282ee85f1fc91d3482edc8 Mon Sep 17 00:00:00 2001 From: adjoly Date: Wed, 1 Oct 2025 20:11:27 +0200 Subject: [PATCH 04/12] =?UTF-8?q?=E3=80=8C=F0=9F=94=A8=E3=80=8D=20fix:=20f?= =?UTF-8?q?ixed=20a=20massive=20skill=20issue=20but=20f*ck=20js?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/api/auth/default.js | 2 +- src/api/auth/logout.js | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/api/auth/default.js b/src/api/auth/default.js index 78e7411..0e491ac 100644 --- a/src/api/auth/default.js +++ b/src/api/auth/default.js @@ -109,5 +109,5 @@ export default async function(fastify, options) { } }, async (request, reply) => { return register(request, reply, saltRounds, fastify); }); - fastify.get('/logout', {}, async (request, reply) => { return logout(request, reply, fastify); }) + fastify.get('/logout', {}, async (request, reply) => { return logout(reply, fastify); }) } diff --git a/src/api/auth/logout.js b/src/api/auth/logout.js index d4117b8..84d1d22 100644 --- a/src/api/auth/logout.js +++ b/src/api/auth/logout.js @@ -1,10 +1,11 @@ /** * @async * @param {import("fastify").FastifyReply} reply + * @param {import("fastify").FastifyInstance} fastify * * @returns {import("fastify").FastifyReply} */ -export async function logout(reply) { +export async function logout(reply, fastify) { try { return reply .code(200) From 705571ee120e2f86ade38b2c8768211867aa555c Mon Sep 17 00:00:00 2001 From: adjoly Date: Wed, 1 Oct 2025 20:16:58 +0200 Subject: [PATCH 05/12] =?UTF-8?q?=E3=80=8C=F0=9F=94=A8=E3=80=8D=20fix:=20f?= =?UTF-8?q?ixed=20some=20things.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/api/auth/logout.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/api/auth/logout.js b/src/api/auth/logout.js index 84d1d22..b3c57ef 100644 --- a/src/api/auth/logout.js +++ b/src/api/auth/logout.js @@ -9,7 +9,7 @@ export async function logout(reply, fastify) { try { return reply .code(200) - .clearCookie() + .clearCookie("token") .send({ msg: "Logout successful" }); } catch { fastify.log.error(err); From d15161dba4dc676a449282cfbcb49ca5baf89ab8 Mon Sep 17 00:00:00 2001 From: adjoly Date: Mon, 13 Oct 2025 15:10:54 +0200 Subject: [PATCH 06/12] =?UTF-8?q?=E3=80=8C=E2=9C=A8=E3=80=8D=20feat:=20now?= =?UTF-8?q?=20creating=20user=20on=20the=20user=20api=20when=20registering?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env.example | 3 +++ src/api/auth/gRegisterCallback.js | 3 +++ src/api/auth/register.js | 3 +++ src/utils/authUserCreate.js | 24 ++++++++++++++++++++++++ 4 files changed, 33 insertions(+) create mode 100644 src/utils/authUserCreate.js diff --git a/.env.example b/.env.example index 8ecbc62..72ae740 100644 --- a/.env.example +++ b/.env.example @@ -24,3 +24,6 @@ SMTP_FROM= SMTP_AUTH_USERNAME= SMTP_AUTH_PASSWORD= EMAIL_TO= + +USER_URL= +AUTH_URL= diff --git a/src/api/auth/gRegisterCallback.js b/src/api/auth/gRegisterCallback.js index f79542f..40d8111 100644 --- a/src/api/auth/gRegisterCallback.js +++ b/src/api/auth/gRegisterCallback.js @@ -1,6 +1,7 @@ import axios from 'axios' import authDB from '../../utils/authDB.js'; +import { authUserCreate } from '../../utils/authUserCreate.js'; var env = process.env.NODE_ENV || 'development'; @@ -46,6 +47,8 @@ export async function gRegisterCallback(request, reply, fastify) { authDB.addUser(user.username, ''); + authUserCreate(user.username, fastify) + const