Mathis/memegoat
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Activity

Compare commits

base: Mathis:v1.9.7
Branches Tags
Mathis:main
Mathis:v2.0.0 Mathis:v1.10.4 Mathis:v1.10.3 Mathis:v1.10.2 Mathis:v1.10.1 Mathis:v1.10.0 Mathis:v1.9.7 Mathis:v1.9.6 Mathis:v1.9.5 Mathis:v1.9.4 Mathis:v1.9.3 Mathis:v1.9.2 Mathis:v1.9.1 Mathis:v1.9.0 Mathis:v1.8.3 Mathis:v1.8.2 Mathis:v1.8.1 Mathis:v1.8.0 Mathis:v1.7.5 Mathis:v1.7.4 Mathis:v1.7.3 Mathis:v1.7.2 Mathis:v1.7.1 Mathis:v1.7.0 Mathis:v1.6.0 Mathis:v1.5.6 Mathis:v1.5.5 Mathis:v1.5.4 Mathis:v1.5.3 Mathis:v1.5.2 Mathis:v1.5.1 Mathis:v1.5.0 Mathis:v1.4.1 Mathis:v1.4.0 Mathis:v1.3.0 Mathis:v1.2.1 Mathis:v1.2.0 Mathis:v1.1.1 Mathis:v1.1.0 Mathis:v1.0.8 Mathis:v1.0.7 Mathis:v1.0.6 Mathis:v1.0.5 Mathis:v1.0.4 Mathis:v1.0.3 Mathis:v1.0.2 Mathis:v1.0.1 Mathis:v1.0.0 Mathis:v0.1.1 Mathis:v0.1.0 Mathis:v0.0.1 Mathis:v0.0.0
...
compare: Mathis:v2.0.0
Branches Tags
Mathis:main
Mathis:v2.0.0 Mathis:v1.10.4 Mathis:v1.10.3 Mathis:v1.10.2 Mathis:v1.10.1 Mathis:v1.10.0 Mathis:v1.9.7 Mathis:v1.9.6 Mathis:v1.9.5 Mathis:v1.9.4 Mathis:v1.9.3 Mathis:v1.9.2 Mathis:v1.9.1 Mathis:v1.9.0 Mathis:v1.8.3 Mathis:v1.8.2 Mathis:v1.8.1 Mathis:v1.8.0 Mathis:v1.7.5 Mathis:v1.7.4 Mathis:v1.7.3 Mathis:v1.7.2 Mathis:v1.7.1 Mathis:v1.7.0 Mathis:v1.6.0 Mathis:v1.5.6 Mathis:v1.5.5 Mathis:v1.5.4 Mathis:v1.5.3 Mathis:v1.5.2 Mathis:v1.5.1 Mathis:v1.5.0 Mathis:v1.4.1 Mathis:v1.4.0 Mathis:v1.3.0 Mathis:v1.2.1 Mathis:v1.2.0 Mathis:v1.1.1 Mathis:v1.1.0 Mathis:v1.0.8 Mathis:v1.0.7 Mathis:v1.0.6 Mathis:v1.0.5 Mathis:v1.0.4 Mathis:v1.0.3 Mathis:v1.0.2 Mathis:v1.0.1 Mathis:v1.0.0 Mathis:v0.1.1 Mathis:v0.1.0 Mathis:v0.0.1 Mathis:v0.0.0

