- risolto problema cors ?!?

- notifiche transazioni pendenti OK

.env.development

@@ -1,12 +1,12 @@
-DATABASE=test_PiuCheBuono
+DATABASE=test_FreePlanet
 UDB=paofreeplanet
 PDB=mypassword@1A
 SEND_EMAIL=0
 SEND_EMAIL_ORDERS=1
 PORT=3000
-appTelegram_TEST=["1","17"]
-appTelegram=["1","17"]
-appTelegram_DEVELOP=["17"]
+appTelegram_TEST=["1","13"]
+appTelegram=["1","13"]
+appTelegram_DEVELOP=["13"]
 DOMAIN=mongodb://localhost:27017/
 AUTH_MONGODB=1
 MONGODB_USER=admin
@@ -41,7 +41,4 @@ FTPSERVER_USER=ftpusrsrv_
 FTPSERVER_PWD=ftpmypwd@1A_
 AUTH_NEW_SITES=123123123
 SCRIPTS_DIR=admin_scripts
-CLOUDFLARE_TOKENS=[{"label":"Paolo.arena77@gmail.com","value":"M9EM309v8WFquJKpYgZCw-TViM2wX6vB3wlK6GD0"},{"label":"gruppomacro.com","value":"bqmzGShoX7WqOBzkXocoECyBkPq3GfqcM5t6VFd8"}]
-MIAB_HOST=box.lamiaposta.org
-MIAB_ADMIN_EMAIL=admin@lamiaposta.org
-MIAB_ADMIN_PASSWORD=passpao1pabox@1A
+CLOUDFLARE_TOKENS=[{"label":"Paolo.arena77@gmail.com","value":"M9EM309v8WFquJKpYgZCw-TViM2wX6vB3wlK6GD0"},{"label":"gruppomacro.com","value":"bqmzGShoX7WqOBzkXocoECyBkPq3GfqcM5t6VFd8"}]

.env.prod.riso

@@ -1,16 +1,16 @@
-DATABASE=test_FreePlanet
+DATABASE=FreePlanet
 UDB=paofreeplanet
 PDB=suerteFreePlanet@1A
 SEND_EMAIL=1
-PORT=3001
+PORT=0
 ENABLE_PUSHNOTIFICATION=1
-DIRECTORY_SERVER=/var/www/nodejs_test.riso_server
-SERVERDIR_WEBSITE=/var/www/test.riso.app
+DIRECTORY_SERVER=/var/www/nodejs_riso_server
+SERVERDIR_WEBSITE=/var/www/riso.app
 PORT_APP1="0"
 DOMAIN=mongodb://localhost:32015/
 AUTH_MONGODB=1
 MONGODB_USER=admin
-MONGODB_PWD=mypwadmin@1A
+MONGODB_PWD=mypwadminREAL@1A
 SIGNCODE=SU2134hncaskjdbo231oihJSDNHEI$1@AB
 DEBUG=0
 LOCALE=0
@@ -23,13 +23,14 @@ PATH_CERT_KEY=key.pem
 PATH_SERVER_CRT=cert.pem
 PATH_SSL_ROOT_PEM=root.pem
 PATH_SSL_CHAIN_PEM=chain.pem
-PROD=0
+PROD=1
 PROJECT_DESCR_MAIN='__PROJECTS'
 SECRK=iUUb38v23jjDFaosWj92axkBOXCQ
 TOKEN_LIFE=2h
 REFRESH_TOKEN_LIFE=14d
 AUTH_NEW_SITES=B234HDSAOJ734ndcsdKWNV
-DOMAINS=[{"hostname":"abitaregliiblei.it","port":"3021"},{"hostname":"riso.app","port":"3005"}]
+DOMAINS=[{"hostname":"riso.app","port":"3006"}]
+#DOMAINS=[{"hostname":"abitaregliiblei.it","port":"3021"},{"hostname":"riso.app","port":"3005"}]
 SCRIPTS_DIR=admin_scripts
 CLOUDFLARE_TOKENS=[{"label":"Paolo.arena77@gmail.com","value":"M9EM309v8WFquJKpYgZCw-TViM2wX6vB3wlK6GD0"},{"label":"gruppomacro.com","value":"bqmzGShoX7WqOBzkXocoECyBkPq3GfqcM5t6VFd8"}]
 MIAB_HOST=box.lamiaposta.org

