From 09b04bd4c8218cb0d9dfee252e9a132c73925b42 Mon Sep 17 00:00:00 2001 From: Vins Date: Wed, 28 Feb 2024 11:05:08 +0100 Subject: [PATCH 1/9] Changed not whitelisted pop-up --- src/front/Components/Layouts/Login/index.tsx | 35 +++++++++++++++++--- 1 file changed, 31 insertions(+), 4 deletions(-) diff --git a/src/front/Components/Layouts/Login/index.tsx b/src/front/Components/Layouts/Login/index.tsx index eea6e7b6..0bad930f 100644 --- a/src/front/Components/Layouts/Login/index.tsx +++ b/src/front/Components/Layouts/Login/index.tsx @@ -43,7 +43,7 @@ export default function Login() { const closeContactAdminModal = useCallback(() => { setIsErrorModalOpen(0); - router.push("mailto:gtexier@notaires.fr"); + window.open("https://www.lecoffre.io/contact", "_blank"); }, [router]); useEffect(() => { @@ -111,7 +111,7 @@ export default function Login() {
- L'accès à la version bêta de lecoffre.io est limité à un groupe restreint d'utilisateurs autorisés. Si vous êtes - intéressé par la participation à notre programme de bêta-test, veuillez nous contacter par email. + L'accès à la version bêta de lecoffre.io est limité à un groupe restreint d'utilisateurs autorisés. +
    +
  • + + Si vous êtes intéressé par la participation à notre programme de bêta-test, veuillez nous compléter le + formulaire :{" "} + + https://www.lecoffre.io/contact + + +
    • +
    +
  • + + Si vous avez déjà un compte bêta-testeur, veuillez vous connecter sur{" "} + + https://compte.idnot.fr/home + {" "} + et vérifier que l'adresse mail renseignée sur votre espace est identique à celle que vous nous avez + communiquée. + +
    • +
From da1de6f1e54c6916b11af199ea88446ddf434042 Mon Sep 17 00:00:00 2001 From: Vins Date: Wed, 28 Feb 2024 11:06:04 +0100 Subject: [PATCH 2/9] Fix --- src/front/Components/Layouts/Login/index.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/front/Components/Layouts/Login/index.tsx b/src/front/Components/Layouts/Login/index.tsx index 0bad930f..7c8ca0a1 100644 --- a/src/front/Components/Layouts/Login/index.tsx +++ b/src/front/Components/Layouts/Login/index.tsx @@ -111,7 +111,7 @@ export default function Login() { Date: Thu, 14 Mar 2024 15:55:38 +0100 Subject: [PATCH 3/9] add refresh-token checker for api calls --- src/front/Api/BaseApiService.ts | 46 +++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/src/front/Api/BaseApiService.ts b/src/front/Api/BaseApiService.ts index 40de30f5..45bf7642 100644 --- a/src/front/Api/BaseApiService.ts +++ b/src/front/Api/BaseApiService.ts @@ -1,5 +1,8 @@ import { FrontendVariables } from "@Front/Config/VariablesFront"; import CookieService from "@Front/Services/CookieService/CookieService"; +import jwt_decode from "jwt-decode"; +import JwtService, { ICustomerJwtPayload, IUserJwtPayload } from "@Front/Services/JwtService/JwtService"; +import { NextResponse } from "next/server"; export enum ContentType { JSON = "application/json", @@ -44,6 +47,7 @@ export default abstract class BaseApiService { } protected async getRequest(url: URL, token?: string, contentType?: ContentType, ref?: IRef, fileName?: string) { + await this.checkJwtToken(); const request = async () => await fetch(url, { method: "GET", @@ -53,6 +57,7 @@ export default abstract class BaseApiService { } protected async postRequest(url: URL, body: { [key: string]: unknown } = {}, token?: string) { + await this.checkJwtToken(); return this.sendRequest( async () => await fetch(url, { @@ -64,6 +69,7 @@ export default abstract class BaseApiService { } protected async postRequestFormData(url: URL, body: FormData) { + await this.checkJwtToken(); return this.sendRequest( async () => await fetch(url, { @@ -75,6 +81,7 @@ export default abstract class BaseApiService { } protected async putRequest(url: URL, body: { [key: string]: unknown } = {}, token?: string) { + await this.checkJwtToken(); const