14 Commits
v1.9.7 ... v2.0.0

Author SHA1 Message Date
Mathis HERRIOT
a2ed2a21d5 chore: bump version to 2.0.0
All checks were successful
CI/CD Pipeline / Valider backend (push) Successful in 1m56s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 2m7s
Details
CI/CD Pipeline / Valider frontend (push) Successful in 2m12s
Details
CI/CD Pipeline / Déploiement en Production (push) Successful in 6m22s
Details
2026-02-09 15:34:38 +01:00
Mathis HERRIOT
b7c717ffb3 feat(ui): add responsive mobile header and footer components 
- Implemented `MobileHeader` with support for displaying unread messages.
- Created `MobileFooter` with navigation to key sections (home, explore, publish, trends, profile).
- Replaced legacy mobile header with new `MobileHeader` and `MobileFooter` in the dashboard layout.
- Optimized mobile sidebar rendering for improved responsiveness.
 2026-02-09 15:34:26 +01:00
Mathis HERRIOT
bc686fa987 chore: bump version to 1.10.4
All checks were successful
CI/CD Pipeline / Valider backend (push) Successful in 2m1s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 2m13s
Details
CI/CD Pipeline / Valider frontend (push) Successful in 2m16s
Details
CI/CD Pipeline / Déploiement en Production (push) Successful in 6m12s
Details
2026-02-09 14:09:15 +01:00
Mathis HERRIOT
ea4b5a2353 refactor(sentry): unify formatting in Sentry configuration files 
- Standardized indentation and formatting in `sentry.client.config.ts`, `sentry.server.config.ts`, and `sentry.edge.config.ts` for consistency.
 2026-02-09 14:08:34 +01:00
Mathis HERRIOT
1a03384b49 chore: bump version to 1.10.3
Some checks failed
CI/CD Pipeline / Valider frontend (push) Failing after 1m12s
Details
CI/CD Pipeline / Valider backend (push) Successful in 1m50s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 1m57s
Details
CI/CD Pipeline / Déploiement en Production (push) Has been skipped
Details
2026-02-09 14:02:25 +01:00
Mathis HERRIOT
3f7e592600 feat(sentry): integrate Sentry SDK with Next.js and configure DSN 
- Added Sentry client, server, and edge configurations for enhanced error monitoring.
- Updated `.env.example` and `docker-compose` to include `NEXT_PUBLIC_SENTRY_DSN`.
- Modified `next.config.ts` to use `withSentryConfig` for source map uploads.
- Installed `@sentry/nextjs` as a dependency and updated `pnpm-lock.yaml`.
 2026-02-09 14:00:28 +01:00
Mathis HERRIOT
f7cd514997 chore: bump version to 1.10.2
All checks were successful
CI/CD Pipeline / Valider backend (push) Successful in 1m47s
Details
CI/CD Pipeline / Valider frontend (push) Successful in 1m52s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 1m55s
Details
CI/CD Pipeline / Déploiement en Production (push) Successful in 5m48s
Details
2026-02-09 13:00:26 +01:00
Mathis HERRIOT
3a4f6624fc feat(health): add Sentry status check to health endpoint 
- Integrated Sentry status check functionality in the health controller.
- Updated tests to validate Sentry active/disabled states.
- Improved Sentry initialization with enhanced logging and error handling.
 2026-02-09 12:57:31 +01:00
Mathis HERRIOT
8a146a2e1d chore: bump version to 1.10.1
All checks were successful
CI/CD Pipeline / Valider backend (push) Successful in 1m47s
Details
CI/CD Pipeline / Valider frontend (push) Successful in 1m54s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 1m56s
Details
CI/CD Pipeline / Déploiement en Production (push) Successful in 5m50s
Details
2026-02-09 11:45:50 +01:00
Mathis HERRIOT
1ab6e1a969 refactor: adjust imports and streamline code for consistency 
- Reorganized import statements in multiple files for better readability.
- Refined `auth.service` to remove unused `email` variable in `login` function.
- Cleaned up whitespace and formatting in `http-exception.filter.spec.ts`.
 2026-02-09 11:45:12 +01:00
Mathis HERRIOT
e27a98ca89 chore: bump version to 1.10.0
Some checks failed
CI/CD Pipeline / Valider backend (push) Failing after 1m7s
Details
CI/CD Pipeline / Valider frontend (push) Successful in 1m54s
Details
CI/CD Pipeline / Valider documentation (push) Successful in 1m57s
Details
CI/CD Pipeline / Déploiement en Production (push) Has been skipped
Details
2026-02-09 11:28:22 +01:00
Mathis HERRIOT
7b22fd9a4e feat(environment): add Sentry DSN configuration to docker-compose files and .env example 2026-02-09 11:28:02 +01:00
Mathis HERRIOT
0706c47a33 feat(logging): hash IP addresses in logs and Sentry integration 
- Implemented IP hashing using SHA256 in logs for enhanced privacy.
- Updated Sentry integration to hash IP addresses before sending events.
- Enhanced `AllExceptionsFilter` and `crawler-detection.middleware` to use hashed IPs in logs and error handling.
- Refined request logging in `auth.service` to include hashed email instead of plain text email.
 2026-02-09 11:05:53 +01:00
Mathis HERRIOT
378c41ddb2 feat(app): enable trust proxy and update app initialization 
- Activated `trust proxy` setting to retrieve real IP behind reverse proxies.
- Updated app initialization to use `NestExpressApplication`.
 2026-02-09 10:55:11 +01:00
25 changed files with 1437 additions and 76 deletions
Expand all files Collapse all files

2
.env.example
View File

@@ -42,6 +42,8 @@ DOMAIN_NAME=localhost
ENABLE_CORS=false ENABLE_CORS=false
CORS_DOMAIN_NAME=localhost CORS_DOMAIN_NAME=localhost
SENTRY_DSN=
NEXT_PUBLIC_SENTRY_DSN=
# Media Limits (in KB) # Media Limits (in KB)
MAX_IMAGE_SIZE_KB=512 MAX_IMAGE_SIZE_KB=512

2
.gitea/workflows/ci.yml
View File

@@ -106,3 +106,5 @@ jobs:
MAIL_FROM: ${{ secrets.MAIL_FROM }} MAIL_FROM: ${{ secrets.MAIL_FROM }}
DOMAIN_NAME: ${{ secrets.DOMAIN_NAME }} DOMAIN_NAME: ${{ secrets.DOMAIN_NAME }}
NEXT_PUBLIC_API_URL: ${{ secrets.NEXT_PUBLIC_API_URL }} NEXT_PUBLIC_API_URL: ${{ secrets.NEXT_PUBLIC_API_URL }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
NEXT_PUBLIC_SENTRY_DSN: ${{ secrets.NEXT_PUBLIC_SENTRY_DSN }}

2
backend/package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "@memegoat/backend", "name": "@memegoat/backend",
"version": "1.9.7", "version": "2.0.0",
"description": "", "description": "",
"author": "", "author": "",
"private": true, "private": true,

7
backend/src/auth/auth.service.ts
View File

@@ -103,10 +103,9 @@ export class AuthService {
} }
async login(dto: LoginDto, userAgent?: string, ip?: string) { async login(dto: LoginDto, userAgent?: string, ip?: string) {
this.logger.log(`Login attempt for email: ${dto.email}`); const emailHash = await this.hashingService.hashEmail(dto.email);
const { email, password } = dto; this.logger.log(`Login attempt for email hash: ${emailHash}`);
const { password } = dto;
const emailHash = await this.hashingService.hashEmail(email);
const user = await this.usersService.findByEmailHash(emailHash); const user = await this.usersService.findByEmailHash(emailHash);
if (!user) { if (!user) {

90
backend/src/common/filters/http-exception.filter.spec.ts Normal file
View File

