Mathis/memegoat
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Activity

Compare commits

base: Mathis:c4e6be44520155cfa646feb850eb6d17c4075adb
Branches Tags
Mathis:main
Mathis:v1.9.6 Mathis:v1.9.5 Mathis:v1.9.4 Mathis:v1.9.3 Mathis:v1.9.2 Mathis:v1.9.1 Mathis:v1.9.0 Mathis:v1.8.3 Mathis:v1.8.2 Mathis:v1.8.1 Mathis:v1.8.0 Mathis:v1.7.5 Mathis:v1.7.4 Mathis:v1.7.3 Mathis:v1.7.2 Mathis:v1.7.1 Mathis:v1.7.0 Mathis:v1.6.0 Mathis:v1.5.6 Mathis:v1.5.5 Mathis:v1.5.4 Mathis:v1.5.3 Mathis:v1.5.2 Mathis:v1.5.1 Mathis:v1.5.0 Mathis:v1.4.1 Mathis:v1.4.0 Mathis:v1.3.0 Mathis:v1.2.1 Mathis:v1.2.0 Mathis:v1.1.1 Mathis:v1.1.0 Mathis:v1.0.8 Mathis:v1.0.7 Mathis:v1.0.6 Mathis:v1.0.5 Mathis:v1.0.4 Mathis:v1.0.3 Mathis:v1.0.2 Mathis:v1.0.1 Mathis:v1.0.0 Mathis:v0.1.1 Mathis:v0.1.0 Mathis:v0.0.1 Mathis:v0.0.0
...
compare: Mathis:v1.7.4
Branches Tags
Mathis:main
Mathis:v1.9.6 Mathis:v1.9.5 Mathis:v1.9.4 Mathis:v1.9.3 Mathis:v1.9.2 Mathis:v1.9.1 Mathis:v1.9.0 Mathis:v1.8.3 Mathis:v1.8.2 Mathis:v1.8.1 Mathis:v1.8.0 Mathis:v1.7.5 Mathis:v1.7.4 Mathis:v1.7.3 Mathis:v1.7.2 Mathis:v1.7.1 Mathis:v1.7.0 Mathis:v1.6.0 Mathis:v1.5.6 Mathis:v1.5.5 Mathis:v1.5.4 Mathis:v1.5.3 Mathis:v1.5.2 Mathis:v1.5.1 Mathis:v1.5.0 Mathis:v1.4.1 Mathis:v1.4.0 Mathis:v1.3.0 Mathis:v1.2.1 Mathis:v1.2.0 Mathis:v1.1.1 Mathis:v1.1.0 Mathis:v1.0.8 Mathis:v1.0.7 Mathis:v1.0.6 Mathis:v1.0.5 Mathis:v1.0.4 Mathis:v1.0.3 Mathis:v1.0.2 Mathis:v1.0.1 Mathis:v1.0.0 Mathis:v0.1.1 Mathis:v0.1.0 Mathis:v0.0.1 Mathis:v0.0.0

18 Commits
c4e6be4452 ... v1.7.4

Author SHA1 Message Date
Mathis HERRIOT
e73ae80fc5 chore: bump version to 1.7.4
All checks were successful
CI/CD Pipeline / Valider backend (push) Successful in 1m35s
Details
CI/CD Pipeline / Valider frontend (push) Successful in 1m41s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 1m46s
Details
CI/CD Pipeline / Déploiement en Production (push) Successful in 5m26s
Details
2026-01-29 14:11:38 +01:00
Mathis HERRIOT
9ccbd2ceb1 refactor: improve formatting, type safety, and component organization 
- Adjusted inconsistent formatting for better readability across components and services.
- Enhanced type safety by adding placeholders for ignored error parameters and improving types across services.
- Improved component organization by reordering imports consistently and applying formatting updates in UI components.
 2026-01-29 14:11:28 +01:00
Mathis HERRIOT
3edf5cc070 Merge remote-tracking branch 'origin/main' 2026-01-29 14:05:09 +01:00
Mathis HERRIOT
2d670ad9cf chore: bump version to 1.7.3
Some checks failed
CI/CD Pipeline / Valider frontend (push) Failing after 59s
Details
CI/CD Pipeline / Valider backend (push) Successful in 1m33s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 1m38s
Details
CI/CD Pipeline / Déploiement en Production (push) Has been skipped
Details
2026-01-29 14:03:10 +01:00
Mathis HERRIOT
fc2f5214b1 feat: implement IP banning in crawler-detection middleware using cache manager 
- Added Redis-based temporary IP banning for suspicious activity detected by the middleware.
- Injected `CACHE_MANAGER` into the middleware to manage banned IPs.
- Enhanced logging to track banned IP attempts.
- Adjusted middleware logic to handle asynchronous IP checks and updates.
 2026-01-29 14:02:49 +01:00
Mathis HERRIOT
aa17c57e26 feat: add data export functionality to settings page and update admin reports table 
- Introduced "Export Data" card in settings for exporting user data as a JSON file.
- Added `exportData` method to `UserService` for handling data export requests.
- Updated admin reports table with a new "Cible" column to display target information.
 2026-01-29 13:57:07 +01:00
Mathis HERRIOT
004021ff84 feat: display reporter and content details in admin reports table 
- Added "Signalé par" column to show reporter ID.
- Displayed content links or "Tag" for reported items.
 2026-01-29 13:55:34 +01:00
Mathis HERRIOT
586d827552 feat: add admin reports page for managing user reports 
- Introduced a new admin reports page at `/admin/reports`.
- Added functionality to fetch, display, and update the status of user reports.
- Integrated status management with options to review, resolve, and dismiss reports.
 2026-01-29 13:52:55 +01:00
Mathis HERRIOT
17fc8d4b68 feat: add REAC_CDA_V04_24052023.pdf file 2026-01-29 13:52:29 +01:00
Mathis HERRIOT
4a66676fcb feat: add reports section to admin dashboard 
- Introduced a new "Signalements" card with navigation to `/admin/reports`.
- Added `Flag` icon for the reports section.
 2026-01-29 13:52:16 +01:00
Mathis HERRIOT
48db40b3d4 feat: integrate TwoFactorSetup component into settings page 
- Added `TwoFactorSetup` to settings for 2FA configuration.
- Enhanced security options in user settings.
 2026-01-29 13:51:46 +01:00
Mathis HERRIOT
c32d4e7203 feat: add 2FA verification to auth provider 
- Introduced `verify2fa` method for handling two-factor authentication.
- Updated `login` to support 2FA response handling.
- Enhanced `AuthContext` with new `verify2fa` method and types.
 2026-01-29 13:51:32 +01:00
Mathis HERRIOT
9b7c2c8e5b feat: add 2FA verification to auth provider 
- Introduced `verify2fa` method for handling two-factor authentication.
- Updated `login` to support 2FA response handling.
- Enhanced `AuthContext` with new `verify2fa` method and types.
 2026-01-29 13:51:20 +01:00
Mathis HERRIOT
0584c46190 feat: add 2FA prompt and OTP input to login flow 
- Integrated 2FA verification into the login process.
- Added conditional rendering for OTP input.
- Updated UI to support dynamic switching between login and 2FA views.
- Introduced new state variables for managing 2FA logic.
 2026-01-29 13:49:54 +01:00
Mathis HERRIOT
13ccdbc2ab feat: introduce reporting system and two-factor authentication (2FA) 
- Added `ReportDialog` component for user-generated content reporting.
- Integrated `ReportService` with create, update, and fetch report functionalities.
- Enhanced `AuthService` with 2FA setup, enable, disable, and verification methods.
- Updated types to include 2FA responses and reporting-related data.
- Enhanced `ContentCard` UI to support reporting functionality.
- Improved admin services to manage user reports and statuses.
 2026-01-29 13:48:59 +01:00
Avnyr
a4d0c6aa8c feat(auth): enhance validation rules for username and password 
- Updated username validation to allow only lowercase letters, numbers, and underscores.
- Strengthened password requirements to include at least 8 characters, one uppercase letter, one lowercase letter, one number, and one special character.
- Adjusted frontend forms and backend DTOs to reflect new validation rules.
 2026-01-28 21:48:23 +01:00
Mathis HERRIOT
ba0234fd13 chore: bump version to 1.7.2
All checks were successful
CI/CD Pipeline / Valider backend (push) Successful in 1m38s
Details
CI/CD Pipeline / Valider frontend (push) Successful in 1m44s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 1m46s
Details
CI/CD Pipeline / Déploiement en Production (push) Successful in 5m30s
Details
2026-01-28 20:56:56 +01:00
Mathis HERRIOT
81461d04e9 chore: update pnpm-lock.yaml to reflect dependency changes 
- Upgraded lockfile version to 9.0.
- Updated dependencies and devDependencies to align with recent changes.
 2026-01-28 20:56:44 +01:00
23 changed files with 12316 additions and 9613 deletions
Expand all files Collapse all files