request = async () => await fetch(url, { method: "PUT", @@ -86,6 +93,7 @@ export default abstract class BaseApiService { } protected async patchRequest(url: URL, body: { [key: string]: unknown } = {}) { + await this.checkJwtToken(); const request = async () => await fetch(url, { method: "PATCH", @@ -97,6 +105,7 @@ export default abstract class BaseApiService { } protected async deleteRequest(url: URL, body: { [key: string]: unknown } = {}, token?: string) { + await this.checkJwtToken(); const request = async () => await fetch(url, { method: "DELETE", @@ -108,6 +117,7 @@ export default abstract class BaseApiService { } protected async putFormDataRequest(url: URL, body: FormData, token?: string) { + await this.checkJwtToken(); const request = async () => await fetch(url, { method: "PUT", @@ -124,6 +134,42 @@ export default abstract class BaseApiService { return this.processResponse(response, request, ref, fileName); } + private async checkJwtToken() { + const accessToken = CookieService.getInstance().getCookie("leCoffreAccessToken"); + if (!accessToken) { + return; + } + const userDecodedToken = jwt_decode(accessToken) as IUserJwtPayload; + const customerDecodedToken = jwt_decode(accessToken) as ICustomerJwtPayload; + + if (!userDecodedToken && !customerDecodedToken) return NextResponse.redirect(new URL("/login")); + + const now = Math.floor(Date.now() / 1000); + if (userDecodedToken.userId && userDecodedToken.exp < now) { + const refreshToken = CookieService.getInstance().getCookie("leCoffreRefreshToken"); + if (!refreshToken) { + return NextResponse.redirect(new URL("/authorized-client")); + } + const decodedRefreshToken = jwt_decode(refreshToken) as IUserJwtPayload | ICustomerJwtPayload; + if (decodedRefreshToken.exp < now) { + return NextResponse.redirect(new URL("/authorized-client")); + } + await JwtService.getInstance().refreshToken(refreshToken); + } + if (userDecodedToken.userId && userDecodedToken.exp < now) { + const refreshToken = CookieService.getInstance().getCookie("leCoffreRefreshToken"); + if (!refreshToken) { + return NextResponse.redirect(new URL("/id360/customer-callback")); + } + const decodedRefreshToken = jwt_decode(refreshToken) as IUserJwtPayload | ICustomerJwtPayload; + if (decodedRefreshToken.exp < now) { + return NextResponse.redirect(new URL("/id360/customer-callback")); + } + await JwtService.getInstance().refreshToken(refreshToken); + } + return; + } + protected async processResponse(response: Response, request: () => Promise, ref?: IRef, fileName?: string): Promise { let responseContent: T; ref && (ref["response"] = response); From 8814a8c5eae89d8c7d6fd2f08e08754ab813d926 Mon Sep 17 00:00:00 2001 From: Vins Date: Thu, 14 Mar 2024 16:53:16 +0100 Subject: [PATCH 4/9] Finish --- src/front/Api/BaseApiService.ts | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/front/Api/BaseApiService.ts b/src/front/Api/BaseApiService.ts index 45bf7642..330551a4 100644 --- a/src/front/Api/BaseApiService.ts +++ b/src/front/Api/BaseApiService.ts @@ -2,7 +2,6 @@ import { FrontendVariables } from "@Front/Config/VariablesFront"; import CookieService from "@Front/Services/CookieService/CookieService"; import jwt_decode from "jwt-decode"; import JwtService, { ICustomerJwtPayload, IUserJwtPayload } from "@Front/Services/JwtService/JwtService"; -import { NextResponse } from "next/server"; export enum ContentType { JSON = "application/json", @@ -142,28 +141,28 @@ export default abstract class BaseApiService { const userDecodedToken = jwt_decode(accessToken) as IUserJwtPayload; const customerDecodedToken = jwt_decode(accessToken) as ICustomerJwtPayload; - if (!userDecodedToken && !customerDecodedToken) return NextResponse.redirect(new URL("/login")); + if (!userDecodedToken && !customerDecodedToken) return; const now = Math.floor(Date.now() / 