60 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Tetardtek	2c54257c94	fix: CI/CD add missing VITE_OAUTH vars + pm2 reload via tetardtek-brain ... VITE_OAUTH_URL and VITE_OAUTH_CLIENT_ID were missing from build env, causing empty client_id in PKCE flow. pm2 reload via su - tetardtek-brain (same pattern as SuperOAuth post ssh-hardening).	2026-03-23 02:53:51 +01:00
Tetardtek	e04666865d	fix: CallbackPage handles verification_pending and merge_pending states	2026-03-23 01:14:50 +01:00
Tetardtek	8309400466	feat(landing): repositionner plateforme vidéo — supprimer pitch B2B SaaS ... Landing reécrite : vidéos, playlists, créateurs. Supprimé : pricing, white-label, mentions SuperOAuth, PricingCard component. CTA principal → /app (explorer les vidéos).	2026-03-22 16:15:02 +01:00
Tetardtek	d68041e2f1	feat(auth): PKCE client refinements + backend refresh token support ... - oauth.ts: provider param, TokenResponse typing, exchangeCode returns full response - LoginPage: fully async handleOAuth with buildAuthUrl - CallbackPage: dual-mode PKCE (code) + legacy (token), refresh token forwarding - LoginButton: provider prop support - auth.routes: POST /auth/session accepts refreshToken, sets od_refresh cookie	2026-03-22 16:14:55 +01:00
Tetardtek	7932659a73	feat(auth): PKCE flow preparation + CallbackPage dual-mode ... - Add oauth.ts — PKCE helpers (code verifier/challenge, token exchange) - Add LoginButton — "Se connecter avec SuperOAuth" component - Update CallbackPage — handles both PKCE (?code) and legacy (?token) flows - Update .env.example — VITE_OAUTH_URL + VITE_OAUTH_CLIENT_ID PKCE flow ready for when SuperOAuth exposes /oauth/authorize endpoint. Legacy flow (redirect + token query param) remains active in production.	2026-03-22 12:50:07 +01:00
Tetardtek	32b9af7b02	fix(auth): UserMenu sessionStorage → AuthContext — unification auth state	2026-03-17 07:43:48 +01:00
Tetardtek	d25bfb7d87	feat(sprint3-step1-2): vision B2B + Tailwind tokens + LandingPage + Pricing B2B	2026-03-17 06:36:52 +01:00
Tetardtek	e52aa1e79c	perf: requireAdmin — 2 queries → 1 (User + userRoles eager join TypeORM)	2026-03-15 18:00:48 +01:00
Tetardtek	379a9a115b	fix(security): isActive defense-in-depth, MIME magic bytes upload, tenantId=origins OAuth	2026-03-15 17:34:19 +01:00
Tetardtek	ef4c23d6a2	fix: OAuth — window.location.href direct, no cross-origin fetch (CORS)	2026-03-15 03:30:49 +01:00
Tetardtek	94b607c4d0	fix: OAuth buttons — fetch authUrl then redirect (SuperOAuth JSON flow)	2026-03-15 03:27:00 +01:00
Tetardtek	40938be067	fix: OAuth login path — /api/v1/oauth/:provider (pas auth/oauth)	2026-03-15 03:23:24 +01:00
Tetardtek	3eb791d4a1	feat: VideoPage — ajouter à une playlist (owned + edit-permitted)	2026-03-15 02:53:34 +01:00
Tetardtek	8e78ce50b5	feat: profile avatar, callback setUser fix, admin description/thumbnail, pagination limit=100	2026-03-15 02:45:50 +01:00
Tetardtek	61d8a5257d	feat: admin/superadmin — fix response shape, ban/unban, stats tab, role restriction	2026-03-15 02:30:11 +01:00
Tetardtek	d69281a2e0	feat: B3 — search vidéos (filtre client-side + param ?q= backend)	2026-03-15 02:22:04 +01:00
Tetardtek	426cd4bbbd	feat: B2 — 401 interceptor + auto-refresh token (fix SuperOAuth path + response shape)	2026-03-15 02:19:40 +01:00
Tetardtek	6877db3227	fix: login — setUser après auth pour maj header immédiate	2026-03-15 01:57:41 +01:00
Tetardtek	2c3d9d95c6	feat(frontend): playlist B1 — edit, delete, share, invitations ... - PlaylistPage: bouton Éditer (formulaire inline titre/visibilité), Supprimer (confirm → DELETE → redirect), Partager (modal userId/permission → POST share), Retirer vidéo (✕ → DELETE) - PlaylistsPage: section invitations reçues avec Accept / Refuser (PATCH share/:shareId) - tsc --noEmit : 0 erreur, 0 console.log	2026-03-15 01:00:26 +01:00