BIN
REAC_CDA_V04_24052023.pdf Normal file
View File

Binary file not shown.

26
README.md
View File

@@ -59,12 +59,28 @@ Pour approfondir vos connaissances techniques sur le projet :
## Comment l'utiliser ?
### Installation locale
### Déploiement en Production
1. Clonez le dépôt.
2. Installez les dépendances avec `pnpm install`.
3. Configurez les variables d'environnement (voir `.env.example`).
4. Lancez les services via Docker ou manuellement.
Le projet est prêt pour la production via Docker Compose.
1. **Prérequis** : Docker et Docker Compose installés.
2. **Variables d'environnement** : Copiez `.env.example` en `.env.prod` et ajustez les valeurs (clés secrètes, hosts, Sentry DSN, etc.).
3. **Lancement** :
```bash
docker-compose -f docker-compose.prod.yml up -d
```
4. **Services inclus** :
- **Frontend** : Next.js en mode standalone optimisé.
- **Backend** : NestJS avec clustering et monitoring Sentry.
- **Caddy** : Gestion automatique du SSL/TLS.
- **ClamAV** : Scan antivirus en temps réel des médias.
- **Redis** : Cache, sessions et limitation de débit (Throttling/Bot detection).
- **MinIO** : Stockage compatible S3.
### Sécurité et Performance
- **Transcodage Auto** : Toutes les images sont converties en WebP et les vidéos en WebM pour minimiser la bande passante.
- **Bot Detection** : Système intégré de détection et de bannissement automatique des crawlers malveillants via Redis.
- **Monitoring** : Tracking d'erreurs et profilage de performance via Sentry (Node.js et Next.js).
### Clés API

2
backend/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@memegoat/backend",
"version": "1.7.1",
"version": "1.7.4",
"description": "",
"author": "",
"private": true,

4
backend/src/auth/auth.service.spec.ts
View File

@@ -148,7 +148,7 @@ describe("AuthService", () => {
const dto = {
username: "test",
email: "test@example.com",
password: "password",
password: "Password1!",
};
mockHashingService.hashPassword.mockResolvedValue("hashed-password");
mockHashingService.hashEmail.mockResolvedValue("hashed-email");
@@ -165,7 +165,7 @@ describe("AuthService", () => {
describe("login", () => {
it("should login a user", async () => {
const dto = { email: "test@example.com", password: "password" };
const dto = { email: "test@example.com", password: "Password1!" };
const user = {
uuid: "user-id",
username: "test",

15
backend/src/auth/dto/register.dto.ts
View File

@@ -2,6 +2,7 @@ import {
IsEmail,
IsNotEmpty,
IsString,
Matches,
MaxLength,
MinLength,
} from "class-validator";
@@ -10,6 +11,10 @@ export class RegisterDto {
@IsString()
@IsNotEmpty()
@MaxLength(32)
@Matches(/^[a-z0-9_]+$/, {
message:
"username must contain only lowercase letters, numbers, and underscores",
})
username!: string;
@IsString()
@@ -21,5 +26,15 @@ export class RegisterDto {
@IsString()
@MinLength(8)
@Matches(/[A-Z]/, {
message: "password must contain at least one uppercase letter",
})
@Matches(/[a-z]/, {
message: "password must contain at least one lowercase letter",
})
@Matches(/[0-9]/, { message: "password must contain at least one number" })
@Matches(/[^A-Za-z0-9]/, {
message: "password must contain at least one special character",
})
password!: string;
}

