aggiornamenti vari...

2025-03-21 19:52:01 +01:00
parent dfe492df45
commit d94cbde948
4 changed files with 36 additions and 23 deletions
--- a/.env.dev.pcb
+++ b/.env.dev.pcb
@@ -21,8 +21,8 @@ DELAY_SENDEMAIL=2000
 VAPI_KEY_SUBJECT=mailto:paolo@freeplanet.app
 PUBLIC_VAPI_KEY=BDncvMiUZmjaCG2Kr1V9N0_33hOG-AuNSbHSvL24y2dzBiUjAxKm02emx5SeJvz2IGmtRf6YqCgopeQwCwUmZw8
 PRIVATE_VAPI_KEY=uB2-jQkrbysyDtqN3ziMBDsVn0wdEaDsksX81zoOGQo
-PATH_CERT_KEY=localhost.key
+PATH_CERT_KEY=localhost-key.pem
-PATH_SERVER_CRT=localhost.crt
+PATH_SERVER_CRT=localhost.pem
 PATH_SSL_ROOT_PEM=root.pem
 PATH_SSL_CHAIN_PEM=chain.pem
 GCM_API_KEY=""
--- a/.env.development
+++ b/.env.development
@@ -1,12 +1,12 @@
-DATABASE=test_FreePlanet
+DATABASE=test_PiuCheBuono
 UDB=paofreeplanet
 PDB=mypassword@1A
 SEND_EMAIL=0
 SEND_EMAIL_ORDERS=1
 PORT=3000
-appTelegram_TEST=["1","13"]
+appTelegram_TEST=["1","17"]
-appTelegram=["1","13"]
+appTelegram=["1","17"]
-appTelegram_DEVELOP=["13"]
+appTelegram_DEVELOP=["17"]
 DOMAIN=mongodb://localhost:27017/
 AUTH_MONGODB=0
 ENABLE_PUSHNOTIFICATION=1
@@ -29,7 +29,7 @@ GCM_API_KEY=""
 PROD=0
 PROJECT_DESCR_MAIN='__PROJECTS'
 SECRK=Askb38v23jjDFaoskBOWj92axXCQ
-TOKEN_LIFE=1m
+TOKEN_LIFE=2h
 REFRESH_TOKEN_LIFE=14d
 FTPSERVER_HOST=139.162.166.31
 FTPSERVER_PORT=21
@@ -38,4 +38,9 @@ FTPSERVER_PWD=ftpmypwd@1A_
 AUTH_NEW_SITES=123123123
 SCRIPTS_DIR=admin_scripts
 CLOUDFLARE_TOKENS=[{"label":"Paolo.arena77@gmail.com","value":"M9EM309v8WFquJKpYgZCw-TViM2wX6vB3wlK6GD0"},{"label":"gruppomacro.com","value":"bqmzGShoX7WqOBzkXocoECyBkPq3GfqcM5t6VFd8"}]
 MIAB_HOST=box.lamiaposta.org
 MIAB_ADMIN_EMAIL=admin@lamiaposta.org
 MIAB_ADMIN_PASSWORD=passpao1pabox@1A
 DS_API_KEY="sk-222e3addb3d8455d8b0516d93906eec7"
 API_KEY_MSSQL="m68yADSr123MIVIDA@154$DSAGVOK"
 SERVER_A_URL="http://51.77.156.69:3000"
--- a/src/server/controllers/articleController.js
+++ b/src/server/controllers/articleController.js
@@ -295,7 +295,7 @@ const getTableContent = async (options) => {
                // Se c'è un solo record, visualizza una lista di chiavi e valori
                const record = records[0];
                output += `
-    < table border = '1' style = "border-collapse: collapse; width: 50%;" >
+                    <table border='1' style="border-collapse: collapse; width: 50%;" >
                  <thead>
                    <tr>
                      <th style="padding: 8px; background-color: #f2f2f2;">Campo</th>
@@ -314,7 +314,7 @@ const getTableContent = async (options) => {
                });
                output += `
                  </tbody>
-                </table >
+                </table>
    `;
            } else {
                // Se ci sono più record, visualizza una tabella con intestazioni
--- a/src/server/server.js
+++ b/src/server/server.js
@@ -806,6 +806,8 @@ connectToDatabase(connectionUrl, options)
              `https://test.${domain.hostname}`,
              `https://testapi.${domain.hostname}`,
              `https://comunitanuovomondo.app`,
              `https://kolibrilab.it`,
              `https://artenergetica.org`,
              `https://freeplanet.app:3001`,
              `http://${domain.hostname}`,
              `http://api.${domain.hostname}`,
@@ -822,27 +824,25 @@ connectToDatabase(connectionUrl, options)
              try {
                // Validazione dell'input
                if (!origin || typeof origin !== 'string' || !/^https?:\/\/[^\s/$.?#].[^\s]*$/.test(origin)) {
-                  if (origin)
+                  console.error('❌ Origine non valida:', origin);
-                    console.error('❌ Origine non valida', origin);
+                  return callback(new Error('Origine non valida'), false);
                }
                // Logging per il debug
                // console.log('Verifica origine:', origin);
                // Controllo delle origini consentite
-                if (!origin || allowedOrigins.includes(origin)) {
+                if (allowedOrigins.includes(origin)) {
-                  // console.log('✅ Origine consentita:', origin);
+                  console.log('✅ Origine consentita:', origin);
                  return callback(null, true);
                }
                // Blocco delle origini non autorizzate
                console.warn('❌ Origine bloccata:', origin);
-                callback(new Error('CORS non permesso per questa origine ' + origin));
+                return callback(new Error('CORS non permesso per questa origine'), false);
              } catch (error) {
                console.error('Errore durante la verifica dell\'origine:', error.message);
-                callback(error);
+                return callback(error, false);
              }
-            };
+
            }
          }
          // Configurazione CORS dettagliata
@@ -874,16 +874,17 @@ connectToDatabase(connectionUrl, options)
          app.options('*', cors(corsOptions)); // Gestisce tutte le richieste OPTIONS
          // Middleware personalizzato per assicurare gli headers CORS
-          app.use((req, res, next) => {
+          /*app.use((req, res, next) => {
            const origin = req.headers.origin || '*';
            if (allowedOrigins.includes(origin) || corsOptions.origin === '*') {
              // console.log(' ... ORIGIN', origin);
              res.setHeader('Access-Control-Allow-Origin', origin);
              res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
              res.setHeader('Access-Control-Allow-Credentials', 'true');
              res.setHeader('Access-Control-Expose-Headers', 'x-auth, x-refrtok');
            }
            next();
-          });
+          });*/
          // Log middleware per debug
          app.use((req, res, next) => {
@@ -935,9 +936,16 @@ connectToDatabase(connectionUrl, options)
          if (process.env.HTTPS_LOCALHOST === "true") {
            let mycredentials = null;
            try {
              const keyStream = path.resolve(`./${process.env.PATH_CERT_KEY}`);
              const certificateStream = path.resolve(`./${process.env.PATH_SERVER_CRT}`);
              const privateKey = fs.readFileSync(keyStream, "utf8");
              const certificate = fs.readFileSync(certificateStream, "utf8");
              mycredentials = {
-                key: fs.readFileSync(process.env.PATH_CERT_KEY, 'utf8'),
+                key: privateKey,
-                cert: fs.readFileSync(process.env.PATH_SERVER_CRT, 'utf8'),
+                cert: certificate,
                ciphers: 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384',
                honorCipherOrder: true,
                secureProtocol: 'TLSv1_2_method'