Tetardtek/originsdigital
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45 Commits 1 Branch 0 Tags
d69281a2e02ac5acb606e8130980945b62577d19
Commit Graph

45 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tetardtek
d69281a2e0 feat: B3 — search vidéos (filtre client-side + param ?q= backend)
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 22s
Details
2026-03-15 02:22:04 +01:00
Tetardtek
426cd4bbbd feat: B2 — 401 interceptor + auto-refresh token (fix SuperOAuth path + response shape)
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 27s
Details
2026-03-15 02:19:40 +01:00
Tetardtek
6877db3227 fix: login — setUser après auth pour maj header immédiate
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 24s
Details
2026-03-15 01:57:41 +01:00
Tetardtek
2c3d9d95c6 feat(frontend): playlist B1 — edit, delete, share, invitations
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 36s
Details 
- PlaylistPage: bouton Éditer (formulaire inline titre/visibilité), Supprimer (confirm → DELETE → redirect), Partager (modal userId/permission → POST share), Retirer vidéo (✕ → DELETE)
- PlaylistsPage: section invitations reçues avec Accept / Refuser (PATCH share/:shareId)
- tsc --noEmit : 0 erreur, 0 console.log
 2026-03-15 01:00:26 +01:00
Tetardtek
df8e594d57 fix(frontend): Error Boundary, HomePage error state, HLS catch — quick wins pre-Bloc-B 2026-03-15 00:53:46 +01:00
Tetardtek
f80b8cb81c fix: instrument bare catch blocks — logger.error sur stream/admin/user 2026-03-15 00:18:37 +01:00
Tetardtek
494206b5b3 feat: observability — Winston logging, pagination admin, N+1 playlists
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 27s
Details
2026-03-14 23:21:42 +01:00
Tetardtek
31edea9dd9 feat: rate limiting — login 10req/15min, admin 50req/min, trust proxy 2026-03-14 23:20:20 +01:00
Tetardtek
9f53193c7c feat: vitest setup + auth middleware — token invalide et absent → 401 2026-03-14 23:19:45 +01:00
Tetardtek
01d347bce3 fix: ApiError typée + error handling pages video/playlists/admin 
- api.ts : ApiError class (status: number) — remplace Error générique
- VideoPage/PlaylistPage : instanceof ApiError au lieu de message.includes()
- PlaylistsPage : fetchError + createError — silent catch supprimé
- AdminPage : guard roles.some() aligné Header (super_admin inclus)
 2026-03-14 22:37:36 +01:00
Tetardtek
4e8c1aa849 feat: sprint 3 — profil utilisateur, badge plan, dropdown Header 
- AuthContext.User : plan? { slug, name, level } | null
- UserBadge : nickname + badge plan.slug (fallback free)
- Header : dropdown click (Profil / Déconnexion) + click-outside
- ProfilePage : infos compte, badge plan, edit nickname (PATCH /users/me + re-fetch /auth/me → setUser)
- App : route /profile protégée
- useAuth : réexporte depuis AuthContext, fin de la dérive
 2026-03-14 22:33:47 +01:00
Tetardtek
30ef7312b5 feat: sprint 3 — profile endpoints + avatar
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 32s
Details 
- GET /api/auth/me enrichi : avatar, plan actif, subscriptionDate
- GET /api/users/me/profile : profil complet (local UUID, sub, rôles)
- PATCH /api/users/me : update nickname / avatar (validation URL + longueur)
- User entity : champ avatar VARCHAR(500) nullable
- Migration 1742000000000-AddUserAvatar (appliquée VPS)
 2026-03-14 22:25:22 +01:00
Tetardtek
24ae8854ce fix: GET /admin/users — find() x5 → variable locale 2026-03-14 19:35:04 +01:00
Tetardtek
c25d9ad843 feat: admin page — guard isAdmin, error handling, upload local, role assignment
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 32s
Details 
- AuthContext: roles: string[] ajouté au type User
- Header: lien /admin masqué si !roles.includes('admin')
- AdminPage: redirect / si non-admin (Navigate)
- AdminPage: fetchError sur les 3 tabs (load silencieux → message visible)
- AdminPage: actionError sur toutes les mutations (toggle/delete/assign)
- AdminPage: loading UsersTab → skeleton list 3 cartes (aligné Videos/Plans)
- AdminPage: upload local — file input mp4/webm, multipart POST /admin/videos/upload,
  storageKey auto-rempli, Créer bloqué pendant upload
- AdminPage: assignation rôle — PATCH /admin/users/:id/roles, rafraîchit la liste
 2026-03-14 15:25:11 +01:00
Tetardtek
2a74be2624 feat: GET /api/auth/me retourne roles[]
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 35s
Details
2026-03-14 15:18:51 +01:00
Tetardtek
27e6541425 fix: requireAdmin résout le user local par superOAuthId
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 59s
Details
2026-03-14 15:14:03 +01:00
Tetardtek
c7815aac2f feat: token refresh, video upload, playlist routes complets 
