From a901ebd6c53b2d0e0be67e67bbff46f0a6a6d83b Mon Sep 17 00:00:00 2001 From: Danny Coulombe Date: Fri, 12 Dec 2025 08:08:03 -0500 Subject: [PATCH 1/4] new deployment scripts --- .github/workflows/deploy-dev.yml | 2 +- .github/workflows/deploy-prod.yml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index 20187f1..70df0b2 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -30,7 +30,7 @@ jobs: mkdir .compress mv archive.zip .compress/. cd .compress - echo "open('archive.zip')===TRUE && $$z->extractTo('.') && $$z->close(); unlink('archive.zip'); unlink('update.php') ?>" > update.php + echo "open('archive.zip')===TRUE && \$z->extractTo('.') && \$z->close(); unlink('archive.zip'); unlink('update.php') ?>" > update.php echo "INTERFACE_EDITOR_URL=https://dev.json.ms" > .env echo "ACCESS_CONTROL_ALLOW_ORIGIN=https://dev.json.ms" >> .env echo "JSONMS_CYPHER_KEY=${{ secrets.JSONMS_CYPHER_KEY }}" >> .env diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index aff7160..8ab1dae 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -1,4 +1,4 @@ -name: Deploy DEV to host +name: Deploy PROD to host on: push: @@ -30,13 +30,13 @@ jobs: mkdir .compress mv archive.zip .compress/. cd .compress - echo "open('archive.zip')===TRUE && $$z->extractTo('.') && $$z->close(); unlink('archive.zip'); unlink('update.php') ?>" > update.php - echo "INTERFACE_EDITOR_URL=https://dev.json.ms" > .env - echo "ACCESS_CONTROL_ALLOW_ORIGIN=https://dev.json.ms" >> .env + echo "open('archive.zip')===TRUE && \$z->extractTo('.') && \$z->close(); unlink('archive.zip'); unlink('update.php') ?>" > update.php + echo "INTERFACE_EDITOR_URL=https://json.ms" > .env + echo "ACCESS_CONTROL_ALLOW_ORIGIN=https://json.ms" >> .env echo "JSONMS_CYPHER_KEY=${{ secrets.JSONMS_CYPHER_KEY }}" >> .env echo "GOOGLE_OAUTH_CLIENT_ID=637442439591-qrrpb3v9d3n5m8b8gheorfa1fbi5o6qc.apps.googleusercontent.com" >> .env echo "GOOGLE_OAUTH_CLIENT_SECRET=${{ secrets.GOOGLE_OAUTH_CLIENT_SECRET }}" >> .env - echo "GOOGLE_OAUTH_CALLBACK_URL=https://server.dev.json.ms/google/callback" >> .env + echo "GOOGLE_OAUTH_CALLBACK_URL=https://server.json.ms/google/callback" >> .env echo "DATABASE_HOST=${{ secrets.DATABASE_HOST }}" >> .env echo "DATABASE_DBNAME=${{ secrets.DATABASE_PROD_DBNAME }}" >> .env echo "DATABASE_USERNAME=${{ secrets.DATABASE_USERNAME }}" >> .env From 64e3038d4e072628c769d16598bec7edb9aaa77d Mon Sep 17 00:00:00 2001 From: Danny Coulombe Date: Fri, 12 Dec 2025 08:08:29 -0500 Subject: [PATCH 2/4] new deployment scripts --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 6dd7695..d25f7af 100644 --- a/composer.json +++ b/composer.json @@ -1,5 +1,5 @@ { - "version": "1.0.12", + "version": "1.0.13", "name": "jsonms/server", "description": "The JSON.ms Request Handler Server is a robust backend solution designed to manage and process all incoming requests from the main JSON.ms website.", "license": "BSD-3-Clause", From c272de41f3c9e2fcac126473febffaad1e1dcc44 Mon Sep 17 00:00:00 2001 From: Danny Coulombe Date: Sat, 13 Dec 2025 08:41:08 -0500 Subject: [PATCH 3/4] Fix error when saving new permission #78 --- datatable.sql | 2 +- index.php | 10 ++-------- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/datatable.sql b/datatable.sql index 154732d..509b981 100644 --- a/datatable.sql +++ b/datatable.sql @@ -75,7 +75,7 @@ DROP TABLE IF EXISTS `permissions`; CREATE TABLE `permissions` ( `id` int NOT NULL AUTO_INCREMENT, `structure_uuid` char(36) COLLATE utf8mb4_unicode_ci DEFAULT NULL, - `type` enum('admin','interface') COLLATE utf8mb4_unicode_ci NOT NULL, + `type` enum('admin','structure') COLLATE utf8mb4_unicode_ci NOT