Problem: Frontend JS bundle used credentials:'same-origin' which dropped cookies on cross-domain requests. Login worked (200) but the subsequent /auth/me check returned 401, leaving the user stuck on the login screen. Fix: - AuthController now sets a dtp_jwt HttpOnly cookie on login/refresh - Cookie uses Domain=.fahrschultermin.de (shared between frontend and api subdomain), Secure, SameSite=Lax, Max-Age=8h - JwtMiddleware reads JWT from Authorization header OR cookie - Added AuthController::me() endpoint (was missing, caused 500) - Logout endpoint clears the cookie - Frontend index.php patches fetch() to use credentials:'include' for all /api/v1/* calls
50 lines
1.6 KiB
Bash
Executable File
50 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
set -e
|
|
|
|
# DriveTime API Deployment Script
|
|
# Usage: ./scripts/deploy_api.sh
|
|
|
|
API_LOCAL="/home/admin-drive-time-planer/drivetimeplaner/api"
|
|
API_REMOTE="/srv/web/fahrschuldesk/domains/api.fahrschultermin.de"
|
|
SSH_OPTS="-p 2225"
|
|
|
|
echo "=== Deploying DriveTime Slim API ==="
|
|
|
|
# 1. Rsync source files (exclude vendor, .env, storage)
|
|
echo "[1/4] Syncing files..."
|
|
rsync -avz --delete \
|
|
--exclude='vendor/' \
|
|
--exclude='.env' \
|
|
--exclude='storage/' \
|
|
-e "ssh $SSH_OPTS" \
|
|
"$API_LOCAL/" \
|
|
"fahrschuldesk@fahrschultermin.de:$API_REMOTE/"
|
|
|
|
# 2. Composer install on server
|
|
echo "[2/4] Running composer install..."
|
|
ssh $SSH_OPTS "fahrschuldesk@fahrschultermin.de" \
|
|
"cd $API_REMOTE && composer install --no-dev --optimize-autoloader 2>&1"
|
|
|
|
# 3. Clear OPcache if needed
|
|
echo "[3/4] Checking PHP OPcache..."
|
|
ssh $SSH_OPTS "fahrschuldesk@fahrschultermin.de" \
|
|
"php -r 'if(function_exists(\"opcache_get_status\")) { opcache_get_status(); }' 2>/dev/null && echo 'OPcache active' || echo 'No OPcache'"
|
|
|
|
# 4. Test login endpoint
|
|
echo "[4/4] Testing API..."
|
|
TOKEN=$(curl -sf -X POST "https://api.fahrschultermin.de/api/v1/auth/login" \
|
|
-H "Content-Type: application/json" \
|
|
-d '{"email":"admin@nordring.test","password":"Tanja82"}' | jq -r '.token')
|
|
|
|
if [ -n "$TOKEN" ] && [ "$TOKEN" != "null" ]; then
|
|
echo "✓ Login successful"
|
|
curl -sf "https://api.fahrschultermin.de/api/v1/bootstrap" \
|
|
-H "Authorization: Bearer $TOKEN" | jq -e '.tenant.name' > /dev/null 2>&1
|
|
echo "✓ Bootstrap endpoint working"
|
|
else
|
|
echo "✗ Login failed - check JWT_SECRET on server"
|
|
exit 1
|
|
fi
|
|
|
|
echo ""
|
|
echo "=== Deployment complete ===" |