@@ -0,0 +1,90 @@
import { ArgumentsHost, HttpException, HttpStatus } from "@nestjs/common";
import { Test, TestingModule } from "@nestjs/testing";
import * as Sentry from "@sentry/nestjs";
import { AllExceptionsFilter } from "./http-exception.filter";
jest.mock("@sentry/nestjs", () => ({
captureException: jest.fn(),
withScope: jest.fn((callback) => {
const scope = {
setUser: jest.fn(),
setTag: jest.fn(),
setExtra: jest.fn(),
};
callback(scope);
return scope;
}),
}));
describe("AllExceptionsFilter", () => {
let filter: AllExceptionsFilter;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [AllExceptionsFilter],
}).compile();
filter = module.get<AllExceptionsFilter>(AllExceptionsFilter);
});
it("should hash the IP address and send it to Sentry for 500 errors", () => {
const mockResponse = {
status: jest.fn().mockReturnThis(),
json: jest.fn().mockReturnThis(),
};
const mockRequest = {
url: "/test",
method: "GET",
ip: "127.0.0.1",
user: { sub: "user-123" },
};
const mockArgumentsHost = {
switchToHttp: () => ({
getResponse: () => mockResponse,
getRequest: () => mockRequest,
}),
} as ArgumentsHost;
const exception = new Error("Internal Server Error");
filter.catch(exception, mockArgumentsHost);
expect(mockResponse.status).toHaveBeenCalledWith(
HttpStatus.INTERNAL_SERVER_ERROR,
);
expect(Sentry.withScope).toHaveBeenCalled();
// Vérifier que captureException a été appelé (via withScope)
expect(Sentry.captureException).toHaveBeenCalledWith(exception);
});
it("should include hashed IP in logs", () => {
const loggerSpy = jest.spyOn((filter as any).logger, "warn");
const mockResponse = {
status: jest.fn().mockReturnThis(),
json: jest.fn().mockReturnThis(),
};
const mockRequest = {
url: "/test",
method: "GET",
ip: "1.2.3.4",
};
const mockArgumentsHost = {
switchToHttp: () => ({
getResponse: () => mockResponse,
getRequest: () => mockRequest,
}),
} as ArgumentsHost;
const exception = new HttpException("Bad Request", HttpStatus.BAD_REQUEST);
filter.catch(exception, mockArgumentsHost);
expect(mockResponse.status).toHaveBeenCalledWith(HttpStatus.BAD_REQUEST);
// L'IP 1.2.3.4 hachée en SHA256 contient un hash de 64 caractères
const logCall = loggerSpy.mock.calls[0][0];
expect(logCall).toMatch(/[a-f0-9]{64}/);
expect(logCall).not.toContain("1.2.3.4");
});
});

16
backend/src/common/filters/http-exception.filter.ts
View File

@@ -1,3 +1,4 @@
import { createHash } from "node:crypto";
import { import {
ArgumentsHost, ArgumentsHost,
Catch, Catch,
@@ -39,6 +40,11 @@ export class AllExceptionsFilter implements ExceptionFilter {
const userId = request.user?.sub || request.user?.id; const userId = request.user?.sub || request.user?.id;
const userPart = userId ? `[User: ${userId}] ` : ""; const userPart = userId ? `[User: ${userId}] ` : "";
const ip = request.ip || "unknown";
const hashedIp = createHash("sha256")
.update(ip as string)
.digest("hex");
const errorResponse = { const errorResponse = {
statusCode: status, statusCode: status,
timestamp: new Date().toISOString(), timestamp: new Date().toISOString(),
@@ -51,14 +57,20 @@ export class AllExceptionsFilter implements ExceptionFilter {
}; };
if (status === HttpStatus.INTERNAL_SERVER_ERROR) { if (status === HttpStatus.INTERNAL_SERVER_ERROR) {
Sentry.withScope((scope) => {
scope.setUser({
id: userId,
ip_address: hashedIp,
});
Sentry.captureException(exception); Sentry.captureException(exception);
});
this.logger.error( this.logger.error(
`${userPart}${request.method} ${request.url} - Error: ${exception instanceof Error ? exception.message : "Unknown error"}`, `${userPart}${hashedIp} ${request.method} ${request.url} - Error: ${exception instanceof Error ? exception.message : "Unknown error"}`,
exception instanceof Error ? exception.stack : "", exception instanceof Error ? exception.stack : "",
); );
} else { } else {
this.logger.warn( this.logger.warn(
`${userPart}${request.method} ${request.url} - Status: ${status} - Message: ${JSON.stringify(message)}`, `${userPart}${hashedIp} ${request.method} ${request.url} - Status: ${status} - Message: ${JSON.stringify(message)}`,
); );
} }