26
backend/src/common/middlewares/crawler-detection.middleware.ts
View File

@@ -1,10 +1,14 @@
import { Injectable, Logger, NestMiddleware } from "@nestjs/common";
import { CACHE_MANAGER } from "@nestjs/cache-manager";
import { Inject, Injectable, Logger, NestMiddleware } from "@nestjs/common";
import type { Cache } from "cache-manager";
import type { NextFunction, Request, Response } from "express";
@Injectable()
export class CrawlerDetectionMiddleware implements NestMiddleware {
private readonly logger = new Logger("CrawlerDetection");
constructor(@Inject(CACHE_MANAGER) private cacheManager: Cache) {}
private readonly SUSPICIOUS_PATTERNS = [
/\.env/,
/wp-admin/,
@@ -24,7 +28,7 @@ export class CrawlerDetectionMiddleware implements NestMiddleware {
/db\./,
/backup\./,
/cgi-bin/,
/\.well-known\/security\.txt/, // Bien que légitime, souvent scanné
/\.well-known\/security\.txt/,
];
private readonly BOT_USER_AGENTS = [
@@ -40,11 +44,21 @@ export class CrawlerDetectionMiddleware implements NestMiddleware {
/masscan/i,
];
use(req: Request, res: Response, next: NextFunction) {
async use(req: Request, res: Response, next: NextFunction) {
const { method, url, ip } = req;
const userAgent = req.get("user-agent") || "unknown";
res.on("finish", () => {
// Vérifier si l'IP est bannie
const isBanned = await this.cacheManager.get(`banned_ip:${ip}`);
if (isBanned) {
this.logger.warn(`Banned IP attempt: ${ip} -> ${method} ${url}`);
res.status(403).json({
message: "Access denied: Your IP has been temporarily banned.",
});
return;
}
res.on("finish", async () => {
if (res.statusCode === 404) {
const isSuspiciousPath = this.SUSPICIOUS_PATTERNS.some((pattern) =>
pattern.test(url),
@@ -57,7 +71,9 @@ export class CrawlerDetectionMiddleware implements NestMiddleware {
this.logger.warn(
`Potential crawler detected: [${ip}] ${method} ${url} - User-Agent: ${userAgent}`,
);
// Ici, on pourrait ajouter une logique pour bannir l'IP temporairement via Redis
// Bannir l'IP pour 24h via Redis
await this.cacheManager.set(`banned_ip:${ip}`, true, 86400000);
}
}
});

2
frontend/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@memegoat/frontend",
"version": "1.7.1",
"version": "1.7.4",
"private": true,
"scripts": {
"dev": "next dev",

143
frontend/src/app/(auth)/login/page.tsx
View File

@@ -24,20 +24,29 @@ import {
FormMessage,
} from "@/components/ui/form";
import { Input } from "@/components/ui/input";
import {
InputOTP,
InputOTPGroup,
InputOTPSeparator,
InputOTPSlot,
} from "@/components/ui/input-otp";
import { useAuth } from "@/providers/auth-provider";
const loginSchema = z.object({
email: z.string().email({ message: "Email invalide" }),
password: z
.string()
.min(6, { message: "Le mot de passe doit faire au moins 6 caractères" }),
.min(8, { message: "Le mot de passe doit faire au moins 8 caractères" }),
});
type LoginFormValues = z.infer<typeof loginSchema>;
export default function LoginPage() {
const { login } = useAuth();
const { login, verify2fa } = useAuth();
const [loading, setLoading] = React.useState(false);
const [show2fa, setShow2fa] = React.useState(false);
const [userId, setUserId] = React.useState<string | null>(null);
const [otpValue, setOtpValue] = React.useState("");
const form = useForm<LoginFormValues>({
resolver: zodResolver(loginSchema),
@@ -50,7 +59,11 @@ export default function LoginPage() {
async function onSubmit(values: LoginFormValues) {
setLoading(true);
try {
await login(values.email, values.password);
const res = await login(values.email, values.password);
if (res.userId && res.message === "Please provide 2FA token") {
setUserId(res.userId);
setShow2fa(true);
}
} catch (_error) {
// Error is handled in useAuth via toast
} finally {
@@ -58,6 +71,20 @@ export default function LoginPage() {
}
}
async function onOtpSubmit(e: React.FormEvent) {
e.preventDefault();
if (!userId || otpValue.length !== 6) return;
setLoading(true);
try {
await verify2fa(userId, otpValue);
} catch (_error) {
// Error handled in useAuth
} finally {
setLoading(false);
}
}
return (
<div className="min-h-screen flex items-center justify-center bg-zinc-50 dark:bg-zinc-950 p-4">
<div className="w-full max-w-md space-y-4">
@@ -70,45 +97,89 @@ export default function LoginPage() {
</Link>
<Card>
<CardHeader>
<CardTitle className="text-2xl">Connexion</CardTitle>
<CardTitle className="text-2xl">
{show2fa ? "Double Authentification" : "Connexion"}
</CardTitle>
<CardDescription>
Entrez vos identifiants pour accéder à votre compte MemeGoat.
{show2fa
? "Entrez le code à 6 chiffres de votre application d'authentification."
: "Entrez vos identifiants pour accéder à votre compte MemeGoat."}
</CardDescription>
</CardHeader>
<CardContent>
<Form {...form}>
<form onSubmit={form.handleSubmit(onSubmit)} className="space-y-4">
<FormField
control={form.control}
name="email"
render={({ field }) => (
<FormItem>
<FormLabel>Email</FormLabel>
<FormControl>
<Input placeholder="goat@example.com" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="password"
render={({ field }) => (
<FormItem>
<FormLabel>Mot de passe</FormLabel>
<FormControl>
<Input type="password" placeholder="••••••••" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<Button type="submit" className="w-full" disabled={loading}>
{loading ? "Connexion en cours..." : "Se connecter"}
{show2fa ? (
<form
onSubmit={onOtpSubmit}
className="space-y-6 flex flex-col items-center"
>
<InputOTP
maxLength={6}
value={otpValue}
onChange={(value) => setOtpValue(value)}
>
<InputOTPGroup>
<InputOTPSlot index={0} />
<InputOTPSlot index={1} />
<InputOTPSlot index={2} />
</InputOTPGroup>
<InputOTPSeparator />
<InputOTPGroup>
<InputOTPSlot index={3} />
<InputOTPSlot index={4} />
<InputOTPSlot index={5} />
</InputOTPGroup>
</InputOTP>
<Button
type="submit"
className="w-full"
disabled={loading || otpValue.length !== 6}
>
{loading ? "Vérification..." : "Vérifier le code"}
</Button>
<Button
variant="ghost"
className="w-full"
onClick={() => setShow2fa(false)}
disabled={loading}
>
Retour
</Button>
</form>
</Form>
) : (
<Form {...form}>
<form onSubmit={form.handleSubmit(onSubmit)} className="space-y-4">
<FormField
control={form.control}
name="email"
render={({ field }) => (
<FormItem>
<FormLabel>Email</FormLabel>
<FormControl>
<Input placeholder="goat@example.com" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="password"
render={({ field }) => (
<FormItem>
<FormLabel>Mot de passe</FormLabel>
<FormControl>
<Input type="password" placeholder="" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<Button type="submit" className="w-full" disabled={loading}>
{loading ? "Connexion en cours..." : "Se connecter"}
</Button>
</form>
</Form>
)}
</CardContent>
<CardFooter className="flex flex-col space-y-2">
<p className="text-sm text-center text-muted-foreground">