- auth: cookie od_token 7j, refresh token od_refresh 30j, POST /api/auth/refresh, GET /api/auth/me/optional
- admin: POST /api/admin/videos/upload via multer (mp4/webm, 4Go max, UUID filename)
- playlist: PATCH /:id, DELETE /:id, POST /:id/videos, DELETE /:id/videos/:videoId
- env: UPLOADS_DIR documenté dans .env.example
 2026-03-14 14:32:18 +01:00
Tetardtek
aa15dc0f54 feat: AuthContext, protected routes, admin page, fix VideoPlayer URL 2026-03-14 14:31:08 +01:00
Tetardtek
324efcaa3d feat: login email/password + proxy POST /api/auth/login → SuperOAuth
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 21s
Details 
- auth.routes : POST /api/auth/login proxie vers SuperOAuth, pose httpOnly cookie
- Factorisation upsertUser() partagé avec /session
- LoginPage : form email/password + séparateur + boutons OAuth provider
 2026-03-14 10:26:25 +01:00
Tetardtek
7e3ee29b13 fix: login page avec sélection provider → /api/v1/auth/oauth/:provider?redirectUrl
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 21s
Details 
SuperOAuth root page ignore ?redirectUrl, les boutons de sa UI pointent vers
ses propres URIs hardcodées. Fix : notre page /login construit les URLs API
directement avec redirectUrl=origins.tetardtek.com/callback.

Aussi : CORS_ORIGINS SuperOAuth mis à jour (origins.tetardtek.com ajouté).
 2026-03-14 10:11:30 +01:00
Tetardtek
34bab532be fix: login → SuperOAuth root page (redirectUrl), drop LoginPage interne
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 21s
Details
2026-03-14 10:04:20 +01:00
Tetardtek
666cf6a435 feat: stream route, admin subscriptions, fix CORS multi-origin
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 21s
Details 
- index.ts : CORS supporte plusieurs origines (FRONTEND_URL séparé par virgule)
- stream.routes.ts : GET /api/stream/:key* — sert fichiers locaux avec auth
  optionnelle, contrôle d'accès par level, support Range requests (seekable)
- admin.routes.ts : POST /api/admin/users/:id/subscriptions — assigne un plan,
  expire l'abonnement actif précédent
- Fix .env VPS : FRONTEND_URL=origins.tetardtek.com (domaine correct)
 2026-03-14 09:58:01 +01:00
Tetardtek
4265d21c8b feat: login provider selection, logout, playlists pages
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 22s
Details 
- LoginPage : sélection Discord/GitHub/Google/Twitch via SuperOAuth
- Header : bouton Connexion → /login, logout ↩ quand connecté, nav Playlists conditionnelle
- useAuth : expose setUser pour logout côté Layout
- PlaylistsPage : liste owned/shared, création inline
- PlaylistPage : détail playlist + liste vidéos ordonnées
- Fix : Video.id number → string (UUID)
- Routes : /login, /playlists, /playlists/:id
 2026-03-14 09:32:45 +01:00
Tetardtek
fcd9867670 ci: fix pipeline — vps-runner host mode, remove setup-node, add smoke test
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 23s
Details
2026-03-14 09:16:57 +01:00
Tetardtek
77e5990078 ci: relance pipeline après ajout secrets
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 54s
Details
2026-03-14 09:03:32 +01:00
Tetardtek
5031b31aeb fix: pipeline CI/CD — vps-runner direct deploy (pm2 + rsync)
Some checks failed
CI/CD — Build & Deploy / Build & Deploy (push) Has been cancelled
Details 
Remplace le flow Docker (docker compose up) par le vrai modèle :
- Job unique sur vps-runner (runner local sur le VPS)
- Build backend → rsync vers /var/www/originsdigital/backend/ → pm2 restart
- Build frontend avec VITE_API_URL/VITE_SUPEROAUTH_URL → rsync vers /var/www/originsdigital/frontend/dist/
- Suppression appleboy/ssh-action (inutile, le runner est sur le VPS)
 2026-03-14 08:59:10 +01:00
Tetardtek
df3fe8ebe0 fix(auth): correct SuperOAuth endpoint path — /api/v1/auth not /api/auth
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 43s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 08:40:32 +01:00
Tetardtek
9598cd8715 perf(frontend): drop react-player — YouTube iframe natif, HLS.js lazy seulement si .m3u8
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 35s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 08:39:01 +01:00
Tetardtek
5eb0a43d7f feat: lazy ReactPlayer, seed 11 vidéos YouTube (niveaux 0/1/2)
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 41s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 08:25:41 +01:00
Tetardtek
11d9432218 fix(routes): resolve superOAuthId → DB userId — critical auth bug
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 35s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details 
req.user.id = SuperOAuth UUID, pas l'UUID TypeORM en DB.