token = fastify.jwt.sign(user); return reply diff --git a/src/api/auth/register.js b/src/api/auth/register.js index 7463452..5e10ff1 100644 --- a/src/api/auth/register.js +++ b/src/api/auth/register.js @@ -2,6 +2,7 @@ import bcrypt from 'bcrypt'; import { isValidString } from '../../utils/authUtils.js'; import authDB from '../../utils/authDB.js'; +import { authUserCreate } from '../../utils/authUserCreate.js'; var env = process.env.NODE_ENV || 'development'; @@ -36,6 +37,8 @@ export async function register(request, reply, saltRounds, fastify) { const hash = await bcrypt.hash(password, saltRounds); authDB.addUser(user, hash); + authUserCreate(user, fastify) + const token = fastify.jwt.sign({ user }); return reply diff --git a/src/utils/authUserCreate.js b/src/utils/authUserCreate.js new file mode 100644 index 0000000..d453285 --- /dev/null +++ b/src/utils/authUserCreate.js @@ -0,0 +1,24 @@ +import axios from 'axios'; + +/** + * @param {string} username + * @param {import('fastify').FastifyInstance} fastify + */ +export async function authUserCreate(username, fastify) { + const payload = { + displayName: username, + }; + const cookie = fastify.jwt.sign({ user: "admin" }); + + const url = process.env.USER_URL || "http://localhost:3002/" + + await axios.post( + "http://localhost:3002/users/" + username, + payload, + { + headers: { + 'Cookie': 'token=' + cookie, + }, + } + ); +} From cf59dd07612ab00b40dbf49ca4d11608122cc173 Mon Sep 17 00:00:00 2001 From: adjoly Date: Tue, 14 Oct 2025 13:48:01 +0200 Subject: [PATCH 07/12] =?UTF-8?q?=E3=80=8C=F0=9F=94=A8=E3=80=8D=20fix:=20n?= =?UTF-8?q?ow=20redirecting=20on=20/?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/api/auth/gLogCallback.js | 4 +--- src/api/auth/gRegisterCallback.js | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/src/api/auth/gLogCallback.js b/src/api/auth/gLogCallback.js index 975b7d6..c596cd4 100644 --- a/src/api/auth/gLogCallback.js +++ b/src/api/auth/gLogCallback.js @@ -45,9 +45,7 @@ export async function gLogCallback(request, reply, fastify) { path: '/', secure: env !== 'development', sameSite: 'lax', - }) - .code(200) - .send({ msg: "Login successful" }); + }).redirect('/'); } catch (error) { fastify.log.error(error); reply.code(500).send({ error: 'Internal server error' }); diff --git a/src/api/auth/gRegisterCallback.js b/src/api/auth/gRegisterCallback.js index f79542f..bfa8a11 100644 --- a/src/api/auth/gRegisterCallback.js +++ b/src/api/auth/gRegisterCallback.js @@ -54,9 +54,7 @@ export async function gRegisterCallback(request, reply, fastify) { path: '/', secure: env !== 'development', sameSite: 'lax', - }) - .code(200) - .send({ msg: "Register successful" }); + }).redirect('/'); } catch (error) { fastify.log.error(error); reply.code(500).send({ error: 'Internal server error' }); From 67cae236e1812fa87804c07d49c61c9e0f41faf6 Mon Sep 17 00:00:00 2001 From: adjoly Date: Tue, 14 Oct 2025 13:49:23 +0200 Subject: [PATCH 08/12] =?UTF-8?q?=E3=80=8C=F0=9F=94=A8=E3=80=8D=20fix:=20g?= =?UTF-8?q?etting=20from=20env=20instead?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/api/auth/gLogCallback.js | 2 +- src/api/auth/gRegisterCallback.