13
backend/src/common/middlewares/crawler-detection.middleware.ts
View File

@@ -1,3 +1,4 @@
import { createHash } from "node:crypto";
import { CACHE_MANAGER } from "@nestjs/cache-manager"; import { CACHE_MANAGER } from "@nestjs/cache-manager";
import { Inject, Injectable, Logger, NestMiddleware } from "@nestjs/common"; import { Inject, Injectable, Logger, NestMiddleware } from "@nestjs/common";
import type { Cache } from "cache-manager"; import type { Cache } from "cache-manager";
@@ -48,11 +49,15 @@ export class CrawlerDetectionMiddleware implements NestMiddleware {
const { method, url, ip } = req; const { method, url, ip } = req;
const userAgent = req.get("user-agent") || "unknown"; const userAgent = req.get("user-agent") || "unknown";
const hashedIp = createHash("sha256")
.update(ip as string)
.digest("hex");
// Vérifier si l'IP est bannie // Vérifier si l'IP est bannie
try { try {
const isBanned = await this.cacheManager.get(`banned_ip:${ip}`); const isBanned = await this.cacheManager.get(`banned_ip:${ip}`);
if (isBanned) { if (isBanned) {
this.logger.warn(`Banned IP attempt: ${ip} -> ${method} ${url}`); this.logger.warn(`Banned IP attempt: ${hashedIp} -> ${method} ${url}`);
res.status(403).json({ res.status(403).json({
message: "Access denied: Your IP has been temporarily banned.", message: "Access denied: Your IP has been temporarily banned.",
}); });
@@ -60,7 +65,7 @@ export class CrawlerDetectionMiddleware implements NestMiddleware {
} }
} catch (error) { } catch (error) {
this.logger.error( this.logger.error(
`Error checking ban status for IP ${ip}: ${error.message}`, `Error checking ban status for IP ${hashedIp}: ${error.message}`,
); );
// On continue même en cas d'erreur Redis pour ne pas bloquer les utilisateurs légitimes // On continue même en cas d'erreur Redis pour ne pas bloquer les utilisateurs légitimes
} }
@@ -76,14 +81,14 @@ export class CrawlerDetectionMiddleware implements NestMiddleware {
if (isSuspiciousPath || isBotUserAgent) { if (isSuspiciousPath || isBotUserAgent) {
this.logger.warn( this.logger.warn(
`Potential crawler detected: [${ip}] ${method} ${url} - User-Agent: ${userAgent}`, `Potential crawler detected: [${hashedIp}] ${method} ${url} - User-Agent: ${userAgent}`,
); );
// Bannir l'IP pour 24h via Redis // Bannir l'IP pour 24h via Redis
try { try {
await this.cacheManager.set(`banned_ip:${ip}`, true, 86400000); await this.cacheManager.set(`banned_ip:${ip}`, true, 86400000);
} catch (error) { } catch (error) {
this.logger.error(`Error banning IP ${ip}: ${error.message}`); this.logger.error(`Error banning IP ${hashedIp}: ${error.message}`);
} }
} }
} }

25
backend/src/health.controller.spec.ts
View File

@@ -1,8 +1,13 @@
import { CACHE_MANAGER } from "@nestjs/cache-manager"; import { CACHE_MANAGER } from "@nestjs/cache-manager";
import { Test, TestingModule } from "@nestjs/testing"; import { Test, TestingModule } from "@nestjs/testing";
import * as Sentry from "@sentry/nestjs";
import { DatabaseService } from "./database/database.service"; import { DatabaseService } from "./database/database.service";
import { HealthController } from "./health.controller"; import { HealthController } from "./health.controller";
jest.mock("@sentry/nestjs", () => ({
getClient: jest.fn(),
}));
describe("HealthController", () => { describe("HealthController", () => {
let controller: HealthController; let controller: HealthController;
@@ -37,10 +42,15 @@ describe("HealthController", () => {
it("should return ok if database and redis are connected", async () => { it("should return ok if database and redis are connected", async () => {
mockDb.execute.mockResolvedValue([]); mockDb.execute.mockResolvedValue([]);
mockCacheManager.set.mockResolvedValue(undefined); mockCacheManager.set.mockResolvedValue(undefined);
(Sentry.getClient as jest.Mock).mockReturnValue({
getOptions: () => ({ dsn: "http://dsn" }),
});
const result = await controller.check(); const result = await controller.check();
expect(result.status).toBe("ok"); expect(result.status).toBe("ok");
expect(result.database).toBe("connected"); expect(result.database).toBe("connected");
expect(result.redis).toBe("connected"); expect(result.redis).toBe("connected");
expect(result.sentry).toBe("active");
}); });
it("should return error if database is disconnected", async () => { it("should return error if database is disconnected", async () => {
@@ -62,4 +72,19 @@ describe("HealthController", () => {
expect(result.redis).toBe("disconnected"); expect(result.redis).toBe("disconnected");
expect(result.redisError).toBe("Redis Error"); expect(result.redisError).toBe("Redis Error");
}); });
it("should return sentry disabled if client or dsn is missing", async () => {
mockDb.execute.mockResolvedValue([]);
mockCacheManager.set.mockResolvedValue(undefined);
(Sentry.getClient as jest.Mock).mockReturnValue(undefined);
const result = await controller.check();
expect(result.sentry).toBe("disabled");
(Sentry.getClient as jest.Mock).mockReturnValue({
getOptions: () => ({ dsn: undefined }),
});
const result2 = await controller.check();
expect(result2.sentry).toBe("disabled");
});
}); });

9
backend/src/health.controller.ts
View File

@@ -1,5 +1,6 @@
import { CACHE_MANAGER } from "@nestjs/cache-manager"; import { CACHE_MANAGER } from "@nestjs/cache-manager";
import { Controller, Get, Inject } from "@nestjs/common"; import { Controller, Get, Inject } from "@nestjs/common";
import * as Sentry from "@sentry/nestjs";
import type { Cache } from "cache-manager"; import type { Cache } from "cache-manager";
import { sql } from "drizzle-orm"; import { sql } from "drizzle-orm";
import { DatabaseService } from "./database/database.service"; import { DatabaseService } from "./database/database.service";
@@ -39,6 +40,14 @@ export class HealthController {
health.redisError = error.message; health.redisError = error.message;
} }
// Check Sentry status
const sentryClient = Sentry.getClient();
if (sentryClient?.getOptions().dsn) {
health.sentry = "active";
} else {
health.sentry = "disabled";
}
return health; return health;
} }
} }