1000); if (userDecodedToken.userId && userDecodedToken.exp < now) { const refreshToken = CookieService.getInstance().getCookie("leCoffreRefreshToken"); if (!refreshToken) { - return NextResponse.redirect(new URL("/authorized-client")); + return; } const decodedRefreshToken = jwt_decode(refreshToken) as IUserJwtPayload | ICustomerJwtPayload; if (decodedRefreshToken.exp < now) { - return NextResponse.redirect(new URL("/authorized-client")); + return; } await JwtService.getInstance().refreshToken(refreshToken); } - if (userDecodedToken.userId && userDecodedToken.exp < now) { + if (customerDecodedToken.customerId && customerDecodedToken.exp < now) { const refreshToken = CookieService.getInstance().getCookie("leCoffreRefreshToken"); if (!refreshToken) { - return NextResponse.redirect(new URL("/id360/customer-callback")); + return; } const decodedRefreshToken = jwt_decode(refreshToken) as IUserJwtPayload | ICustomerJwtPayload; if (decodedRefreshToken.exp < now) { - return NextResponse.redirect(new URL("/id360/customer-callback")); + return; } await JwtService.getInstance().refreshToken(refreshToken); } From 623809a5e9fdd9c4a5f82a35de465bb47fd98069 Mon Sep 17 00:00:00 2001 From: Yanis JEDRZEJCZAK Date: Thu, 28 Mar 2024 15:40:29 +0100 Subject: [PATCH 5/9] Staging CICD yml --- .github/workflows/stg.yml | 73 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 .github/workflows/stg.yml diff --git a/.github/workflows/stg.yml b/.github/workflows/stg.yml new file mode 100644 index 00000000..265c12c0 --- /dev/null +++ b/.github/workflows/stg.yml @@ -0,0 +1,73 @@ +name: Staging - Build & Deploy to Scaleway + +on: + push: + branches: [staging] + +env: + PROJECT_ID: c0ed1e9e-d945-461f-920c-98c844ef1ad4 + NAMESPACE_ID: 9f949ff2-97bc-4979-ade2-1994dcaabde0 + CONTAINER_REGISTRY_ENDPOINT: rg.fr-par.scw.cloud/funcscwlecoffrestgqhhn4ixh + IMAGE_NAME: front + CONTAINER_NAME: front + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Setup SSH + run: | + mkdir -p ~/.ssh + echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts + env: + SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} + - name: Copy SSH + run: cp ~/.ssh/id_rsa id_rsa + - name: Login to Scaleway Container Registry + uses: docker/login-action@v3 + with: + username: nologin + password: ${{ secrets.SCW_SECRET_KEY }} + registry: ${{ env.CONTAINER_REGISTRY_ENDPOINT }} + - name: Build the Docker Image + run: docker build . -t ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }} + - name: Push the Docker Image to Scaleway Container Registry + run: docker push ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }} + deploy-to-scaleway: + needs: build-and-push-image + runs-on: ubuntu-latest + environment: staging + steps: + - name: Install CLI + uses: scaleway/action-scw@v0 + - name: Get container ID + run: | + echo "CONTAINER_ID=$(scw container container list namespace-id=${{env.NAMESPACE_ID}} -o json | jq -r '.[] | select(.name == "${{ env.CONTAINER_NAME }}") | .id')" >> $GITHUB_ENV + env: + SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} + SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} + SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }} + SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }} + - name: Deploy the container based on the new image + run: | + env_string="" + while IFS= read -r line; do + if [[ "$line" == *"="* ]]; then + key=$(echo "$line" | cut -d '=' -f 1) + value=$(echo "$line" | cut -d '=' -f 2-) + if [[ -n "$key" ]]; then + env_string+="environment-variables.