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/api/auth/gLogCallback.js b/src/api/auth/gLogCallback.js index c596cd4..a8c2f20 100644 --- a/src/api/auth/gLogCallback.js +++ b/src/api/auth/gLogCallback.js @@ -45,7 +45,7 @@ export async function gLogCallback(request, reply, fastify) { path: '/', secure: env !== 'development', sameSite: 'lax', - }).redirect('/'); + }).redirect(process.env.CALLBACK_REDIR); } catch (error) { fastify.log.error(error); reply.code(500).send({ error: 'Internal server error' }); diff --git a/src/api/auth/gRegisterCallback.js b/src/api/auth/gRegisterCallback.js index bfa8a11..7ef5afc 100644 --- a/src/api/auth/gRegisterCallback.js +++ b/src/api/auth/gRegisterCallback.js @@ -54,7 +54,7 @@ export async function gRegisterCallback(request, reply, fastify) { path: '/', secure: env !== 'development', sameSite: 'lax', - }).redirect('/'); + }).redirect(process.env.CALLBACK_REDIR); } catch (error) { fastify.log.error(error); reply.code(500).send({ error: 'Internal server error' }); From 036798ab56f649b70ba9e5f524ae64a3164d0065 Mon Sep 17 00:00:00 2001 From: adjoly Date: Tue, 14 Oct 2025 13:54:20 +0200 Subject: [PATCH 09/12] =?UTF-8?q?=E3=80=8C=F0=9F=93=9D=E3=80=8D=20doc:=20a?= =?UTF-8?q?dded=20redir=20env?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env.example | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.env.example b/.env.example index 8ecbc62..ed35459 100644 --- a/.env.example +++ b/.env.example @@ -12,6 +12,8 @@ GRAPH_PORT=3000 ELK_PORT=5601 GOOGLE_CALLBACK_URL=https://localhost:8443/api/v1 +# the url to which the user will be redirected when it logs with google +CALLBACK_REDIR=http://localhost:3000 GOOGLE_CLIENT_SECRET=susAF GOOGLE_CLIENT_ID=Really @@ -24,3 +26,4 @@ SMTP_FROM= SMTP_AUTH_USERNAME= SMTP_AUTH_PASSWORD= EMAIL_TO= + From d80beff543f91abe616e007d2007876145821d0b Mon Sep 17 00:00:00 2001 From: adjoly Date: Tue, 14 Oct 2025 18:24:22 +0200 Subject: [PATCH 10/12] =?UTF-8?q?=E3=80=8C=F0=9F=94=A8=E3=80=8D=20fix:=20f?= =?UTF-8?q?ixed=20cookie=20with=20google=20callback?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/api/auth/gLogCallback.js | 2 +- src/api/auth/gRegisterCallback.js | 2 +- src/utils/authUserCreate.js | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/api/auth/gLogCallback.js b/src/api/auth/gLogCallback.js index a8c2f20..6b3c78b 100644 --- a/src/api/auth/gLogCallback.js +++ b/src/api/auth/gLogCallback.js @@ -37,7 +37,7 @@ export async function gLogCallback(request, reply, fastify) { return reply.code(400).send({ error: "User does not exist" }); } - const token = fastify.jwt.sign(user); + const token = fastify.jwt.sign({ user: user.username}); return reply .setCookie('token', token, { diff --git a/src/api/auth/gRegisterCallback.js b/src/api/auth/gRegisterCallback.js index 4265413..217fae5 100644 --- a/src/api/auth/gRegisterCallback.js +++ b/src/api/auth/gRegisterCallback.js @@ -49,7 +49,7 @@ export async function gRegisterCallback(request, reply, fastify) { authUserCreate(user.username, fastify) - const token = fastify.jwt.sign(user); + const token = fastify.jwt.sign({ user: user.username}); return reply .setCookie('token', token, { diff --git a/src/utils/authUserCreate.js b/src/utils/authUserCreate.js index d453285..a1d6bba 100644 --- a/src/utils/authUserCreate.js +++ b/src/utils/authUserCreate.js @@ -13,7 +13,7 @@ export async function authUserCreate(username, fastify) { const url = process.env.USER_URL || "http://localhost:3002/" await axios.post( - "http://localhost:3002/users/" + username, + url + "users/" + username, payload, { headers: { From 2cafd7afac0604906f2e1f635ab7deb6bfb5a7f1 Mon Sep 17 00:00:00 2001 From: adjoly Date: Thu, 16 Oct 2025 13:25:36 +0200 Subject: [PATCH 11/12] =?UTF-8?q?