Tetardtek	df8e594d57	fix(frontend): Error Boundary, HomePage error state, HLS catch — quick wins pre-Bloc-B	2026-03-15 00:53:46 +01:00
Tetardtek	f80b8cb81c	fix: instrument bare catch blocks — logger.error sur stream/admin/user	2026-03-15 00:18:37 +01:00
Tetardtek	494206b5b3	feat: observability — Winston logging, pagination admin, N+1 playlists	2026-03-14 23:21:42 +01:00
Tetardtek	31edea9dd9	feat: rate limiting — login 10req/15min, admin 50req/min, trust proxy	2026-03-14 23:20:20 +01:00
Tetardtek	9f53193c7c	feat: vitest setup + auth middleware — token invalide et absent → 401	2026-03-14 23:19:45 +01:00
Tetardtek	01d347bce3	fix: ApiError typée + error handling pages video/playlists/admin ... - api.ts : ApiError class (status: number) — remplace Error générique - VideoPage/PlaylistPage : instanceof ApiError au lieu de message.includes() - PlaylistsPage : fetchError + createError — silent catch supprimé - AdminPage : guard roles.some() aligné Header (super_admin inclus)	2026-03-14 22:37:36 +01:00
Tetardtek	4e8c1aa849	feat: sprint 3 — profil utilisateur, badge plan, dropdown Header ... - AuthContext.User : plan? { slug, name, level } | null - UserBadge : nickname + badge plan.slug (fallback free) - Header : dropdown click (Profil / Déconnexion) + click-outside - ProfilePage : infos compte, badge plan, edit nickname (PATCH /users/me + re-fetch /auth/me → setUser) - App : route /profile protégée - useAuth : réexporte depuis AuthContext, fin de la dérive	2026-03-14 22:33:47 +01:00
Tetardtek	30ef7312b5	feat: sprint 3 — profile endpoints + avatar ... - GET /api/auth/me enrichi : avatar, plan actif, subscriptionDate - GET /api/users/me/profile : profil complet (local UUID, sub, rôles) - PATCH /api/users/me : update nickname / avatar (validation URL + longueur) - User entity : champ avatar VARCHAR(500) nullable - Migration 1742000000000-AddUserAvatar (appliquée VPS)	2026-03-14 22:25:22 +01:00
Tetardtek	24ae8854ce	fix: GET /admin/users — find() x5 → variable locale	2026-03-14 19:35:04 +01:00
Tetardtek	c25d9ad843	feat: admin page — guard isAdmin, error handling, upload local, role assignment ... - AuthContext: roles: string[] ajouté au type User - Header: lien /admin masqué si !roles.includes('admin') - AdminPage: redirect / si non-admin (Navigate) - AdminPage: fetchError sur les 3 tabs (load silencieux → message visible) - AdminPage: actionError sur toutes les mutations (toggle/delete/assign) - AdminPage: loading UsersTab → skeleton list 3 cartes (aligné Videos/Plans) - AdminPage: upload local — file input mp4/webm, multipart POST /admin/videos/upload, storageKey auto-rempli, Créer bloqué pendant upload - AdminPage: assignation rôle — PATCH /admin/users/:id/roles, rafraîchit la liste	2026-03-14 15:25:11 +01:00
Tetardtek	2a74be2624	feat: GET /api/auth/me retourne roles[]	2026-03-14 15:18:51 +01:00
Tetardtek	27e6541425	fix: requireAdmin résout le user local par superOAuthId	2026-03-14 15:14:03 +01:00
Tetardtek	c7815aac2f	feat: token refresh, video upload, playlist routes complets ... - auth: cookie od_token 7j, refresh token od_refresh 30j, POST /api/auth/refresh, GET /api/auth/me/optional - admin: POST /api/admin/videos/upload via multer (mp4/webm, 4Go max, UUID filename) - playlist: PATCH /:id, DELETE /:id, POST /:id/videos, DELETE /:id/videos/:videoId - env: UPLOADS_DIR documenté dans .env.example	2026-03-14 14:32:18 +01:00
Tetardtek	aa15dc0f54	feat: AuthContext, protected routes, admin page, fix VideoPlayer URL	2026-03-14 14:31:08 +01:00
Tetardtek	324efcaa3d	feat: login email/password + proxy POST /api/auth/login → SuperOAuth ... - auth.routes : POST /api/auth/login proxie vers SuperOAuth, pose httpOnly cookie - Factorisation upsertUser() partagé avec /session - LoginPage : form email/password + séparateur + boutons OAuth provider	2026-03-14 10:26:25 +01:00