48
frontend/src/app/(auth)/register/page.tsx
View File

@@ -29,11 +29,27 @@ import { useAuth } from "@/providers/auth-provider";
const registerSchema = z.object({
username: z
.string()
.min(3, { message: "Le pseudo doit faire au moins 3 caractères" }),
.min(3, { message: "Le pseudo doit faire au moins 3 caractères" })
.regex(/^[a-z0-9_]+$/, {
message:
"Le pseudo ne doit contenir que des minuscules, chiffres et underscores",
}),
email: z.string().email({ message: "Email invalide" }),
password: z
.string()
.min(6, { message: "Le mot de passe doit faire au moins 6 caractères" }),
.min(8, { message: "Le mot de passe doit faire au moins 8 caractères" })
.regex(/[A-Z]/, {
message: "Le mot de passe doit contenir au moins une majuscule",
})
.regex(/[a-z]/, {
message: "Le mot de passe doit contenir au moins une minuscule",
})
.regex(/[0-9]/, {
message: "Le mot de passe doit contenir au moins un chiffre",
})
.regex(/[^A-Za-z0-9]/, {
message: "Le mot de passe doit contenir au moins un caractère spécial",
}),
displayName: z.string().optional(),
});
@@ -84,12 +100,25 @@ export default function RegisterPage() {
<CardContent>
<Form {...form}>
<form onSubmit={form.handleSubmit(onSubmit)} className="space-y-4">
<FormField
control={form.control}
name="displayName"
render={({ field }) => (
<FormItem>
<FormLabel>Nom d'affichage (Optionnel)</FormLabel>
<FormControl>
<Input placeholder="Le Roi des Chèvres" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="username"
render={({ field }) => (
<FormItem>
<FormLabel>Pseudo</FormLabel>
<FormLabel>Pseudo (minuscule)</FormLabel>
<FormControl>
<Input placeholder="supergoat" {...field} />
</FormControl>
@@ -110,19 +139,6 @@ export default function RegisterPage() {
</FormItem>
)}
/>
<FormField
control={form.control}
name="displayName"
render={({ field }) => (
<FormItem>
<FormLabel>Nom d'affichage (Optionnel)</FormLabel>
<FormControl>
<Input placeholder="Le Roi des Chèvres" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="password"

9
frontend/src/app/(dashboard)/admin/page.tsx
View File

@@ -1,6 +1,6 @@
"use client";
import { AlertCircle, FileText, LayoutGrid, Users } from "lucide-react";
import { AlertCircle, FileText, Flag, LayoutGrid, Users } from "lucide-react";
import Link from "next/link";
import { useEffect, useState } from "react";
import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card";
@@ -54,6 +54,13 @@ export default function AdminDashboardPage() {
href: "/admin/categories",
color: "text-purple-500",
},
{
title: "Signalements",
value: "Voir",
icon: Flag,
href: "/admin/reports",
color: "text-red-500",
},
];
return (