31
backend/src/main.ts
View File

@@ -1,6 +1,8 @@
import { createHash } from "node:crypto";
import { Logger, ValidationPipe } from "@nestjs/common"; import { Logger, ValidationPipe } from "@nestjs/common";
import { ConfigService } from "@nestjs/config"; import { ConfigService } from "@nestjs/config";
import { NestFactory } from "@nestjs/core"; import { NestFactory } from "@nestjs/core";
import { NestExpressApplication } from "@nestjs/platform-express";
import * as Sentry from "@sentry/nestjs"; import * as Sentry from "@sentry/nestjs";
import { nodeProfilingIntegration } from "@sentry/profiling-node"; import { nodeProfilingIntegration } from "@sentry/profiling-node";
import helmet from "helmet"; import helmet from "helmet";
@@ -8,19 +10,44 @@ import { AppModule } from "./app.module";
import { AllExceptionsFilter } from "./common/filters/http-exception.filter"; import { AllExceptionsFilter } from "./common/filters/http-exception.filter";
async function bootstrap() { async function bootstrap() {
const app = await NestFactory.create(AppModule); const app = await NestFactory.create<NestExpressApplication>(AppModule);
const configService = app.get(ConfigService); const configService = app.get(ConfigService);
const logger = new Logger("Bootstrap"); const logger = new Logger("Bootstrap");
// Activer trust proxy pour récupérer l'IP réelle derrière un reverse proxy
app.set("trust proxy", true);
const sentryDsn = configService.get<string>("SENTRY_DSN"); const sentryDsn = configService.get<string>("SENTRY_DSN");
if (sentryDsn) { if (sentryDsn) {
try {
Sentry.init({ Sentry.init({
dsn: sentryDsn, dsn: sentryDsn,
integrations: [nodeProfilingIntegration()], integrations: [Sentry.nestIntegration(), nodeProfilingIntegration()],
tracesSampleRate: 1.0, tracesSampleRate: 1.0,
profilesSampleRate: 1.0, profilesSampleRate: 1.0,
sendDefaultPii: false, // RGPD sendDefaultPii: false, // RGPD
beforeSend(event) {
// Hachage de l'IP utilisateur pour Sentry si elle est présente
if (event.user?.ip_address) {
event.user.ip_address = createHash("sha256")
.update(event.user.ip_address)
.digest("hex");
}
return event;
},
}); });
const client = Sentry.getClient();
if (client?.getOptions().dsn) {
logger.log("Sentry is initialized and connection is active");
} else {
logger.warn("Sentry initialized but DSN is missing");
}
} catch (error) {
logger.error(`Failed to initialize Sentry: ${error.message}`);
}
} else {
logger.warn("Sentry is disabled (SENTRY_DSN not configured)");
} }
// Sécurité // Sécurité

2
docker-compose.prod.yml
View File

@@ -104,6 +104,7 @@ services:
ENABLE_CORS: ${ENABLE_CORS:-true} ENABLE_CORS: ${ENABLE_CORS:-true}
CLAMAV_HOST: memegoat-clamav CLAMAV_HOST: memegoat-clamav
CLAMAV_PORT: 3310 CLAMAV_PORT: 3310
SENTRY_DSN: ${SENTRY_DSN}
MAX_IMAGE_SIZE_KB: 1024 MAX_IMAGE_SIZE_KB: 1024
MAX_GIF_SIZE_KB: 4096 MAX_GIF_SIZE_KB: 4096
@@ -133,6 +134,7 @@ services:
NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL:-https://api.memegoat.fr} NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL:-https://api.memegoat.fr}
NEXT_PUBLIC_APP_URL: ${NEXT_PUBLIC_APP_URL:-https://memegoat.fr} NEXT_PUBLIC_APP_URL: ${NEXT_PUBLIC_APP_URL:-https://memegoat.fr}
NEXT_PUBLIC_CONTACT_EMAIL: ${MAIL_FROM:-noreply@memegoat.fr} NEXT_PUBLIC_CONTACT_EMAIL: ${MAIL_FROM:-noreply@memegoat.fr}
NEXT_PUBLIC_SENTRY_DSN: ${NEXT_PUBLIC_SENTRY_DSN}
depends_on: depends_on:
- backend - backend

2
docker-compose.yml
View File

@@ -98,6 +98,7 @@ services:
ENABLE_CORS: ${ENABLE_CORS:-true} ENABLE_CORS: ${ENABLE_CORS:-true}
CLAMAV_HOST: clamav CLAMAV_HOST: clamav
CLAMAV_PORT: 3310 CLAMAV_PORT: 3310
SENTRY_DSN: ${SENTRY_DSN}
clamav: clamav:
image: clamav/clamav:1.4 image: clamav/clamav:1.4
@@ -121,6 +122,7 @@ services:
environment: environment:
NODE_ENV: production NODE_ENV: production
NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL:-http://localhost:3000} NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL:-http://localhost:3000}
NEXT_PUBLIC_SENTRY_DSN: ${NEXT_PUBLIC_SENTRY_DSN}
depends_on: depends_on:
- backend - backend

22
frontend/next.config.ts
View File

@@ -1,3 +1,4 @@
import { withSentryConfig } from "@sentry/nextjs";
import type { NextConfig } from "next"; import type { NextConfig } from "next";
const appUrl = process.env.NEXT_PUBLIC_APP_URL || "https://memegoat.fr"; const appUrl = process.env.NEXT_PUBLIC_APP_URL || "https://memegoat.fr";
@@ -29,4 +30,23 @@ const nextConfig: NextConfig = {
output: "standalone", output: "standalone",
}; };
export default nextConfig; export default withSentryConfig(nextConfig, {
// For all available options, see:
// https://github.com/getsentry/sentry-webpack-plugin#options
org: "yidhra",
project: "javascript-nextjs",
// Only print logs for uploading source maps in CI
silent: !process.env.CI,
// For all available options, see:
// https://docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup/
// Upload a larger set of source maps for prettier stack traces (increases build time)
widenClientFileUpload: true,
// Route browser requests to Sentry through a Next.js rewrite to circumvent ad-blockers.
// This can increase your server load as well as your Sentry bill.
tunnelRoute: "/monitoring",
});