=E3=80=8C=E2=9C=A8=E3=80=8D=20feat:=20add?= =?UTF-8?q?ed=20env=20variable=20to=20front?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker/api-base/compose.yml | 2 +- docker/front/Dockerfile | 7 +++++-- docker/front/compose.yml | 3 +++ src/utils/authUserCreate.js | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/docker/api-base/compose.yml b/docker/api-base/compose.yml index 76b987e..85b77c4 100644 --- a/docker/api-base/compose.yml +++ b/docker/api-base/compose.yml @@ -29,7 +29,7 @@ services: - back environment: - TZ=Europe/Paris - - GOOGLE_CALLBACK_URL=${GOOGLE_CALLBACK_URL} + - GOOGLE_CALLBACK_URL=${AUTH_URL} - GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID} - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET} - API_TARGET=auth diff --git a/docker/front/Dockerfile b/docker/front/Dockerfile index b8f2ce2..36fc0e5 100644 --- a/docker/front/Dockerfile +++ b/docker/front/Dockerfile @@ -13,6 +13,9 @@ RUN cd /build \ FROM node:lts-alpine AS builder-vite +ARG VITE_USER_URL +ARG VITE_AUTH_URL + RUN npm install -g pnpm WORKDIR /app @@ -24,8 +27,8 @@ RUN pnpm install --frozen-lockfile COPY vite.config.js tailwind.config.js ./ COPY src ./src -RUN pnpm vite build - +RUN VITE_USER_URL=${VITE_USER_URL} VITE_AUTH_URL=${VITE_AUTH_URL}\ + pnpm vite build FROM alpine:3.22 diff --git a/docker/front/compose.yml b/docker/front/compose.yml index 72b2b67..134b29d 100644 --- a/docker/front/compose.yml +++ b/docker/front/compose.yml @@ -4,6 +4,9 @@ services: build: dockerfile: docker/front/Dockerfile context: ../../ + args: + - VITE_USER_URL=${USER_URL} + - VITE_AUTH_URL=${AUTH_URL} environment: - TZ=Europe/Paris networks: diff --git a/src/utils/authUserCreate.js b/src/utils/authUserCreate.js index a1d6bba..1ee3d38 100644 --- a/src/utils/authUserCreate.js +++ b/src/utils/authUserCreate.js @@ -10,7 +10,7 @@ export async function authUserCreate(username, fastify) { }; const cookie = fastify.jwt.sign({ user: "admin" }); - const url = process.env.USER_URL || "http://localhost:3002/" + const url = process.env.USER_URL + "/" || "http://localhost:3002/" await axios.post( url + "users/" + username, From 627197f8f3ca5a5d0e09f9064ad45b9059594a5a Mon Sep 17 00:00:00 2001 From: adjoly Date: Thu, 16 Oct 2025 13:28:07 +0200 Subject: [PATCH 12/12] =?UTF-8?q?=E3=80=8C=F0=9F=94=A8=E3=80=8D=20fix:=20f?= =?UTF-8?q?ixed=20this=20shit?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/utils/authUserCreate.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/utils/authUserCreate.js b/src/utils/authUserCreate.js index 1ee3d38..e8a6771 100644 --- a/src/utils/authUserCreate.js +++ b/src/utils/authUserCreate.js @@ -10,10 +10,10 @@ export async function authUserCreate(username, fastify) { }; const cookie = fastify.jwt.sign({ user: "admin" }); - const url = process.env.USER_URL + "/" || "http://localhost:3002/" + const url = process.env.USER_URL || "http://localhost:3002" await axios.post( - url + "users/" + username, + url + "/users/" + username, payload, { headers: {