204
frontend/src/app/(dashboard)/admin/reports/page.tsx Normal file
View File

@@ -0,0 +1,204 @@
"use client";
import {
AlertCircle,
ArrowLeft,
CheckCircle,
MoreHorizontal,
XCircle,
} from "lucide-react";
import Link from "next/link";
import { useCallback, useEffect, useState } from "react";
import { toast } from "sonner";
import { Badge } from "@/components/ui/badge";
import { Button } from "@/components/ui/button";
import {
Card,
CardContent,
CardDescription,
CardHeader,
CardTitle,
} from "@/components/ui/card";
import {
DropdownMenu,
DropdownMenuContent,
DropdownMenuItem,
DropdownMenuTrigger,
} from "@/components/ui/dropdown-menu";
import {
Table,
TableBody,
TableCell,
TableHead,
TableHeader,
TableRow,
} from "@/components/ui/table";
import { adminService } from "@/services/admin.service";
import { type Report, ReportStatus } from "@/services/report.service";
export default function AdminReportsPage() {
const [reports, setReports] = useState<Report[]>([]);
const [loading, setLoading] = useState(true);
const fetchReports = useCallback(async () => {
setLoading(true);
try {
const data = await adminService.getReports();
setReports(data);
} catch (_error) {
toast.error("Erreur lors du chargement des signalements.");
} finally {
setLoading(false);
}
}, []);
useEffect(() => {
fetchReports();
}, [fetchReports]);
const handleUpdateStatus = async (reportId: string, status: ReportStatus) => {
try {
await adminService.updateReportStatus(reportId, status);
toast.success("Statut mis à jour.");
fetchReports();
} catch (_error) {
toast.error("Erreur lors de la mise à jour du statut.");
}
};
const getStatusBadge = (status: ReportStatus) => {
switch (status) {
case ReportStatus.PENDING:
return <Badge variant="outline">En attente</Badge>;
case ReportStatus.REVIEWED:
return <Badge variant="secondary">Examiné</Badge>;
case ReportStatus.RESOLVED:
return <Badge variant="success">Résolu</Badge>;
case ReportStatus.DISMISSED:
return <Badge variant="destructive">Rejeté</Badge>;
default:
return <Badge variant="default">{status}</Badge>;
}
};
return (
<div className="flex-1 space-y-8 p-4 pt-6 md:p-8">
<div className="flex items-center gap-4">
<Button variant="ghost" size="icon" asChild>
<Link href="/admin">
<ArrowLeft className="h-4 w-4" />
</Link>
</Button>
<h2 className="text-3xl font-bold tracking-tight">Signalements</h2>
</div>
<Card>
<CardHeader>
<CardTitle>Liste des signalements</CardTitle>
<CardDescription>
Gérez les signalements de contenu inapproprié.
</CardDescription>
</CardHeader>
<CardContent>
<Table>
<TableHeader>
<TableRow>
<TableHead>Signalé par</TableHead>
<TableHead>Cible</TableHead>
<TableHead>Raison</TableHead>
<TableHead>Description</TableHead>
<TableHead>Statut</TableHead>
<TableHead>Date</TableHead>
<TableHead className="text-right">Actions</TableHead>
</TableRow>
</TableHeader>
<TableBody>
{loading ? (
<TableRow>
<TableCell colSpan={7} className="text-center py-8">
Chargement...
</TableCell>
</TableRow>
) : reports.length === 0 ? (
<TableRow>
<TableCell colSpan={7} className="text-center py-8">
Aucun signalement trouvé.
</TableCell>
</TableRow>
) : (
reports.map((report) => (
<TableRow key={report.uuid}>
<TableCell>{report.reporterId.substring(0, 8)}...</TableCell>
<TableCell>
{report.contentId ? (
<Link
href={`/meme/${report.contentId}`}
className="text-primary hover:underline"
>
Contenu
</Link>
) : (
"Tag"
)}
</TableCell>
<TableCell className="font-medium capitalize">
{report.reason}
</TableCell>
<TableCell className="max-w-xs truncate">
{report.description || "-"}
</TableCell>
<TableCell>{getStatusBadge(report.status)}</TableCell>
<TableCell>
{new Date(report.createdAt).toLocaleDateString()}
</TableCell>
<TableCell className="text-right">
<DropdownMenu>
<DropdownMenuTrigger asChild>
<Button variant="ghost" size="icon">
<MoreHorizontal className="h-4 w-4" />
</Button>
</DropdownMenuTrigger>
<DropdownMenuContent align="end">
<DropdownMenuItem
onClick={() =>
handleUpdateStatus(report.uuid, ReportStatus.REVIEWED)
}
>
<AlertCircle className="h-4 w-4 mr-2" />
Marquer comme examiné
</DropdownMenuItem>
<DropdownMenuItem
onClick={() =>
handleUpdateStatus(report.uuid, ReportStatus.RESOLVED)
}
>
<CheckCircle className="h-4 w-4 mr-2" />
Marquer comme résolu
</DropdownMenuItem>
<DropdownMenuItem
onClick={() =>
handleUpdateStatus(report.uuid, ReportStatus.DISMISSED)
}
className="text-destructive"
>
<XCircle className="h-4 w-4 mr-2" />
Rejeter
</DropdownMenuItem>
{report.contentId && (
<DropdownMenuItem asChild>
<Link href={`/meme/${report.contentId}`}>Voir le contenu</Link>
</DropdownMenuItem>
)}
</DropdownMenuContent>
</DropdownMenu>
</TableCell>
</TableRow>
))
)}
</TableBody>
</Table>
</CardContent>
</Card>
</div>
);
}

71
frontend/src/app/(dashboard)/settings/page.tsx
View File

@@ -3,6 +3,7 @@
import { zodResolver } from "@hookform/resolvers/zod";
import {
AlertTriangle,
Download,
Laptop,
Loader2,
Moon,
@@ -19,6 +20,7 @@ import * as React from "react";
import { useForm } from "react-hook-form";
import { toast } from "sonner";
import * as z from "zod";
import { TwoFactorSetup } from "@/components/two-factor-setup";
import {
AlertDialog,
AlertDialogAction,
@@ -68,6 +70,7 @@ export default function SettingsPage() {
const router = useRouter();
const [isSaving, setIsSaving] = React.useState(false);
const [isDeleting, setIsDeleting] = React.useState(false);
const [isExporting, setIsExporting] = React.useState(false);
const [mounted, setMounted] = React.useState(false);
React.useEffect(() => {
@@ -143,6 +146,29 @@ export default function SettingsPage() {
}
};
const handleExportData = async () => {
setIsExporting(true);
try {
const data = await UserService.exportData();
const blob = new Blob([JSON.stringify(data, null, 2)], {
type: "application/json",
});
const url = window.URL.createObjectURL(blob);
const link = document.createElement("a");
link.href = url;
link.setAttribute("download", `memegoat-data-${user?.username}.json`);
document.body.appendChild(link);
link.click();
link.remove();
toast.success("Vos données ont été exportées avec succès.");
} catch (error) {
console.error(error);
toast.error("Erreur lors de l'exportation des données.");
} finally {
setIsExporting(false);
}
};
return (
<div className="max-w-2xl mx-auto py-12 px-4">
<div className="flex items-center gap-3 mb-8">
@@ -239,6 +265,8 @@ export default function SettingsPage() {
</CardContent>
</Card>
<TwoFactorSetup />
<Card className="border-none shadow-sm">
<CardHeader className="pb-4">
<div className="flex items-center gap-2 mb-1">
@@ -291,6 +319,49 @@ export default function SettingsPage() {
</CardContent>
</Card>
<Card className="border-none shadow-sm">
<CardHeader className="pb-4">
<div className="flex items-center gap-2 mb-1">
<Download className="h-5 w-5 text-primary" />
<CardTitle>Portabilité des données</CardTitle>
</div>
<CardDescription>
Conformément au RGPD, vous pouvez exporter l'intégralité de vos données
rattachées à votre compte.
</CardDescription>
</CardHeader>
<CardContent>
<div className="flex flex-col sm:flex-row items-start sm:items-center justify-between gap-4 p-4 rounded-lg bg-white dark:bg-zinc-900 border">
<div className="space-y-1">
<p className="font-bold">Exporter mes données</p>
<p className="text-sm text-muted-foreground">
Téléchargez un fichier JSON contenant votre profil, vos mèmes et vos
favoris.
</p>
</div>
<Button
variant="outline"
size="sm"
onClick={handleExportData}
disabled={isExporting}
className="font-semibold"
>
{isExporting ? (
<>
<Loader2 className="mr-2 h-4 w-4 animate-spin" />
Exportation...
</>
) : (
<>
<Download className="h-4 w-4 mr-2" />
Exporter mes données
</>
)}
</Button>
</div>
</CardContent>
</Card>
<Card className="border-destructive/20 shadow-sm bg-destructive/5">
<CardHeader className="pb-4">
<div className="flex items-center gap-2 mb-1">