3
frontend/package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "@memegoat/frontend", "name": "@memegoat/frontend",
"version": "1.9.7", "version": "2.0.0",
"private": true, "private": true,
"scripts": { "scripts": {
"dev": "next dev", "dev": "next dev",
@@ -38,6 +38,7 @@
"@radix-ui/react-toggle": "^1.1.10", "@radix-ui/react-toggle": "^1.1.10",
"@radix-ui/react-toggle-group": "^1.1.11", "@radix-ui/react-toggle-group": "^1.1.11",
"@radix-ui/react-tooltip": "^1.2.8", "@radix-ui/react-tooltip": "^1.2.8",
"@sentry/nextjs": "^10.38.0",
"axios": "^1.13.2", "axios": "^1.13.2",
"class-variance-authority": "^0.7.1", "class-variance-authority": "^0.7.1",
"clsx": "^2.1.1", "clsx": "^2.1.1",

22
frontend/sentry.client.config.ts Normal file
View File

@@ -0,0 +1,22 @@
import * as Sentry from "@sentry/nextjs";
Sentry.init({
dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,
// Ajustez ces valeurs en production
tracesSampleRate: 1.0,
// Replay est activé par défaut
replaysSessionSampleRate: 0.1,
replaysOnErrorSampleRate: 1.0,
integrations: [
Sentry.replayIntegration({
maskAllText: true,
blockAllMedia: true,
}),
],
// Protection PII
sendDefaultPii: false,
});

11
frontend/sentry.edge.config.ts Normal file
View File

@@ -0,0 +1,11 @@
import * as Sentry from "@sentry/nextjs";
Sentry.init({
dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,
// Ajustez ces valeurs en production
tracesSampleRate: 1.0,
// Protection PII
sendDefaultPii: false,
});

22
frontend/sentry.server.config.ts Normal file
View File

@@ -0,0 +1,22 @@
import { createHash } from "node:crypto";
import * as Sentry from "@sentry/nextjs";
Sentry.init({
dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,
// Ajustez ces valeurs en production
tracesSampleRate: 1.0,
// Protection PII
sendDefaultPii: false,
beforeSend(event) {
// Hachage de l'IP utilisateur pour Sentry si elle est présente
if (event.user?.ip_address) {
event.user.ip_address = createHash("sha256")
.update(event.user.ip_address)
.digest("hex");
}
return event;
},
});

26
frontend/src/app/(dashboard)/layout.tsx
View File

@@ -1,15 +1,11 @@
import * as React from "react"; import * as React from "react";
import { AppSidebar } from "@/components/app-sidebar"; import { AppSidebar } from "@/components/app-sidebar";
import { MobileFilters } from "@/components/mobile-filters"; import { MobileFilters } from "@/components/mobile-filters";
import { ModeToggle } from "@/components/mode-toggle"; import { MobileFooter } from "@/components/mobile-footer";
import { MobileHeader } from "@/components/mobile-header";
import { SearchSidebar } from "@/components/search-sidebar"; import { SearchSidebar } from "@/components/search-sidebar";
import { import { SidebarInset, SidebarProvider } from "@/components/ui/sidebar";
SidebarInset,
SidebarProvider,
SidebarTrigger,
} from "@/components/ui/sidebar";
import { Toaster } from "@/components/ui/sonner"; import { Toaster } from "@/components/ui/sonner";
import { UserNavMobile } from "@/components/user-nav-mobile";
export default function DashboardLayout({ export default function DashboardLayout({
children, children,
@@ -22,20 +18,9 @@ export default function DashboardLayout({
<React.Suspense fallback={null}> <React.Suspense fallback={null}>
<SidebarProvider> <SidebarProvider>
<AppSidebar /> <AppSidebar />
<SidebarInset className="flex flex-row overflow-hidden"> <SidebarInset className="flex flex-row overflow-hidden pb-16 lg:pb-0">
<div className="flex-1 flex flex-col min-w-0"> <div className="flex-1 flex flex-col min-w-0">
<header className="flex h-16 shrink-0 items-center gap-2 border-b px-4 lg:hidden sticky top-0 bg-background z-40"> <MobileHeader />
<SidebarTrigger />
<div className="flex-1 flex justify-center">
<span className="font-bold text-primary text-xl tracking-tight">
MemeGoat
</span>
</div>
<div className="flex items-center gap-2">
<ModeToggle />
<UserNavMobile />
</div>
</header>
<main className="flex-1 overflow-y-auto bg-zinc-50 dark:bg-zinc-950"> <main className="flex-1 overflow-y-auto bg-zinc-50 dark:bg-zinc-950">
{children} {children}
{modal} {modal}
@@ -43,6 +28,7 @@ export default function DashboardLayout({
<React.Suspense fallback={null}> <React.Suspense fallback={null}>
<MobileFilters /> <MobileFilters />
</React.Suspense> </React.Suspense>
<MobileFooter />
</div> </div>
<React.Suspense fallback={null}> <React.Suspense fallback={null}>
<SearchSidebar /> <SearchSidebar />