deploynodejs_on_prod_riso.sh

@@ -0,0 +1,70 @@
+#!/bin/bash
+
+source ./.env.prod.riso
+
+echo "Sincronizzazione in corso ... $DIRECTORY_SERVER/"
+echo ""
+
+#!/bin/bash
+
+# Configurazione
+REMOTE_USER="pcbuser"
+REMOTE_HOST="pcb"
+REMOTE_PORT="8822"
+REMOTE_DIR="$DIRECTORY_SERVER"
+SSH_OPTIONS="-p $REMOTE_PORT"
+CONFIG_JS="ecosystem.config.prod_riso.js"
+ENV_FILE=".env.prod.riso"
+ENV_OUT=".env.production"
+
+#ENV_FILE=".env.prod.pcb"
+#ENV_OUT=".env.production"
+
+# Array di cartelle e file da sincronizzare
+SYNC_ITEMS=(
+    "css"
+    "docs"
+    "emails"
+    "plugins"
+    "sass"
+    "admin_scripts"
+    "src"
+)
+
+echo $REMOTE_DIR
+
+echo ""
+echo "*** Copia Cartelle ... "
+
+
+# Esegui rsync per le cartelle
+rsync -avz --delete \
+    --exclude='src/server/router/upload/' \
+    -e "ssh $SSH_OPTIONS" \
+    "${SYNC_ITEMS[@]}" \
+    "$REMOTE_USER@$REMOTE_HOST:$REMOTE_DIR/"
+
+echo ""
+echo "*** Copia del file $ENV_FILE su $ENV_OUT ... "
+
+# Sincronizza i file specifici
+rsync -avz -e "ssh $SSH_OPTIONS" \
+    $ENV_FILE "$REMOTE_USER@$REMOTE_HOST:$REMOTE_DIR/$ENV_OUT"
+
+echo ""
+echo "*** Copia del file package.json ... "
+rsync -avz -e "ssh $SSH_OPTIONS" \
+    package.json "$REMOTE_USER@$REMOTE_HOST:$REMOTE_DIR/package.json"
+
+echo ""
+echo "*** Copia del file ecosystem.config.js ... "
+rsync -avz -e "ssh $SSH_OPTIONS" \
+    "$CONFIG_JS" "$REMOTE_USER@$REMOTE_HOST:$REMOTE_DIR/ecosystem.config.js"
+
+# Verifica il risultato
+if [ $? -eq 0 ]; then
+    echo "✅ Sincronizzazione completata con successo.  SERVER $REMOTE_DIR! "
+else
+    echo "❌ Errore durante la sincronizzazione. Controlla l'output per i dettagli."
+fi
+

ecosystem.config.prod_riso.js

@@ -0,0 +1,21 @@
+module.exports = {
+  apps: [
+    {
+      name: "PRODUZIONE RISO - FREEPLANET",
+      script: "/var/www/nodejs_riso_server/src/server/server.js",
+      ignore_watch: ["node_modules", "logs"],
+      interpreter: "/root/.nvm/versions/node/v16.19.0/bin/node",
+      //autorestart: true,
+      instances: 1,
+      watch: false,
+      env: {
+        "NODE_ENV": "production"
+      },
+      log_file: "logs/combined.outerr.log",
+      error_file: "logs/error.log",
+      out_file: "logs/out.log",
+      merge_logs: true,
+      log_date_format: "YYYY-MM-DD HH:mm:ss.SSSS Z"
+    }
+  ]
+};

logtrans.txt

@@ -393,4 +393,14 @@ Ven 04/10 ORE 01:50: [<b>Circuito RIS Bologna</b>]: Inviate Monete da paoloar77
 Causale Destinatario: ProvaCommento
 Saldi:
 paoloar77: 6.99 RIS] 
-ElenaEspx: 41.41 RIS]
+ElenaEspx: 41.41 RIS]
+Dom 27/10 ORE 23:50: [<b>Circuito RIS Foggia</b>]: Inviate Monete da sergiomazzanti a SamuelMast 10 RIS [causale: ]
+
+Saldi:
+sergiomazzanti: 10.00 RIS] 
+SamuelMast: -76.00 RIS]
+Dom 27/10 ORE 23:55: [<b>Circuito RIS Campania</b>]: Inviate Monete da Unicorno_Giacomo a zacc50 16 RIS [causale: ]
+
+Saldi:
+Unicorno_Giacomo: 227.30 RIS] 
+zacc50: -62.00 RIS]