8
frontend/src/components/content-card.tsx
View File

@@ -3,6 +3,7 @@
import {
Edit,
Eye,
Flag,
Heart,
MoreHorizontal,
Share2,
@@ -49,6 +50,7 @@ export function ContentCard({ content, onUpdate }: ContentCardProps) {
const [isLiked, setIsLiked] = React.useState(content.isLiked || false);
const [likesCount, setLikesCount] = React.useState(content.favoritesCount);
const [editDialogOpen, setEditDialogOpen] = React.useState(false);
const [_reportDialogOpen, setReportDialogOpen] = React.useState(false);
const isAuthor = user?.uuid === content.authorId;
const isVideo = !content.mimeType.startsWith("image/");
@@ -188,6 +190,12 @@ export function ContentCard({ content, onUpdate }: ContentCardProps) {
<Share2 className="h-4 w-4 mr-2" />
Partager
</DropdownMenuItem>
{!isAuthor && (
<DropdownMenuItem onClick={() => setReportDialogOpen(true)}>
<Flag className="h-4 w-4 mr-2" />
Signaler
</DropdownMenuItem>
)}
</DropdownMenuContent>
</DropdownMenu>
</div>

119
frontend/src/components/report-dialog.tsx Normal file
View File

@@ -0,0 +1,119 @@
"use client";
import { useState } from "react";
import { toast } from "sonner";
import { Button } from "@/components/ui/button";
import {
Dialog,
DialogContent,
DialogDescription,
DialogFooter,
DialogHeader,
DialogTitle,
} from "@/components/ui/dialog";
import { Label } from "@/components/ui/label";
import {
Select,
SelectContent,
SelectItem,
SelectTrigger,
SelectValue,
} from "@/components/ui/select";
import { Textarea } from "@/components/ui/textarea";
import { ReportReason, ReportService } from "@/services/report.service";
interface ReportDialogProps {
contentId?: string;
tagId?: string;
open: boolean;
onOpenChange: (open: boolean) => void;
}
export function ReportDialog({
contentId,
tagId,
open,
onOpenChange,
}: ReportDialogProps) {
const [reason, setReason] = useState<ReportReason>(ReportReason.INAPPROPRIATE);
const [description, setDescription] = useState("");
const [isSubmitting, setIsSubmitting] = useState(false);
const handleSubmit = async () => {
setIsSubmitting(true);
try {
await ReportService.create({
contentId,
tagId,
reason,
description,
});
toast.success(
"Signalement envoyé avec succès. Merci de nous aider à maintenir la communauté sûre.",
);
onOpenChange(false);
setDescription("");
} catch (_error) {
toast.error("Erreur lors de l'envoi du signalement.");
} finally {
setIsSubmitting(false);
}
};
return (
<Dialog open={open} onOpenChange={onOpenChange}>
<DialogContent className="sm:max-w-[425px]">
<DialogHeader>
<DialogTitle>Signaler le contenu</DialogTitle>
<DialogDescription>
Pourquoi signalez-vous ce contenu ? Un modérateur examinera votre demande.
</DialogDescription>
</DialogHeader>
<div className="grid gap-4 py-4">
<div className="grid gap-2">
<Label htmlFor="reason">Raison</Label>
<Select
value={reason}
onValueChange={(value) => setReason(value as ReportReason)}
>
<SelectTrigger id="reason">
<SelectValue placeholder="Sélectionnez une raison" />
</SelectTrigger>
<SelectContent>
<SelectItem value={ReportReason.INAPPROPRIATE}>Inapproprié</SelectItem>
<SelectItem value={ReportReason.SPAM}>Spam</SelectItem>
<SelectItem value={ReportReason.COPYRIGHT}>Droit d'auteur</SelectItem>
<SelectItem value={ReportReason.OTHER}>Autre</SelectItem>
</SelectContent>
</Select>
</div>
<div className="grid gap-2">
<Label htmlFor="description">Description (optionnelle)</Label>
<Textarea
id="description"
placeholder="Détaillez votre signalement..."
value={description}
onChange={(e) => setDescription(e.target.value)}
/>
</div>
</div>
<DialogFooter>
<Button
variant="outline"
onClick={() => onOpenChange(false)}
disabled={isSubmitting}
>
Annuler
</Button>
<Button
variant="destructive"
onClick={handleSubmit}
disabled={isSubmitting}
>
{isSubmitting ? "Envoi..." : "Signaler"}
</Button>
</DialogFooter>
</DialogContent>
</Dialog>
);
}