24
frontend/src/app/(dashboard)/profile/page.tsx
View File

@@ -3,16 +3,19 @@
import { import {
Calendar, Calendar,
Camera, Camera,
HelpCircle,
LogIn, LogIn,
LogOut, LogOut,
Settings, Settings,
Share2, Share2,
ShieldCheck,
} from "lucide-react"; } from "lucide-react";
import Link from "next/link"; import Link from "next/link";
import { useSearchParams } from "next/navigation"; import { useSearchParams } from "next/navigation";
import * as React from "react"; import * as React from "react";
import { toast } from "sonner"; import { toast } from "sonner";
import { ContentList } from "@/components/content-list"; import { ContentList } from "@/components/content-list";
import { ModeToggle } from "@/components/mode-toggle";
import { Avatar, AvatarFallback, AvatarImage } from "@/components/ui/avatar"; import { Avatar, AvatarFallback, AvatarImage } from "@/components/ui/avatar";
import { Button } from "@/components/ui/button"; import { Button } from "@/components/ui/button";
import { import {
@@ -157,6 +160,19 @@ export default function ProfilePage() {
</div> </div>
<div className="flex flex-wrap justify-center md:justify-start gap-2 pt-2"> <div className="flex flex-wrap justify-center md:justify-start gap-2 pt-2">
{user.role === "admin" && (
<Button
asChild
variant="outline"
size="sm"
className="h-9 px-4 border-primary/20 hover:bg-primary/5 text-primary"
>
<Link href="/admin">
<ShieldCheck className="h-4 w-4 mr-2" />
Administration
</Link>
</Button>
)}
<Button asChild variant="outline" size="sm" className="h-9 px-4"> <Button asChild variant="outline" size="sm" className="h-9 px-4">
<Link href="/settings"> <Link href="/settings">
<Settings className="h-4 w-4 mr-2" /> <Settings className="h-4 w-4 mr-2" />
@@ -181,6 +197,14 @@ export default function ProfilePage() {
<LogOut className="h-4 w-4 mr-2" /> <LogOut className="h-4 w-4 mr-2" />
Déconnexion Déconnexion
</Button> </Button>
<Button asChild variant="outline" size="sm" className="h-9 px-4">
<Link href="/help">
<HelpCircle className="h-4 w-4 mr-2" />
Aide
</Link>
</Button>
<ModeToggle />
</div> </div>
</div> </div>
</div> </div>

4
frontend/src/components/app-sidebar.tsx
View File

@@ -54,6 +54,7 @@ import {
SidebarRail, SidebarRail,
SidebarTrigger, SidebarTrigger,
} from "@/components/ui/sidebar"; } from "@/components/ui/sidebar";
import { useIsMobile } from "@/hooks/use-mobile";
import { useAuth } from "@/providers/auth-provider"; import { useAuth } from "@/providers/auth-provider";
import { useSocket } from "@/providers/socket-provider"; import { useSocket } from "@/providers/socket-provider";
import { CategoryService } from "@/services/category.service"; import { CategoryService } from "@/services/category.service";
@@ -79,6 +80,7 @@ const mainNav = [
]; ];
export function AppSidebar() { export function AppSidebar() {
const isMobile = useIsMobile();
const pathname = usePathname(); const pathname = usePathname();
const searchParams = useSearchParams(); const searchParams = useSearchParams();
const { user, logout, isAuthenticated } = useAuth(); const { user, logout, isAuthenticated } = useAuth();
@@ -129,6 +131,8 @@ export function AppSidebar() {
: "/memegoat-black.svg"; : "/memegoat-black.svg";
}, [resolvedTheme, mounted]); }, [resolvedTheme, mounted]);
if (isMobile) return null;
return ( return (
<Sidebar collapsible="icon"> <Sidebar collapsible="icon">
<SidebarHeader className="flex flex-row items-center justify-between py-4 group-data-[collapsible=icon]:justify-center"> <SidebarHeader className="flex flex-row items-center justify-between py-4 group-data-[collapsible=icon]:justify-center">

21
frontend/src/components/mobile-filters.tsx
View File

@@ -1,10 +1,9 @@
"use client"; "use client";
import { Filter, Search } from "lucide-react"; import { Search } from "lucide-react";
import { usePathname, useRouter, useSearchParams } from "next/navigation"; import { usePathname, useRouter, useSearchParams } from "next/navigation";
import * as React from "react"; import * as React from "react";
import { Badge } from "@/components/ui/badge"; import { Badge } from "@/components/ui/badge";
import { Button } from "@/components/ui/button";
import { Input } from "@/components/ui/input"; import { Input } from "@/components/ui/input";
import { ScrollArea } from "@/components/ui/scroll-area"; import { ScrollArea } from "@/components/ui/scroll-area";
import { Separator } from "@/components/ui/separator"; import { Separator } from "@/components/ui/separator";
@@ -13,7 +12,6 @@ import {
SheetContent, SheetContent,
SheetHeader, SheetHeader,
SheetTitle, SheetTitle,
SheetTrigger,
} from "@/components/ui/sheet"; } from "@/components/ui/sheet";
import { CategoryService } from "@/services/category.service"; import { CategoryService } from "@/services/category.service";
import { TagService } from "@/services/tag.service"; import { TagService } from "@/services/tag.service";
@@ -29,6 +27,16 @@ export function MobileFilters() {
const [query, setQuery] = React.useState(searchParams.get("query") || ""); const [query, setQuery] = React.useState(searchParams.get("query") || "");
const [open, setOpen] = React.useState(false); const [open, setOpen] = React.useState(false);
React.useEffect(() => {
if (searchParams.get("openSearch") === "true") {
setOpen(true);
// Nettoyer l'URL sans recharger
const params = new URLSearchParams(searchParams.toString());
params.delete("openSearch");
router.replace(`${pathname}?${params.toString()}`, { scroll: false });
}
}, [searchParams, pathname, router]);
React.useEffect(() => { React.useEffect(() => {
if (open) { if (open) {
CategoryService.getAll().then(setCategories).catch(console.error); CategoryService.getAll().then(setCategories).catch(console.error);
@@ -61,13 +69,8 @@ export function MobileFilters() {
const currentCategory = searchParams.get("category"); const currentCategory = searchParams.get("category");
return ( return (
<div className="lg:hidden fixed top-4 right-4 z-50"> <div className="lg:hidden">
<Sheet open={open} onOpenChange={setOpen}> <Sheet open={open} onOpenChange={setOpen}>
<SheetTrigger asChild>
<Button size="icon" className="rounded-full shadow-lg h-12 w-12">
<Filter className="h-6 w-6" />
</Button>
</SheetTrigger>
<SheetContent side="right" className="w-[300px] sm:w-[400px]"> <SheetContent side="right" className="w-[300px] sm:w-[400px]">
<SheetHeader> <SheetHeader>
<SheetTitle>Recherche & Filtres</SheetTitle> <SheetTitle>Recherche & Filtres</SheetTitle>