Tetardtek	7e3ee29b13	fix: login page avec sélection provider → /api/v1/auth/oauth/:provider?redirectUrl ... SuperOAuth root page ignore ?redirectUrl, les boutons de sa UI pointent vers ses propres URIs hardcodées. Fix : notre page /login construit les URLs API directement avec redirectUrl=origins.tetardtek.com/callback. Aussi : CORS_ORIGINS SuperOAuth mis à jour (origins.tetardtek.com ajouté).	2026-03-14 10:11:30 +01:00
Tetardtek	34bab532be	fix: login → SuperOAuth root page (redirectUrl), drop LoginPage interne	2026-03-14 10:04:20 +01:00
Tetardtek	666cf6a435	feat: stream route, admin subscriptions, fix CORS multi-origin ... - index.ts : CORS supporte plusieurs origines (FRONTEND_URL séparé par virgule) - stream.routes.ts : GET /api/stream/:key* — sert fichiers locaux avec auth optionnelle, contrôle d'accès par level, support Range requests (seekable) - admin.routes.ts : POST /api/admin/users/:id/subscriptions — assigne un plan, expire l'abonnement actif précédent - Fix .env VPS : FRONTEND_URL=origins.tetardtek.com (domaine correct)	2026-03-14 09:58:01 +01:00
Tetardtek	4265d21c8b	feat: login provider selection, logout, playlists pages ... - LoginPage : sélection Discord/GitHub/Google/Twitch via SuperOAuth - Header : bouton Connexion → /login, logout ↩ quand connecté, nav Playlists conditionnelle - useAuth : expose setUser pour logout côté Layout - PlaylistsPage : liste owned/shared, création inline - PlaylistPage : détail playlist + liste vidéos ordonnées - Fix : Video.id number → string (UUID) - Routes : /login, /playlists, /playlists/:id	2026-03-14 09:32:45 +01:00
Tetardtek	fcd9867670	ci: fix pipeline — vps-runner host mode, remove setup-node, add smoke test	2026-03-14 09:16:57 +01:00
Tetardtek	77e5990078	ci: relance pipeline après ajout secrets	2026-03-14 09:03:32 +01:00
Tetardtek	5031b31aeb	fix: pipeline CI/CD — vps-runner direct deploy (pm2 + rsync) ... Remplace le flow Docker (docker compose up) par le vrai modèle : - Job unique sur vps-runner (runner local sur le VPS) - Build backend → rsync vers /var/www/originsdigital/backend/ → pm2 restart - Build frontend avec VITE_API_URL/VITE_SUPEROAUTH_URL → rsync vers /var/www/originsdigital/frontend/dist/ - Suppression appleboy/ssh-action (inutile, le runner est sur le VPS)	2026-03-14 08:59:10 +01:00
Tetardtek	df3fe8ebe0	fix(auth): correct SuperOAuth endpoint path — /api/v1/auth not /api/auth	2026-03-14 08:40:32 +01:00
Tetardtek	9598cd8715	perf(frontend): drop react-player — YouTube iframe natif, HLS.js lazy seulement si .m3u8	2026-03-14 08:39:01 +01:00
Tetardtek	5eb0a43d7f	feat: lazy ReactPlayer, seed 11 vidéos YouTube (niveaux 0/1/2)	2026-03-14 08:25:41 +01:00
Tetardtek	11d9432218	fix(routes): resolve superOAuthId → DB userId — critical auth bug ... req.user.id = SuperOAuth UUID, pas l'UUID TypeORM en DB. Sans ce fix : getUserPlanLevel retourne toujours 0, ownerId ne matche jamais. - video.routes: resolveDbUserId avant getUserPlanLevel - playlist.routes: resolveDbUserId sur toutes les opérations owner/member	2026-03-14 08:12:11 +01:00
Tetardtek	87d076313c	feat(frontend): VideoPage react-player v3, fix data.videos, route /video/:id	2026-03-14 08:12:08 +01:00
Tetardtek	5d4bab7d99	chore: add assign-first-admin.sql — run once after first login	2026-03-14 08:10:16 +01:00
Tetardtek	253af8f402	fix(auth): upsert user in DB on session creation — first login creates user record	2026-03-14 08:07:42 +01:00
Tetardtek	0591cd4528	feat(frontend): useAuth /auth/me, videos list + locked flag, VITE_API_URL	2026-03-14 08:06:51 +01:00
Tetardtek	5afcad487e	docs(backend): add .env.example	2026-03-14 08:01:01 +01:00