252
frontend/src/components/two-factor-setup.tsx Normal file
View File

@@ -0,0 +1,252 @@
"use client";
import { Loader2, Shield, ShieldAlert, ShieldCheck } from "lucide-react";
import { useState } from "react";
import { toast } from "sonner";
import { Button } from "@/components/ui/button";
import {
Card,
CardContent,
CardDescription,
CardFooter,
CardHeader,
CardTitle,
} from "@/components/ui/card";
import {
InputOTP,
InputOTPGroup,
InputOTPSeparator,
InputOTPSlot,
} from "@/components/ui/input-otp";
import { useAuth } from "@/providers/auth-provider";
import { AuthService } from "@/services/auth.service";
export function TwoFactorSetup() {
const { user, refreshUser } = useAuth();
const [step, setStep] = useState<"idle" | "setup" | "verify">("idle");
const [qrCode, setQrCode] = useState<string | null>(null);
const [secret, setSecret] = useState<string | null>(null);
const [otpValue, setOtpValue] = useState("");
const [isLoading, setIsLoading] = useState(false);
const handleSetup = async () => {
setIsLoading(true);
try {
const data = await AuthService.setup2fa();
setQrCode(data.qrCodeUrl);
setSecret(data.secret);
setStep("setup");
} catch (_error) {
toast.error("Erreur lors de la configuration de la 2FA.");
} finally {
setIsLoading(false);
}
};
const handleEnable = async () => {
if (otpValue.length !== 6) return;
setIsLoading(true);
try {
await AuthService.enable2fa(otpValue);
toast.success("Double authentification activée !");
await refreshUser();
setStep("idle");
setOtpValue("");
} catch (_error) {
toast.error("Code invalide. Veuillez réessayer.");
} finally {
setIsLoading(false);
}
};
const handleDisable = async () => {
if (otpValue.length !== 6) return;
setIsLoading(true);
try {
await AuthService.disable2fa(otpValue);
toast.success("Double authentification désactivée.");
await refreshUser();
setStep("idle");
setOtpValue("");
} catch (_error) {
toast.error("Code invalide. Veuillez réessayer.");
} finally {
setIsLoading(false);
}
};
// Note: We need a way to know if 2FA is enabled.
// Assuming user object might have twoFactorEnabled property or similar.
// For now, let's assume it's on the user object (we might need to add it to the type).
const isEnabled = (user as any)?.twoFactorEnabled;
if (step === "idle") {
return (
<Card className="border-none shadow-sm">
<CardHeader className="pb-4">
<div className="flex items-center gap-2 mb-1">
<Shield className="h-5 w-5 text-primary" />
<CardTitle>Double Authentification (2FA)</CardTitle>
</div>
<CardDescription>
Ajoutez une couche de sécurité supplémentaire à votre compte en utilisant
une application d'authentification.
</CardDescription>
</CardHeader>
<CardContent>
<div className="flex items-center gap-4 p-4 rounded-lg bg-zinc-50 dark:bg-zinc-900 border">
{isEnabled ? (
<>
<div className="bg-green-100 dark:bg-green-900/30 p-2 rounded-full">
<ShieldCheck className="h-6 w-6 text-green-600 dark:text-green-400" />
</div>
<div className="flex-1">
<p className="font-bold">La 2FA est activée</p>
<p className="text-sm text-muted-foreground">
Votre compte est protégé par un code temporaire.
</p>
</div>
<Button variant="outline" size="sm" onClick={() => setStep("verify")}>
Désactiver
</Button>
</>
) : (
<>
<div className="bg-zinc-200 dark:bg-zinc-800 p-2 rounded-full">
<ShieldAlert className="h-6 w-6 text-zinc-500" />
</div>
<div className="flex-1">
<p className="font-bold">La 2FA n'est pas activée</p>
<p className="text-sm text-muted-foreground">
Activez la 2FA pour mieux protéger votre compte.
</p>
</div>
<Button
variant="default"
size="sm"
onClick={handleSetup}
disabled={isLoading}
>
{isLoading ? (
<Loader2 className="h-4 w-4 animate-spin" />
) : (
"Configurer"
)}
</Button>
</>
)}
</div>
</CardContent>
</Card>
);
}
if (step === "setup") {
return (
<Card className="border-none shadow-sm">
<CardHeader>
<CardTitle>Configurer la 2FA</CardTitle>
<CardDescription>
Scannez le QR Code ci-dessous avec votre application d'authentification
(Google Authenticator, Authy, etc.).
</CardDescription>
</CardHeader>
<CardContent className="flex flex-col items-center gap-6">
{qrCode && (
<div className="bg-white p-4 rounded-xl border-4 border-zinc-100">
<img src={qrCode} alt="QR Code 2FA" className="w-48 h-48" />
</div>
)}
<div className="w-full space-y-2">
<p className="text-sm font-medium text-center">
Ou entrez ce code manuellement :
</p>
<code className="block p-2 bg-muted text-center rounded text-xs font-mono break-all">
{secret}
</code>
</div>
<div className="flex flex-col items-center gap-4 w-full border-t pt-6">
<p className="text-sm font-medium">
Entrez le code à 6 chiffres pour confirmer :
</p>
<InputOTP maxLength={6} value={otpValue} onChange={setOtpValue}>
<InputOTPGroup>
<InputOTPSlot index={0} />
<InputOTPSlot index={1} />
<InputOTPSlot index={2} />
</InputOTPGroup>
<InputOTPSeparator />
<InputOTPGroup>
<InputOTPSlot index={3} />
<InputOTPSlot index={4} />
<InputOTPSlot index={5} />
</InputOTPGroup>
</InputOTP>
</div>
</CardContent>
<CardFooter className="flex justify-between">
<Button variant="ghost" onClick={() => setStep("idle")}>
Annuler
</Button>
<Button
onClick={handleEnable}
disabled={otpValue.length !== 6 || isLoading}
>
{isLoading ? (
<Loader2 className="h-4 w-4 animate-spin" />
) : (
"Activer la 2FA"
)}
</Button>
</CardFooter>
</Card>
);
}
if (step === "verify") {
return (
<Card className="border-none shadow-sm">
<CardHeader>
<CardTitle>Désactiver la 2FA</CardTitle>
<CardDescription>
Veuillez entrer le code de votre application pour désactiver la double
authentification.
</CardDescription>
</CardHeader>
<CardContent className="flex flex-col items-center gap-6">
<InputOTP maxLength={6} value={otpValue} onChange={setOtpValue}>
<InputOTPGroup>
<InputOTPSlot index={0} />
<InputOTPSlot index={1} />
<InputOTPSlot index={2} />
</InputOTPGroup>
<InputOTPSeparator />
<InputOTPGroup>
<InputOTPSlot index={3} />
<InputOTPSlot index={4} />
<InputOTPSlot index={5} />
</InputOTPGroup>
</InputOTP>
</CardContent>
<CardFooter className="flex justify-between">
<Button variant="ghost" onClick={() => setStep("idle")}>
Annuler
</Button>
<Button
variant="destructive"
onClick={handleDisable}
disabled={otpValue.length !== 6 || isLoading}
>
{isLoading ? (
<Loader2 className="h-4 w-4 animate-spin" />
) : (
"Confirmer la désactivation"
)}
</Button>
</CardFooter>
</Card>
);
}
return null;
}