src/server/locales/it.json

@@ -87,14 +87,14 @@
 	"CIRCUIT_SENDCOINSREQ_FROM_GROUP_TO_GROUP": "il conto %s '%s' (%s) sta inviando <strong>%s %s</strong> al conto %s '%s' sul '%s'.",
 	"CIRCUIT_SENDCOINSREQ_TO_ME": "Stai inviando <strong>%s %s</strong> a %s sul '%s'.",
 	"CIRCUIT_SENDCOINSREQ_TO_GROUP": "Stai inviando <strong>%s %s</strong> al Conto %s '%s' sul '%s'.",
-	"ID_CIRCUIT_COINS_ACCEPTED_FROM_GROUP_TO_YOU": "Hai ricevuto <strong>%s %s</strong> dal Conto %s '%s' sul '%s' (%s) .",
-	"ID_CIRCUIT_COINS_ACCEPTED_FROM_GROUP_TO_GROUP": "il conto %s '%s' (%s) ha ricevuto <strong>%s %s</strong> dal conto %s '%s' sul '%s' (%s).",
-	"ID_CIRCUIT_COINS_ACCEPTED_FROM_ME_TO_GROUP": "il conto %s '%s' (%s) ha ricevuto <strong>%s %s</strong> da %s sul '%s'.",
-	"ID_CIRCUIT_COINS_ACCEPTED_FROM_ME_TO_YOU": "Hai ricevuto <strong>%s %s</strong> da %s sul '%s'.",
-	"ID_CIRCUIT_COINS_ACCEPTED": "<strong>%s %s</strong> ricevuti da %s sul '%s'.",
+	"ID_CIRCUIT_COINS_ACCEPTED_FROM_GROUP_TO_YOU": "🟢 Hai ricevuto <strong>%s %s</strong> dal Conto %s '%s' sul '%s' (%s) .",
+	"ID_CIRCUIT_COINS_ACCEPTED_FROM_GROUP_TO_GROUP": "🟢 il conto %s '%s' (%s) ha ricevuto <strong>%s %s</strong> dal conto %s '%s' sul '%s' (%s).",
+	"ID_CIRCUIT_COINS_ACCEPTED_FROM_ME_TO_GROUP": "🟢 il conto %s '%s' (%s) ha ricevuto <strong>%s %s</strong> da %s sul '%s'.",
+	"ID_CIRCUIT_COINS_ACCEPTED_FROM_ME_TO_YOU": "🟢 Hai ricevuto <strong>%s %s</strong> da %s sul '%s'.",
+	"ID_CIRCUIT_COINS_ACCEPTED": "🟢 <strong>%s %s</strong> ricevuti da %s sul '%s'.",
 	"SALDO_UPDATE": "[Saldo <strong>%s %s</strong> sul '%s']",
 	"SALDO_UPDATE_WHO": "[Saldo %s <strong>%s %s</strong> sul '%s']",
-	"ID_CIRCUIT_COINS_ACCEPTED_TO_ME": "Hai inviato <strong>%s %s</strong> a %s sul '%s'.",
+	"ID_CIRCUIT_COINS_ACCEPTED_TO_ME": "🔄 Hai inviato <strong>%s %s</strong> a %s sul '%s'.",
 	"ID_CIRCUIT_COINS_REFUSED": "%s %s rifiutati da %s sul '%s'.",
 	"ID_CIRCUIT_COINS_REFUSED_TO_ME": "%s %s rifiutati da %s sul '%s'.",
 	"CIRCUIT_AMOUNT_EXCEED_FIDO": "L'importo supera la quantità massima concessa per %s",

src/server/models/circuit.js

@@ -487,6 +487,16 @@ CircuitSchema.statics.getInfoCircuitByName = async function (idapp, name) {
 
