Tetardtek/originsdigital
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Tetardtek:8309400466e779cd1bfd3590452ba55a75b5b672
Branches Tags
Tetardtek:main
..
compare: Tetardtek:main
Branches Tags
Tetardtek:main

3 Commits
8309400466 ... main

Author SHA1 Message Date
Tetardtek
05c39640d0 fix: VITE_API_URL fallback to include /api suffix
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 27s
Details 
Secret was missing /api — frontend called /auth/session instead of
/api/auth/session, Apache SPA fallback returned index.html instead
of proxying to Express backend.
 2026-03-23 03:09:16 +01:00
Tetardtek
2c54257c94 fix: CI/CD add missing VITE_OAUTH vars + pm2 reload via tetardtek-brain
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 29s
Details 
VITE_OAUTH_URL and VITE_OAUTH_CLIENT_ID were missing from build env,
causing empty client_id in PKCE flow. pm2 reload via su - tetardtek-brain
(same pattern as SuperOAuth post ssh-hardening).
 2026-03-23 02:53:51 +01:00
Tetardtek
e04666865d fix: CallbackPage handles verification_pending and merge_pending states
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 38s
Details
2026-03-23 01:14:50 +01:00
2 changed files with 67 additions and 6 deletions
Expand all files Collapse all files

7
.gitea/workflows/deploy.yml
View File

@@ -32,15 +32,16 @@ jobs:
- name: Restart pm2 - name: Restart pm2
if: github.event_name == 'push' && github.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
run: | run: |
pm2 restart originsdigital-backend || pm2 start /var/www/originsdigital/backend/dist/index.js --name originsdigital-backend su - tetardtek-brain -c 'pm2 reload originsdigital-backend --update-env'
pm2 save
# ── Frontend ───────────────────────────────────────────────────────────── # ── Frontend ─────────────────────────────────────────────────────────────
- name: Install & build frontend - name: Install & build frontend
working-directory: frontend working-directory: frontend
env: env:
VITE_API_URL: ${{ secrets.VITE_API_URL }} VITE_API_URL: ${{ secrets.VITE_API_URL || 'https://origins.tetardtek.com/api' }}
VITE_SUPEROAUTH_URL: ${{ secrets.VITE_SUPEROAUTH_URL }} VITE_SUPEROAUTH_URL: ${{ secrets.VITE_SUPEROAUTH_URL }}
VITE_OAUTH_URL: ${{ secrets.VITE_SUPEROAUTH_URL }}
VITE_OAUTH_CLIENT_ID: origins
run: | run: |
npm ci npm ci
npm run build npm run build

66
frontend/src/pages/CallbackPage.tsx
View File

@@ -10,15 +10,20 @@ interface SessionResponse {
data: { user: User }; data: { user: User };
} }
type PendingState =
| { kind: 'verification_pending'; email: string }
| { kind: 'merge_pending'; email: string; provider: string };
export default function CallbackPage() { export default function CallbackPage() {
const navigate = useNavigate(); const navigate = useNavigate();
const { setUser } = useAuthContext(); const { setUser } = useAuthContext();
const [error, setError] = useState<string | null>(null); const [error, setError] = useState<string | null>(null);
const [pending, setPending] = useState<PendingState | null>(null);
useEffect(() => { useEffect(() => {
const params = new URLSearchParams(window.location.search); const params = new URLSearchParams(window.location.search);
// --- Erreur OAuth explicite (state=error, error=access_denied, etc.) --- // --- Erreur OAuth explicite ---
const oauthError = params.get('error'); const oauthError = params.get('error');
if (oauthError) { if (oauthError) {
const desc = params.get('error_description') ?? oauthError; const desc = params.get('error_description') ?? oauthError;
@@ -26,6 +31,21 @@ export default function CallbackPage() {
return; return;
} }
// --- Pending states (verification / merge) ---
const status = params.get('status');
if (status === 'verification_pending') {
setPending({ kind: 'verification_pending', email: params.get('email') ?? '' });
return;
}
if (status === 'merge_pending') {
setPending({
kind: 'merge_pending',
email: params.get('email') ?? '',
provider: params.get('provider') ?? '',
});
return;
}
// --- Flow PKCE : ?code= présent --- // --- Flow PKCE : ?code= présent ---
const code = params.get('code'); const code = params.get('code');
if (code) { if (code) {
@@ -38,7 +58,6 @@ export default function CallbackPage() {
exchangeCode(code, verifier, redirectUri) exchangeCode(code, verifier, redirectUri)
.then((tokens) => { .then((tokens) => {
// Pass tokens to backend to set httpOnly cookies + sync user
return apiFetch<SessionResponse>('/auth/session', { return apiFetch<SessionResponse>('/auth/session', {
method: 'POST', method: 'POST',
body: JSON.stringify({ body: JSON.stringify({
@@ -55,7 +74,7 @@ export default function CallbackPage() {
return; return;
} }
// --- Flow session (Step 2 — token JWT passé en query param) --- // --- Flow session (token JWT en query param) ---
const token = params.get('token'); const token = params.get('token');
if (token) { if (token) {
apiFetch<SessionResponse>('/auth/session', { apiFetch<SessionResponse>('/auth/session', {
@@ -74,6 +93,47 @@ export default function CallbackPage() {
navigate('/', { replace: true }); navigate('/', { replace: true });
}, [navigate, setUser]); }, [navigate, setUser]);
// --- Pending UI ---
if (pending) {
return (
<div className="flex flex-col items-center gap-6 pt-20 max-w-md mx-auto text-center">
{pending.kind === 'verification_pending' ? (
<>
<div className="text-4xl">📧</div>
<h2 className="text-lg font-semibold text-od-text">Vérifie ton email</h2>
<p className="text-sm text-od-muted">
Un email de vérification a é envoyé à{' '}
<span className="text-od-text font-mono">{pending.email}</span>.
<br />
Clique sur le lien pour activer ton compte.
</p>
</>
) : (
<>
<div className="text-4xl">🔗</div>
<h2 className="text-lg font-semibold text-od-text">Fusion de compte</h2>
<p className="text-sm text-od-muted">
Un compte existe déjà avec l'email{' '}
<span className="text-od-text font-mono">{pending.email}</span>.
<br />
Un email a été envoyé pour fusionner ton compte{' '}
<span className="text-od-accent capitalize">{pending.provider}</span>.
<br />
Clique sur le lien dans l'email pour confirmer.
</p>
</>
)}
<a
href="/login"
className="font-mono text-xs text-od-muted hover:text-od-text transition-colors"
>
Retour à la connexion
</a>
</div>
);
}
// --- Error UI ---
if (error) { if (error) {
return ( return (
<div className="flex flex-col items-center gap-4 pt-20"> <div className="flex flex-col items-center gap-4 pt-20">