41
frontend/src/providers/auth-provider.tsx
View File

@@ -5,14 +5,15 @@ import * as React from "react";
import { toast } from "sonner";
import { AuthService } from "@/services/auth.service";
import { UserService } from "@/services/user.service";
import type { RegisterPayload } from "@/types/auth";
import type { LoginResponse, RegisterPayload } from "@/types/auth";
import type { User } from "@/types/user";
interface AuthContextType {
user: User | null;
isLoading: boolean;
isAuthenticated: boolean;
login: (email: string, password: string) => Promise<void>;
login: (email: string, password: string) => Promise<LoginResponse>;
verify2fa: (userId: string, token: string) => Promise<void>;
register: (payload: RegisterPayload) => Promise<void>;
logout: () => Promise<void>;
refreshUser: () => Promise<void>;
@@ -59,12 +60,43 @@ export function AuthProvider({ children }: { children: React.ReactNode }) {
const login = async (email: string, password: string) => {
try {
await AuthService.login(email, password);
const response = await AuthService.login(email, password);
if (response.userId && response.message === "Please provide 2FA token") {
return response;
}
await refreshUser();
toast.success("Connexion réussie !");
router.push("/");
return response;
} catch (error: unknown) {
let errorMessage = "Erreur de connexion";
if (
error &&
typeof error === "object" &&
"response" in error &&
error.response &&
typeof error.response === "object" &&
"data" in error.response &&
error.response.data &&
typeof error.response.data === "object" &&
"message" in error.response.data &&
typeof error.response.data.message === "string"
) {
errorMessage = error.response.data.message;
}
toast.error(errorMessage);
throw error;
}
};
const verify2fa = async (userId: string, token: string) => {
try {
await AuthService.verify2fa(userId, token);
await refreshUser();
toast.success("Connexion réussie !");
router.push("/");
} catch (error: unknown) {
let errorMessage = "Erreur de connexion";
let errorMessage = "Code 2FA invalide";
if (
error &&
typeof error === "object" &&
@@ -130,6 +162,7 @@ export function AuthProvider({ children }: { children: React.ReactNode }) {
isLoading,
isAuthenticated: !!user,
login,
verify2fa,
register,
logout,
refreshUser,

21
frontend/src/services/admin.service.ts
View File

@@ -1,4 +1,5 @@
import api from "@/lib/api";
import type { Report, ReportStatus } from "./report.service";
export interface AdminStats {
users: number;
@@ -11,4 +12,24 @@ export const adminService = {
const response = await api.get("/admin/stats");
return response.data;
},
getReports: async (limit = 10, offset = 0): Promise<Report[]> => {
const response = await api.get("/reports", { params: { limit, offset } });
return response.data;
},
updateReportStatus: async (
reportId: string,
status: ReportStatus,
): Promise<void> => {
await api.patch(`/reports/${reportId}/status`, { status });
},
deleteUser: async (userId: string): Promise<void> => {
await api.delete(`/users/${userId}`);
},
updateUser: async (userId: string, data: any): Promise<void> => {
await api.patch(`/users/admin/${userId}`, data);
},
};

29
frontend/src/services/auth.service.ts
View File

@@ -1,5 +1,9 @@
import api from "@/lib/api";
import type { LoginResponse, RegisterPayload } from "@/types/auth";
import type {
LoginResponse,
RegisterPayload,
TwoFactorSetupResponse,
} from "@/types/auth";
export const AuthService = {
async login(email: string, password: string): Promise<LoginResponse> {
@@ -10,6 +14,14 @@ export const AuthService = {
return data;
},
async verify2fa(userId: string, token: string): Promise<LoginResponse> {
const { data } = await api.post<LoginResponse>("/auth/verify-2fa", {
userId,
token,
});
return data;
},
async register(payload: RegisterPayload): Promise<void> {
await api.post("/auth/register", payload);
},
@@ -21,4 +33,19 @@ export const AuthService = {
async refresh(): Promise<void> {
await api.post("/auth/refresh");
},
async setup2fa(): Promise<TwoFactorSetupResponse> {
const { data } = await api.post<TwoFactorSetupResponse>(
"/users/me/2fa/setup",
);
return data;
},
async enable2fa(token: string): Promise<void> {
await api.post("/users/me/2fa/enable", { token });
},
async disable2fa(token: string): Promise<void> {
await api.post("/users/me/2fa/disable", { token });
},
};

40
frontend/src/services/report.service.ts Normal file
View File

@@ -0,0 +1,40 @@
import api from "@/lib/api";
export enum ReportReason {
INAPPROPRIATE = "inappropriate",
SPAM = "spam",
COPYRIGHT = "copyright",
OTHER = "other",
}
export enum ReportStatus {
PENDING = "pending",
REVIEWED = "reviewed",
RESOLVED = "resolved",
DISMISSED = "dismissed",
}
export interface CreateReportPayload {
contentId?: string;
tagId?: string;
reason: ReportReason;
description?: string;
}
export interface Report {
uuid: string;
reporterId: string;
contentId?: string;
tagId?: string;
reason: ReportReason;
description?: string;
status: ReportStatus;
createdAt: string;
updatedAt: string;
}
export const ReportService = {
async create(payload: CreateReportPayload): Promise<void> {
await api.post("/reports", payload);
},
};

5
frontend/src/services/user.service.ts
View File

@@ -53,4 +53,9 @@ export const UserService = {
});
return data;
},
async exportData(): Promise<any> {
const { data } = await api.get("/users/me/export");
return data;
},
};

10
frontend/src/types/auth.ts
View File

@@ -1,6 +1,8 @@
export interface LoginResponse {
message: string;
userId: string;
userId?: string;
access_token?: string;
refresh_token?: string;
}
export interface RegisterPayload {
@@ -17,6 +19,12 @@ export interface AuthStatus {
username: string;
displayName?: string;
avatarUrl?: string;
role?: string;
};
isLoading: boolean;
}
export interface TwoFactorSetupResponse {
qrCodeUrl: string;
secret: string;
}

2
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@memegoat/source",
"version": "1.7.1",
"version": "1.7.4",
"description": "",
"scripts": {
"version:get": "cmake -P version.cmake GET",

20852
pnpm-lock.yaml generated
View File

File diff suppressed because it is too large Load Diff