Fix authentication handling and improve user content loading

auth-svc/.env.development

@@ -1,8 +1,8 @@
 DOTENV_PUBLIC_KEY_DEVELOPMENT="02d0abba1b8b164c0beaad518cab55a5239161ee8d9b7af1b01ee02a1436f9bd96"
 
-BEARER_TOKEN_PRIVATEKEY=encrypted:BAYG6xlFkDrHk7CC1KFUMgYf3mgjugcB68shAmHdW9kFhFlTaayQANGKzOMVVGYPSqY6b4tIJ/og/KKF/5hKuFGABWRkvOi/Nu59t3eOIjw6Tbh5yQNanOTbtB1E7sa41YfmYBZibaQ9mgX4SzoLHOqv6VSPBKR4HfGC2AzWH4bn7sRFVg==
-PORT=encrypted:BOtZ9ODhtm2Z5Usye6js/qwQcRuDjT9JpuKB4QZx+J24Q37Ur/iiE1HGCh17zJTOuPIPZjg/Or9MNbEf0L2REjH10S8FbSRvNGMY9wrS1ARjFPyRWvfQGdkEHLg+9iTj4TVPVl4=
-APIKEY_USER=encrypted:BJxYd7lhaQ+4V6jxrUkjNn705DdYg4isd1V7jQ0WWeAMgx82uY3UAAWqG/x71yP0fuLt6ePxPE5pnhZcaRdxDUSmf3fAVznoxWRQwdzyNOgJnQBHhDCaFY3iNVUzMnguc4XcXNcpeRsmFGDNXQkhZ7SAzjz6go5UaeLAgY3Wi2zQdW39vA==
-APIKEY_PASSWORD=encrypted:BHE16r6uiubzZ2Ftm1uH21krcV15xN3QBMzXjRMVYURI3KSOvsXEF6GEdoKu7FBdWuomjhxH8L/WEoUeIIeg6PI2/GILFmlERGY+02pBbkLOkdSKqJUYk7SB+Nkm36qN6WP7Ma8QAhFUkF+jFRq1NqOF2w6gPpU9sySb0o8GxQdRt6Z4fQ==
+BEARER_TOKEN_PRIVATEKEY=encrypted:BEFXK8SJvNLnYjSvLA9zZ5TVeOu3aFgIjtOmXBhGm3XwhS/qSmD7Vv4pevVNj6cvykYu3i5R/kqJpyiJmzAmCOdaf9jsZZ+theLhyOKcD6tJbE7QsBM+k6B7nV2RibIDk+26XegHBFlmHJSAHvXILkML9kVls5by4GIrOmcgbAloUH35IA==
+PORT=encrypted:BPJ69tLi5QARmpcuwN6K6L4mmaZ43YWQQkSsf4aKI7SjCJbA6+HrZBi38ULvL2WpHXi5tQZg6a21vpB9lJWIiw0b8Upc6BXDS2I9S7wHPU79tzZBvo0edA5vxtMSTKCBNdzKWyk=
+APIKEY_USER=encrypted:BNLEAvadqpCkgZ/WDLsDeDLM2q+H6BhL1FfvBwwM0S44rZO7A29FZscfBF7IB+7/XMuUoJ+jDncYxhSwdoPmuUoPC3qH7nMYWINN6jIKdfuE3mmO8/r2oLpXQVF/ji9pODvNVm2xIMb0cvetNgpmYWwygLVU45YNf0lEDTr3puU7FhJiuw==
+APIKEY_PASSWORD=encrypted:BErq+IRMBtPA48XSsOiF3r7APynERJDpyDW9ujPTFaLnNcAmb53+shXZf60N5WYcy0zK0+DRsNTK2dCqSAXlZe0TxlhtxrUW8c9iSeOlOgxUPdCxH+M+zqhzyLCvJ2jyZKXQ0JlLAENAdfwsumSBTTToAmRsaB52ghbq/giHffCXvRqGSQ==
 
-DATABASE_URL="encrypted:BKSdt/+l2VJke1U4W9vpgi+3fmbtDjppeJ/7lQpsvj0wwID7OwoeLd8HOmT09EzCSrEX17rVrP29ovkXUjq6sc8KfLerUxU3sGN4wxwfpU9S3PC4HGgA5+FLSrG9GAix1+u/KMwP62jg2G/ZwjiI0y+/yJAAP4NP2ipO2hENBAR9DeJIpZRwlbIu5PoVtwJuiKF8RoP2l3Pxg1lpu5fqe+w="
+DATABASE_URL="encrypted:BBCNKOVxqoWCKoh/gDMmf6lx+oxvHEFI5NU2k2VaRr10SM80mOMrRmZnrwfj7J3UvZoYX/GyxxzgqcuGUmjkvskzaTn2NSjjsFWdRBSORYgiCnF3CUc4j3YYsWghjOPZRf3N22O2BaSurByKJJzIp8Sm+pKlC1XCx7/pFh+weMFLevnd00Xd9nlMsk2qWrULHpimQAcE/NaXzFugWFeLCpU="

auth-svc/.env.production

@@ -1,8 +1,8 @@
 DOTENV_PUBLIC_KEY_PRODUCTION="03a00202ae7b3ad87b4f856c7281db20733d192d5e426a619225782b49b7aeb34c"
 