 CircuitSchema.statics.getCircuitByName = async function (idapp, name) {
 
+  if (name === 'Circuito RIS Benevento') {
+    name = 'Circuito RIS Campania';
+  } else if (name === 'RIS Pesaro e Urbino') {
+    name = 'Circuito RIS Pesaro e Urbino';
+  } else if (name === 'RIS Catania') {
+    name = 'Circuito RIS Catania';
+  } else if (name === 'RIS Palermo') {
+    name = 'Circuito RIS Palermo';
+  }
+
   const myfind = {
     idapp,
     name,

src/server/models/sendnotif.js

@@ -9,6 +9,7 @@ const i18n = require('i18n');
 const { ObjectID } = require('mongodb');
 
 const shared_consts = require('../tools/shared_nodejs');
+const server_constants = require('../tools/server_constants');
 
 const globalTables = require('../tools/globalTables');
 
@@ -109,7 +110,10 @@ const sendNotifSchema = new Schema({
   },
   linkaddTelegram: {
     type: String,
-  }
+  },
+  img: {
+    type: String,
+  },
 });
 
 sendNotifSchema.index({ idapp: 1 });
@@ -683,7 +687,7 @@ sendNotifSchema.statics.findAllNotifCoinsAllIdAndIdApp = function (idapp) {
     typeid: shared_consts.TypeNotifs.ID_CIRCUIT_SENDCOINSREQ,
     status: 0,
     'extrarec.circuitname': { $ne: "Circuito di TEST" },
-    'extrarec.symbol': { $ne: "RISTeST"},
+    'extrarec.symbol': { $ne: "RISTeST" },
   }
 
   return SendNotif.aggregate([
@@ -1003,6 +1007,14 @@ sendNotifSchema.statics.createNewNotification = async function (req, res, params
     myrecnotif.tablerec = table;
     if (rec && table) {
       myrecnotif.idrec = rec._id;
+      try {
+        if (rec.photos && rec.photos[0]) {
+          const mydir = server_constants.DIR_UPLOAD + shared_consts.getDirectoryByTable(table, true);
+          myrecnotif.img = mydir + rec.photos[0].imagefile;
+        }
+      } catch (e) {
+        console.error('createNewNotification', e);
+      }
     }
 
 
@@ -1279,14 +1291,21 @@ sendNotifSchema.statics.getSumPendingTransactionsDest = async function (idapp, u
 sendNotifSchema.statics.RemovePendentTransactions = async function (idapp) {
   const SendNodif = this;
 
-  return await SendNodif.deleteMany(
-    {
-      idapp,
-      typedir: shared_consts.TypeNotifs.TYPEDIR_CIRCUITS,
-      typeid: shared_consts.TypeNotifs.ID_CIRCUIT_SENDCOINSREQ,
-      status: 0,
-    }
-  );
+  try {
+    const result = await SendNodif.deleteMany(
+      {
+        idapp,
+        typedir: shared_consts.TypeNotifs.TYPEDIR_CIRCUITS,
+        typeid: shared_consts.TypeNotifs.ID_CIRCUIT_SENDCOINSREQ,
+        status: 0,
+      }
+    );
+    return result;
+  } catch (error) {
+    console.error('Error deleting documents:', error);
+    throw error;
+  }
+
 
 };
 

src/server/router/sendnotif_router.js

@@ -84,7 +84,7 @@ router.get('/set/:_id/:idapp', authenticate, async (req, res) => {
 });
 
 
-async function delNotif(idapp, username, id, username_call) {
+async function delNotif(res, idapp, username, id, username_call) {
 
   try {
     if (username === username_call) {
@@ -103,7 +103,7 @@ async function delNotif(idapp, username, id, username_call) {
 router.get('/del/:username/:id/:idapp', authenticate, async (req, res) => {
 
   try {
-    return delNotif(req.params.idapp, req.params.username, req.params.id, req.user.username);
+    return delNotif(res, req.params.idapp, req.params.username, req.params.id, req.user.username);
 