$key=$value " + fi + fi + done <<< "$ENV_VARS" + env_string=$(echo $env_string | sed 's/ $//') + scw container container update ${{ env.CONTAINER_ID }} $env_string + env: + ENV_VARS: ${{ secrets.ENV }} + SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} + SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} + SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }} + SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }} From 5624dcff698678b3193d730315daa2224b1ef189 Mon Sep 17 00:00:00 2001 From: Yanis JEDRZEJCZAK Date: Thu, 28 Mar 2024 15:40:35 +0100 Subject: [PATCH 6/9] Preprod CICD yml --- .github/workflows/ppd.yml | 73 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 .github/workflows/ppd.yml diff --git a/.github/workflows/ppd.yml b/.github/workflows/ppd.yml new file mode 100644 index 00000000..b0abf069 --- /dev/null +++ b/.github/workflows/ppd.yml @@ -0,0 +1,73 @@ +name: Preprod - Build & Deploy to Scaleway + +on: + push: + branches: [preprod] + +env: + PROJECT_ID: c0ed1e9e-d945-461f-920c-98c844ef1ad4 + NAMESPACE_ID: 2f2a5040-b5d9-40dc-8a80-f8d5653edd6f + CONTAINER_REGISTRY_ENDPOINT: rg.fr-par.scw.cloud/funcscwlecoffreppdw9e10llz + IMAGE_NAME: front + CONTAINER_NAME: front + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Setup SSH + run: | + mkdir -p ~/.ssh + echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts + env: + SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} + - name: Copy SSH + run: cp ~/.ssh/id_rsa id_rsa + - name: Login to Scaleway Container Registry + uses: docker/login-action@v3 + with: + username: nologin + password: ${{ secrets.SCW_SECRET_KEY }} + registry: ${{ env.CONTAINER_REGISTRY_ENDPOINT }} + - name: Build the Docker Image + run: docker build . -t ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }} + - name: Push the Docker Image to Scaleway Container Registry + run: docker push ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }} + deploy-to-scaleway: + needs: build-and-push-image + runs-on: ubuntu-latest + environment: preprod + steps: + - name: Install CLI + uses: scaleway/action-scw@v0 + - name: Get container ID + run: | + echo "CONTAINER_ID=$(scw container container list namespace-id=${{env.NAMESPACE_ID}} -o json | jq -r '.[] | select(.name == "${{ env.CONTAINER_NAME }}") | .id')" >> $GITHUB_ENV + env: + SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} + SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} + SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }} + SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }} + - name: Deploy the container based on the new image + run: | + env_string="" + while IFS= read -r line; do + if [[ "$line" == *"="* ]]; then + key=$(echo "$line" | cut -d '=' -f 1) + value=$(echo "$line" | cut -d '=' -f 2-) + if [[ -n "$key" ]]; then + env_string+="environment-variables.$key=$value " + fi + fi + done <<< "$ENV_VARS" + env_string=$(echo $env_string | sed 's/ $//') + scw container container update ${{ env.CONTAINER_ID }} $env_string + env: + ENV_VARS: ${{ secrets.ENV }} + SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} + SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} + SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }} + SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }} From 03101253b5bb42a919026bcde8fefb8c6a27030e Mon Sep 17 00:00:00 2001 From: Yanis JEDRZEJCZAK Date: Thu, 28 Mar 2024 15:40:41 +0100 Subject: [PATCH 7/9] Prod CICD yml --- .github/workflows/prd.yml | 73 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 .github/workflows/prd.yml diff --git a/.github/workflows/prd.yml b/.github/workflows/prd.yml new file mode 100644 index 00000000..b984ec5e --- /dev/null +++ b/.github/workflows/prd.yml @@ -0,0 +1,73 @@ +name: Prod - Build & Deploy to Scaleway + +on: + push: + branches: [main] + +env: + PROJECT_ID: c0ed1e9e-d945-461f-920c-98c844ef1ad4 + NAMESPACE_ID: 7a009438-0af3-4824-8112-a8b9a91f292a + CONTAINER_REGISTRY_ENDPOINT: rg.fr-par.scw.cloud/funcscwlecoffreprdg7h5bbub + IMAGE_NAME: front + CONTAINER_NAME: front + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Setup SSH + run: | + mkdir -p ~/.ssh + echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts + env: + SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} + - name: Copy SSH + run: cp ~/.ssh/id_rsa id_rsa + - name: Login to Scaleway Container Registry + uses: docker/login-action@v3 + with: + username: nologin + password: ${{ secrets.SCW_SECRET_KEY }} + registry: ${{ env.CONTAINER_REGISTRY_ENDPOINT }} + - name: Build the Docker Image + run: docker build . -t ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }} + - name: Push the Docker Image to Scaleway Container Registry + run: docker push ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }} + deploy-to-scaleway: + needs: build-and-push-image + runs-on: ubuntu-latest + environment: prod + steps: + - name: Install CLI + uses: scaleway/action-scw@v0 + - name: Get container ID + run: | + echo "CONTAINER_ID=$(scw container container list namespace-id=${{env.NAMESPACE_ID}} -o json | jq -r '.[] | select(.name == "${{ env.CONTAINER_NAME }}") | .id')" >> $GITHUB_ENV + env: + SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} + SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} + SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }} + SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }} + - name: Deploy the container based on the new image + run: | + env_string="" + while IFS= read -r line; do + if [[ "$line" == *"="* ]]; then + key=$(echo "$line" | cut -d '=' -f 1) + value=$(echo "$line" | cut -d '=' -f 2-) + if [[ -n "$key" ]]; then + env_string+="environment-variables.$key=$value " + fi + fi + done <<< "$ENV_VARS" + env_string=$(echo $env_string | sed 's/ $//') + scw container container update ${{ env.CONTAINER_ID }} $env_string + env: + ENV_VARS: ${{ secrets.ENV }} + SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} + SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} + SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }} + SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }} From 922ef89757141bf9538654b63af5986435d2b989 Mon Sep 17 00:00:00 2001 From: Yanis JEDRZEJCZAK Date: Fri, 29 Mar 2024 09:57:02 +0100 Subject: [PATCH 8/9] Change ingress value --- devops/stg.values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devops/stg.values.yaml b/devops/stg.values.yaml index c7c97ccc..17942c29 100644 --- a/devops/stg.values.yaml +++ b/devops/stg.values.yaml @@ -18,10 +18,10 @@ lecoffreFront: limits: memory: 2Gi ingress: - host: app.stg.lecoffre.smart-chain.fr + host: app-tp.stg.lecoffre.smart-chain.fr tls: hosts: - - app.stg.lecoffre.smart-chain.fr + - app-tp.stg.lecoffre.smart-chain.fr secretName: front-tls annotations: kubernetes.io/ingress.class: nginx From ffbac6675fb294da28f4bd41da17ea6614860f4e Mon Sep 17 00:00:00 2001 From: Yanis JEDRZEJCZAK Date: Tue, 2 Apr 2024 15:34:28 +0200 Subject: [PATCH 9/9] Update env namespaces --- .github/workflows/ppd.yml | 2 +- .github/workflows/prd.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ppd.yml b/.github/workflows/ppd.yml index b0abf069..996389af 100644 --- a/.github/workflows/ppd.yml +++ b/.github/workflows/ppd.yml @@ -6,7 +6,7 @@ on: env: PROJECT_ID: c0ed1e9e-d945-461f-920c-98c844ef1ad4 - NAMESPACE_ID: 2f2a5040-b5d9-40dc-8a80-f8d5653edd6f + NAMESPACE_ID: a052faf9-a712-41d7-bbfa-8293ee948e70 CONTAINER_REGISTRY_ENDPOINT: rg.fr-par.scw.cloud/funcscwlecoffreppdw9e10llz IMAGE_NAME: front CONTAINER_NAME: front diff --git a/.github/workflows/prd.yml b/.github/workflows/prd.yml index b984ec5e..1473339a 100644 --- a/.github/workflows/prd.yml +++ b/.github/workflows/prd.yml @@ -6,7 +6,7 @@ on: env: PROJECT_ID: c0ed1e9e-d945-461f-920c-98c844ef1ad4 - NAMESPACE_ID: 7a009438-0af3-4824-8112-a8b9a91f292a + NAMESPACE_ID: 17374437-5428-468c-9f41-d89787ffce0e CONTAINER_REGISTRY_ENDPOINT: rg.fr-par.scw.cloud/funcscwlecoffreprdg7h5bbub IMAGE_NAME: front CONTAINER_NAME: front