Sans ce fix : getUserPlanLevel retourne toujours 0, ownerId ne matche jamais.

- video.routes: resolveDbUserId avant getUserPlanLevel
- playlist.routes: resolveDbUserId sur toutes les opérations owner/member
 2026-03-14 08:12:11 +01:00
Tetardtek
87d076313c feat(frontend): VideoPage react-player v3, fix data.videos, route /video/:id
Some checks failed
CI/CD — Build & Deploy / Build (push) Has been cancelled
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been cancelled
Details
2026-03-14 08:12:08 +01:00
Tetardtek
5d4bab7d99 chore: add assign-first-admin.sql — run once after first login
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 39s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 08:10:16 +01:00
Tetardtek
253af8f402 fix(auth): upsert user in DB on session creation — first login creates user record 2026-03-14 08:07:42 +01:00
Tetardtek
0591cd4528 feat(frontend): useAuth /auth/me, videos list + locked flag, VITE_API_URL
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 40s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 08:06:51 +01:00
Tetardtek
5afcad487e docs(backend): add .env.example
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 44s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 08:01:01 +01:00
Tetardtek
7c727aa802 feat(admin): requireAdmin middleware + /api/admin routes 
- requireAdmin: charge user_roles en DB, accepte admin/super_admin
- GET/POST/PATCH/DELETE /api/admin/videos (publiées + non publiées)
- GET /api/admin/users avec rôles et abonnement actif
- PATCH /api/admin/users/:id/roles (remplacement atomique par slugs)
- GET/POST/PATCH /api/admin/plans
 2026-03-14 07:46:35 +01:00
Tetardtek
75aad8968f fix(frontend): SuperOAuth flow — VITE_SUPEROAUTH_URL, redirect par provider, pas de client_id
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 29s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 07:39:51 +01:00
Tetardtek
f1de2bb065 fix(backend): resolve migration path relative to __dirname
Some checks failed
CI/CD — Build & Deploy / Deploy to VPS (push) Has been cancelled
Details
CI/CD — Build & Deploy / Build (push) Has been cancelled
Details 
migrations glob "src/migrations/**/*.ts" was CWD-relative — broken when CLI runs
outside the src/ directory. Using __dirname makes it absolute and portable.
 2026-03-14 07:32:39 +01:00
Tetardtek
25733ee3db feat(frontend): scaffold Tailwind design system + routing + auth callback 
- Tailwind v3 + PostCSS + autoprefixer
- BrowserRouter with Layout shell (Header, theme toggle dark/light)
- Pages: HomePage, CallbackPage (SuperOAuth callback handler)
- hooks/useAuth.ts + lib/api.ts (API client base)
- styles/index.css (Tailwind directives)
- Theme persisted in localStorage (od-theme)
 2026-03-14 07:15:19 +01:00
Tetardtek
f3e392ff1b feat(backend): mount API routes + cookie-parser + CORS with credentials 
- index.ts: mount /api/auth, /api/videos, /api/playlists; add cookie-parser; CORS with credentials + FRONTEND_URL env
- auth.middleware: read token from Bearer header OR od_token httpOnly cookie
- routes: auth (session/logout/me), videos (level-gated), playlists (CRUD + share management)
- deps: cookie-parser + @types/cookie-parser
 2026-03-14 07:10:47 +01:00
Tetardtek
71d90eb133 feat: initial schema migration — 9 tables + seed roles & plans 2026-03-14 07:02:20 +01:00
Tetardtek
2f47be1305 feat: TypeORM entities — User, Role, SubscriptionPlan, Video, Playlist + relations 2026-03-14 06:53:02 +01:00
Tetardtek
4f3c0e6433 feat: SuperOAuth token introspection middleware + /api/profile route 2026-03-14 06:40:43 +01:00
Tetardtek
b771f4d1c3 fix: add package-lock.json — required for npm ci in Docker build
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 35s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 04:43:26 +01:00
Tetardtek
4a3be2a323 feat: initial project structure — Express/TS/TypeORM + React/TS + Docker + Gitea CI
Some checks failed
CI/CD — Build & Deploy / Build (push) Failing after 1m47s
Details
CI/CD — Build & Deploy / Deploy to VPS (push) Has been skipped
Details
2026-03-14 04:13:58 +01:00