   } catch (e) {
     return res.status(400).send(e);

src/server/router/users_router.js

@@ -1451,7 +1451,7 @@ async function eseguiDbOp(idapp, mydata, locale, req, res) {
     } else if (mydata.dbop === 'CorreggiTransazioniCircuiti') {
       await Circuit.CheckTransazioniCircuiti(true);
     } else if (mydata.dbop === 'RemovePendentTransactions') {
-      await SendNotif.RemovePendentTransactions(true);
+      ris = await SendNotif.RemovePendentTransactions(idapp);
     } else if (mydata.dbop === 'RemoveOldNotif90') {
       await SendNotif.RemoveOldNotif90(idapp);
     } else if (mydata.dbop === 'RemoveOldNotif30') {

src/server/sendemail.js

@@ -985,10 +985,11 @@ module.exports = {
   checkifSentNewsletter: async function (idapp) {
     // Check if is the time to send the Newsletter
 
-    return await Newstosent.findNewsletter_To_Send(idapp).then((rec) => {
-      if (rec)
-        this.sendNewsletter(rec, idapp);
-    });
+    return await Newstosent.findNewsletter_To_Send(idapp)
+      .then((rec) => {
+        if (rec)
+          this.sendNewsletter(rec, idapp);
+      });
   }
   ,
 
@@ -1009,12 +1010,13 @@ module.exports = {
         myjobnews.starting_job = true;
         myjobnews.datestartJob = new Date();
 
-        myjobnews.save().then((ris) => {
+        myjobnews.save()
+          .then(async (ris) => {
 
-          this.sendEmail_Newsletter_Events('it', idapp, rec._id);
-        }).catch((e) => {
-          console.error(e.message);
-        });
+            await this.sendEmail_Newsletter_Events('it', idapp, rec._id);
+          }).catch((e) => {
+            console.error(e.message);
+          });
       }
     }
   },

src/server/server.js

@@ -61,7 +61,7 @@ let credentials = null;
 
 
 if ((process.env.NODE_ENV === 'production')) {
-  console.log('*** AMBIENTE DI PRODUZIONE (Aprile 2024) !!!!')
+  console.log('*** AMBIENTE DI PRODUZIONE !!!!')
 } else if (process.env.NODE_ENV === 'test') {
   console.log('*** ### AMBIENTE DI TEST ')
 }
@@ -175,9 +175,6 @@ myLoad().then(ris => {
     // res.sendFile(path.join(__dirname, 'service-worker.js')); // Modifica il percorso secondo la tua struttura
   });*/
 
-  app.use(cors({
-    exposedHeaders: ['x-auth', 'x-refrtok'],
-  }));
 
   app.use(bodyParser.json());
 
@@ -187,39 +184,6 @@ myLoad().then(ris => {
   console.log('Use Routes \...');
 
 
-  // Use Routes
-  app.use('/', index_router);
-  app.use('/subscribe', subscribe_router);
-  app.use('/sendmsg', sendmsg_router);
-  app.use('/sendnotif', sendnotif_router);
-  app.use('/push', push_router);
-  app.use('/news', newsletter_router);
-  app.use('/booking', booking_router);
-  app.use('/dashboard', dashboard_router);
-  app.use('/event', myevent_router);
-  app.use('/email', email_router);
-  app.use('/todos', todos_router);
-  app.use('/test', test_router);
-  app.use('/projects', projects_router);
-  app.use('/users', users_router);
-  app.use('/reactions', reactions_router);
-  app.use('/mygroup', mygroups_router);
-  app.use('/circuit', circuits_router);
-  app.use('/account', accounts_router);
-  app.use('/iscritti_conacreis', iscrittiConacreis_router);
-  app.use('/iscritti_arcadei', iscrittiArcadei_router);
-  app.use('/report', report_router);
-  app.use('/site', site_router);
-  app.use('/admin', admin_router);
-  app.use('/products', products_router);
-  app.use('/cart', cart_router);
-  app.use('/orders', orders_router);
-  app.use('/city', city_router);
-  app.use('/myskills', myskills_router);
-  app.use('/mygoods', mygoods_router);
-  app.use('/mygen', mygen_router);
-  app.use('/aitools', aitools_router);
-
   // catch 404 and forward to error handler
   // app.use(function (req, res, next) {
   //   var err = new Error('Not Found');
@@ -265,6 +229,40 @@ myLoad().then(ris => {
   }
   startServer(app, process.env.PORT);
 