NULL, `email` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=57 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; diff --git a/index.php b/index.php index 532f8de..5124445 100644 --- a/index.php +++ b/index.php @@ -1,5 +1,7 @@ time() + 60 * 60 * 24 * 30, - 'path' => '/', - 'domain' => '.' . $_SERVER['HTTP_HOST'], - 'secure' => isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https', - 'samesite' => 'None' -]); - // Respond with a 200 OK status for preflight requests if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') { http_response_code(200); From 34b3e3c83db4de86faff4248d2f037b6843322a7 Mon Sep 17 00:00:00 2001 From: Danny Coulombe Date: Wed, 31 Dec 2025 10:05:21 -0500 Subject: [PATCH 4/4] 3 seconds timeout when accessing Google API --- src/controllers/BaseController.php | 3 ++ src/controllers/SessionController.php | 70 ++++++++++----------------- 2 files changed, 29 insertions(+), 44 deletions(-) diff --git a/src/controllers/BaseController.php b/src/controllers/BaseController.php index 45d6208..897cfa5 100644 --- a/src/controllers/BaseController.php +++ b/src/controllers/BaseController.php @@ -90,6 +90,9 @@ public function getCurrentUserId() { } return null; } + if ($this->user == null) { + return null; + } return $this->user->id; } diff --git a/src/controllers/SessionController.php b/src/controllers/SessionController.php index 5773745..e930fd9 100644 --- a/src/controllers/SessionController.php +++ b/src/controllers/SessionController.php @@ -1,6 +1,7 @@ 3.0, + 'connect_timeout' => 3.0, + ]); + + try { + // Google Client Configuration + $client = new Google_Client(); + $client->setHttpClient($httpClient); + $client->setClientId($_ENV['GOOGLE_OAUTH_CLIENT_ID']); + $client->setClientSecret($_ENV['GOOGLE_OAUTH_CLIENT_SECRET']); + $client->setRedirectUri($_ENV['GOOGLE_OAUTH_CALLBACK_URL']); + $client->addScope('email'); + $client->addScope('profile'); + + return $client->createAuthUrl(); + } catch(\Exception $e) { + throwError(500, $e->getMessage()); + } + } + public function indexAction() { $loggedIn = isset($_SESSION['access_token']) && $_SESSION['access_token']; @@ -54,53 +78,11 @@ public function indexAction() { // User exists, fetch data $user = $stmt->fetch(PDO::FETCH_OBJ); } else { - // Google Client Configuration - $client = new Google_Client(); - $client->setClientId($_ENV['GOOGLE_OAUTH_CLIENT_ID']); - $client->setClientSecret($_ENV['GOOGLE_OAUTH_CLIENT_SECRET']); - $client->setRedirectUri($_ENV['GOOGLE_OAUTH_CALLBACK_URL']); - $client->addScope('email'); - $client->addScope('profile'); - $loginUrl = $client->createAuthUrl(); + $loginUrl = $this->getLoginUrl(); } } else { - try { - // Google Client Configuration - $client = new Google_Client(); - $client->setClientId($_ENV['GOOGLE_OAUTH_CLIENT_ID']); - $client->setClientSecret($_ENV['GOOGLE_OAUTH_CLIENT_SECRET']); - $client->setRedirectUri($_ENV['GOOGLE_OAUTH_CALLBACK_URL']); - $client->addScope('email'); - $client->addScope('profile'); - $loginUrl = $client->createAuthUrl(); - } catch(\Exception $e) { - throwError(500, $e->getMessage()); - } - - try { - $oauth2 = new Google_Service_Oauth2($client); - $oauth2->userinfo->get(); - $loggedIn = true; - } catch(\Exception $e) { - $this->responseJson([ - 'error' => $e->getMessage(), - 'loggedIn' => false, - 'user' => $user, - 'googleOAuthSignInUrl' => $loginUrl, - 'structures' => $structures, - 'endpoints' => $endpoints, - ]); - } - - // Check if user already exists - $stmt = $this->query('get-user-by-google-id', [ - 'id' => $this->getCurrentUserId(), - ]); - - if ($stmt->rowCount() > 0) { - $user = $stmt->fetch(PDO::FETCH_OBJ); - } + $loginUrl = $this->getLoginUrl(); } if ($loggedIn && isset($user)) {