80
frontend/src/components/mobile-footer.tsx Normal file
View File

@@ -0,0 +1,80 @@
"use client";
import { Home, PlusCircle, Search, TrendingUp, User } from "lucide-react";
import Link from "next/link";
import { usePathname } from "next/navigation";
import { Avatar, AvatarFallback, AvatarImage } from "@/components/ui/avatar";
import { cn } from "@/lib/utils";
import { useAuth } from "@/providers/auth-provider";
export function MobileFooter() {
const pathname = usePathname();
const { user, isAuthenticated } = useAuth();
const navItems = [
{
title: "Accueil",
url: "/",
icon: Home,
},
{
title: "Explorer",
url: "/trends?openSearch=true",
icon: Search,
},
{
title: "Publier",
url: "/upload",
icon: PlusCircle,
},
{
title: "Tendances",
url: "/trends",
icon: TrendingUp,
},
{
title: "Profil",
url: "/profile",
icon: User,
},
];
return (
<footer className="lg:hidden fixed bottom-0 left-0 right-0 border-t bg-background z-40 h-16">
<nav className="flex h-full items-center justify-around px-2">
{navItems.map((item) => {
const isActive = pathname === item.url.split("?")[0];
const isProfile = item.title === "Profil";
return (
<Link
key={item.url}
href={item.url}
className={cn(
"flex flex-1 flex-col items-center justify-center gap-1 transition-colors min-h-[44px]",
isActive ? "text-primary" : "text-muted-foreground hover:text-primary",
)}
>
{isProfile && isAuthenticated && user ? (
<Avatar
className={cn(
"h-6 w-6 border",
isActive && "ring-2 ring-primary ring-offset-2",
)}
>
<AvatarImage src={user.avatarUrl} alt={user.username} />
<AvatarFallback className="text-[8px]">
{user.username.slice(0, 2).toUpperCase()}
</AvatarFallback>
</Avatar>
) : (
<item.icon className={cn("h-6 w-6", isActive && "fill-current")} />
)}
<span className="text-[10px] font-medium">{item.title}</span>
</Link>
);
})}
</nav>
</footer>
);
}

66
frontend/src/components/mobile-header.tsx Normal file
View File

@@ -0,0 +1,66 @@
"use client";
import { MessageCircle } from "lucide-react";
import Link from "next/link";
import { usePathname } from "next/navigation";
import * as React from "react";
import { Button } from "@/components/ui/button";
import { useAuth } from "@/providers/auth-provider";
import { useSocket } from "@/providers/socket-provider";
import { MessageService } from "@/services/message.service";
export function MobileHeader() {
const pathname = usePathname();
const { isAuthenticated } = useAuth();
const { socket } = useSocket();
const [unreadMessages, setUnreadMessages] = React.useState(0);
React.useEffect(() => {
if (isAuthenticated) {
MessageService.getUnreadCount().then(setUnreadMessages).catch(console.error);
}
}, [isAuthenticated]);
React.useEffect(() => {
if (socket && isAuthenticated) {
const handleNewMessage = () => {
if (pathname !== "/messages") {
setUnreadMessages((prev) => prev + 1);
}
};
socket.on("new_message", handleNewMessage);
return () => {
socket.off("new_message", handleNewMessage);
};
}
}, [socket, isAuthenticated, pathname]);
React.useEffect(() => {
if (pathname === "/messages") {
setUnreadMessages(0);
}
}, [pathname]);
return (
<header className="flex h-16 shrink-0 items-center justify-between border-b px-4 lg:hidden sticky top-0 bg-background z-40">
<Link href="/" className="flex items-center gap-2">
<span className="font-bold text-primary text-xl tracking-tight">
MemeGoat
</span>
</Link>
<div className="flex items-center gap-2">
<Button variant="ghost" size="icon" asChild className="h-9 w-9 relative">
<Link href="/messages">
<MessageCircle className="h-5 w-5" />
{unreadMessages > 0 && (
<span className="absolute top-1 right-1 flex h-4 w-4 items-center justify-center rounded-full bg-red-500 text-[10px] text-white">
{unreadMessages > 9 ? "9+" : unreadMessages}
</span>
)}
</Link>
</Button>
</div>
</header>
);
}

2
package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "@memegoat/source", "name": "@memegoat/source",
"version": "1.9.7", "version": "2.0.0",
"description": "", "description": "",
"scripts": { "scripts": {
"version:get": "cmake -P version.cmake GET", "version:get": "cmake -P version.cmake GET",

995
pnpm-lock.yaml generated
View File

File diff suppressed because it is too large Load Diff