+  // Use Routes
+  app.use('/', index_router);
+  app.use('/subscribe', subscribe_router);
+  app.use('/sendmsg', sendmsg_router);
+  app.use('/sendnotif', sendnotif_router);
+  app.use('/push', push_router);
+  app.use('/news', newsletter_router);
+  app.use('/booking', booking_router);
+  app.use('/dashboard', dashboard_router);
+  app.use('/event', myevent_router);
+  app.use('/email', email_router);
+  app.use('/todos', todos_router);
+  app.use('/test', test_router);
+  app.use('/projects', projects_router);
+  app.use('/users', users_router);
+  app.use('/reactions', reactions_router);
+  app.use('/mygroup', mygroups_router);
+  app.use('/circuit', circuits_router);
+  app.use('/account', accounts_router);
+  app.use('/iscritti_conacreis', iscrittiConacreis_router);
+  app.use('/iscritti_arcadei', iscrittiArcadei_router);
+  app.use('/report', report_router);
+  app.use('/site', site_router);
+  app.use('/admin', admin_router);
+  app.use('/products', products_router);
+  app.use('/cart', cart_router);
+  app.use('/orders', orders_router);
+  app.use('/city', city_router);
+  app.use('/myskills', myskills_router);
+  app.use('/mygoods', mygoods_router);
+  app.use('/mygen', mygen_router);
+  app.use('/aitools', aitools_router);
+
+
   mystart();
 
 });
@@ -272,15 +270,6 @@ myLoad().then(ris => {
 
 // app.use(throttle(1024 * 128)); // throttling bandwidth
 
-/*
-app.use((req, res, next) => {
-  res.header('Access-Control-Allow-Origin', '*')
-  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
-  next();
-});
-
-*/
-
 async function myLoad() {
 
   return tools.loadApps();
@@ -366,8 +355,8 @@ async function mycron() {
     const arr = await tools.getApps();
 
     for (const app of arr) {
-      sendemail.checkifPendingNewsletter(app.idapp);
-      sendemail.checkifSentNewsletter(app.idapp);
+      await sendemail.checkifPendingNewsletter(app.idapp);
+      await sendemail.checkifSentNewsletter(app.idapp);
 
     }
   } catch (e) {
@@ -812,51 +801,140 @@ function startServer(app, port) {
 
     console.log('isProduction', isProduction);
 
-    /*
 
-    const CORS_ENABLE_FOR_ALL_SITES = true;
+    const NOCORS = false;
+    const CORS_ENABLE_FOR_ALL_SITES = false;
+
+    const ISDEBUG = true;
 
     let corsOptions = {};
 
-    if (CORS_ENABLE_FOR_ALL_SITES) {
+    if (NOCORS) {
       corsOptions = {
         exposedHeaders: ['x-auth', 'x-refrtok'], // Intestazioni da esporre al client
       };
 
     } else {
 
-      let myhosts = [];
-
-      for (let i = 0; i < domains.length; i++) {
-        myhosts.push('https://' + domains[i].hostname);
-        myhosts.push('https://' + 'api.' + domains[i].hostname);
-        myhosts.push('https://' + 'test.' + domains[i].hostname);
-        myhosts.push('https://' + 'testapi.' + domains[i].hostname);
-      }
-
-      console.log('myhosts', myhosts);
-
-      console.log('CORS');
-
-      corsOptions = {
-        origin: (origin, callback) => {
-          if (myhosts.indexOf(origin) !== -1 || !origin) {
+      // Configurazione CORS dettagliata
+      const corsOptions = {
+        origin: '*',
+        
+        /*origin: function (origin, callback) {
+          // Array di domini consentiti
+          const allowedOrigins = [
+            'https://comunitanuovomondo.app',
+            'https://kolibrilab.it',
+            'https://riso.app',
+            'https://api.riso.app',
+            'https://test.riso.app',
+            'https://testapi.riso.app',
+            'http://localhost:8080',  // per sviluppo locale
+            'http://localhost:3000',
+            'http://localhost:8084',
+          ];
+          
+          // Permetti richieste senza origin (es. mobile apps)
+          if (!origin || allowedOrigins.includes(origin)) {
             callback(null, true);
           } else {
-            callback(new Error('Not allowed by CORS'));
+            callback(new Error('❌ CORS non permesso per questa origine'));
           }
-        },
+        },*/
+        credentials: false,
         methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
-        allowedHeaders: ['Content-Type', 'Authorization', 'x-auth', 'x-refrtok'], // Intestazioni consentite
-        exposedHeaders: ['x-auth', 'x-refrtok'], // Intestazioni da esporre al client
-        credentials: true, // Consenti l'invio di cookie
+        allowedHeaders: [
+          'Origin',
+          'X-Requested-With',
+          'Content-Type',
+          'Accept',
+          'Authorization',
+          'x-auth',
+          'x-refrtok'
+        ],
+        exposedHeaders: ['x-auth', 'x-refrtok'],
+        maxAge: 86400, // Preflight cache 24 ore
         preflightContinue: false,
-        optionsSuccessStatus: 204,
+        optionsSuccessStatus: 204
       };
 
-      app.use(cors(corsOptions));      
+      // Applica CORS come primo middleware
+      app.use(cors(corsOptions));
 
-  }*/
+      app.use(express.json()); // Middleware per il parsing del corpo JSON
+
+      // Gestione specifica delle richieste OPTIONS
+      app.options('*', function (req, res) {
+        const origin = req.headers.origin;
+        if (corsOptions.origin === '*' ||
+          (typeof corsOptions.origin === 'function' &&
+            corsOptions.origin.toString().includes(origin))) {
+
+          res.setHeader('Access-Control-Allow-Origin', origin);
+          res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
+          res.setHeader('Access-Control-Allow-Headers',
+            'Origin, X-Requested-With, Content-Type, Accept, Authorization, x-auth, x-refrtok');
+          res.setHeader('Access-Control-Allow-Credentials', 'true');
+          res.setHeader('Access-Control-Expose-Headers', 'x-auth, x-refrtok');
+          res.setHeader('Access-Control-Max-Age', '86400');
+
+          res.status(204).end();
+        } else {
+          res.status(403).end();
+        }
+      });
+
+      // Middleware per assicurarsi che gli headers CORS siano sempre presenti
+      app.use((req, res, next) => {
+        const origin = req.headers.origin;
+        if (corsOptions.origin === '*' ||
+          (typeof corsOptions.origin === 'function' &&
+            corsOptions.origin.toString().includes(origin))) {
+
+          //console.log('Access-Control-Allow-Origin')
+          res.setHeader('Access-Control-Allow-Origin', origin);
+          res.setHeader('Access-Control-Allow-Credentials', 'true');
+          res.setHeader('Access-Control-Expose-Headers', 'x-auth, x-refrtok');
+        }
+        next();
+      });
+
+      // Log middleware per debug
+      app.use((req, res, next) => {
+        if (ISDEBUG) {
+          console.log(`${new Date().toISOString()} - ${req.method} ${req.url}`);
+          console.log('Request Headers:', req.headers);
+        }
+
+        // Intercetta la risposta per loggare gli headers
+        const oldSend = res.send;
+        res.send = function (...args) {
+          if (ISDEBUG) {
+            console.log('Response Headers:', res.getHeaders());
+          }
+          return oldSend.apply(res, args);
+        };
+
+        next();
+      });
+
+      // Gestione errori CORS
+      app.use((err, req, res, next) => {
+        if (err.message === 'CORS non permesso per questa origine') {
+          console.error('❌ Errore CORS:', {
+            origin: req.headers.origin,
+            method: req.method,
+            path: req.path
+          });
+          res.status(403).json({
+            error: '❌ CORS non permesso per questa origine (' + req.headers.origin + ')',
+            origin: req.headers.origin
+          });
+        } else {
+          next(err);
+        }
+      });
+    }
 
 
 

src/server/tools/globalTables.js

@@ -284,6 +284,7 @@ module.exports = {
         typemsg: recnotif.typemsg ? recnotif.typemsg : shared_consts.TypeMsg.SEND_TO_USER,
         typenotif,
         idnotif,
+        img: recnotif.img,
         usernameDest: recnotif.usernameDest ? recnotif.usernameDest : recnotif.dest,
         tag: recnotif.tag ? recnotif.tag : '',
         actions: recnotif.actions ? recnotif.actions : [],

src/server/version.txt

@@ -1 +1 @@
-1.1.4
+1.1.6