-BEARER_TOKEN_PRIVATEKEY=encrypted:BATorXjva355QSsY1X5RcrdT77QkvQEssyOJAls8i45Co4KJi3ZG0tnin4WEfheLvkZ2DtvBpMSruQ8HsukwzAERnCj9PITSOm1qwonwuzLuSer3tUQT+r2loFwJAN+JnOtUQKcn/sVbNyEU7+2Ny1LSoHJtdgyWpgBCHXIw7ZO5pQMzig==
-PORT=encrypted:BNQNTtTm197zddydSeF6DrHp51EJfc75ZRBAva1f4OtPh/JDwI4XiLLCXp809uatsrs4M9dwS5maUj8r+V+dk2HY9gxR1gpQZbtNurSkLXvCRCl0nH+z8N5MGHPwaEeEcHQQ/nE=
-APIKEY_USER=encrypted:BB5yWEc0vlynQ38lOepa11AIv96e9Wkv1Od68u2Pu/wch9ivXGrxYteWxVVoAK010zuhZc8VWLkpTQNheseIiV+ifOkgF0Ibi2+xXgTDBibfdJEiS1kGiOMVTV/03REZswiNDeVSyxhGctj0ZdNp2MNmep9fNGB+DHUFN0xW1Fe6z6zHow==
-APIKEY_PASSWORD=encrypted:BPfLG3xX+1ip26JFSPUB1P1ei96Plb1boMDpLHfMLH7guy7FFoEzg01uetgQoT8DobeCclRwKXv7/O8xKICHzsGIzl19tudhWaM/hzRxJyYGD+KLW3AXNqy+8X1s/heolEgtytio6QYVYTu2/ZzEHsggDVEuoBx8o8gMhDGYqGxP6Bx0fg==
+BEARER_TOKEN_PRIVATEKEY=encrypted:BGVsEIFvsi3DTDR3YtwnrsKHroe7uxnMIW0klCCXf3RQ01AFEH94n3asI+E+4tQ+l8blqhuAJS8bUU8HDZKjpPRSoRn6/LONcEZ3pvBNv1tVQHIdKBPfPAc4ivETUNkxg9qaL1imcovXnbfo19a/b3Mu3lCYYGgDdwI5u2Izo9wmRMQ2tw==
+PORT=encrypted:BLVotORyFHv5lpyRtSkFQKSVERt2C9IwKLUM4w7baRBTyjSKVJ06b6TPzRneINXY7L2wxJWSLafMrEF7owMlZOpj7i8Y1gAJXhoh4CRptWDk/DWDEZNS59wW0yVY4YbonohRmDQ=
+APIKEY_USER=encrypted:BBTt6bsM18bRbejLVddic0NuHzT36R0+aohseXG5N00KZ2kAnkuntw8iAsOe5GooMUn05QxNMqSQ4oN9ixCjWpIhSK2lytUtz/up1YLi+jEN6K/qgJ7iVGeiMBY7gvfNWF/RdjtttSlwmkTTNn+Dn4D+mX2DP2DR3Mr9nxMmmgDq/IeFMA==
+APIKEY_PASSWORD=encrypted:BI6zHAlelhHqi/gAN7qw5aJAhBf7ofCQ+V6ggxyToZWcYV/TZ5xluy/fJ/ktte4OxrDSG9C+bCdBrlp7c5uRrI4tSU/zoZF04dr3A9hMBB8PqOmHZFwqBYULRWJJC1jNBNs/4eYNlIzybb2NMfThAdXBS/Y8Yda0sN9e1abwmAPsEHNrlw==
 
-DATABASE_URL="encrypted:BMGZgC0DoYqu198ZnGru253CszS7v5xuFa66VO01J7DSryUyJeNVleGulgWff7j//yYxztPHE51PJPslof81lNGdzIATyaA6NBZOs4knaq1Ia7kGM1FQH7u98/91aI1pPbL7GKYXkXwmLvCIfrk4SIX8k8TR/Gs+p1hbS1BrzEpYvOw6SceDOdbyFnwgfYVS1J0lu1NIYWtqD7TzrbSmvKjWeUo9F0wtemSS5y6TaAeQsMnAa8af/XONE1SYcmWA5HXGwqXKqlB6xr5je1F/GoTTFEKO1eeladCwZ1f3xPuWduv4v1IRHEWRrKS0R7BKfC0WhuOdYCKI"
+DATABASE_URL="encrypted:BOoAQUb7ubNZ+ools+cEv8iSh4XMJlagp2pHbSiIa1t1djYaFISmyA5529R420PuRLLv+3UQfmf5g5jUNtH4zUO4zZmUn5ivavzRPthh5fkqHmvAtz1yMEcXdqBtjIADVnxsBbPiwvVELhIBJ6MFifZVnvYwXFoQ1aKUbRmMdyESiQRAZSRgCih9hH5VGGV62XFYo8B37xfioQRIFSqG36upOMLkIpY29fa6zeP4GGmJB+ZQJpAXfzVr7CZ447O6CyyCJRMLkBM7Tx5Y28dmEkBuU1laYfhQ5pRCEGwvYA8m/cZSooFFqFaSeYPqstBCnIbYlQqM0hpN"

auth-svc/src/middleware/authparser.mjs

@@ -32,14 +32,13 @@ export default async function authorizationParser(req, res, next) {
     }
   } else if (scheme.toLowerCase() === 'bearer') {
     try {
-      const decoded = jwt.verify(credentials, process.env.BEARER_TOKEN_PRIVATEKEY)
-      const {username, password} = decoded
+      const decoded = jwt.verify(credentials, process.env.BEARER_TOKEN_PRIVATEKEY);
+      const [username, password] = decoded.split(":")
       auth.bearer = {username: username, password, password}
     } catch (error) {
-
+      console.error(error)
     }
   }
-
   req.authorization = auth;
   return next();
 }

auth-svc/src/user-server.mjs

@@ -18,20 +18,7 @@ server.use(express.urlencoded({ limit: "3000kb" }))
 var apiKeys = [
   { user: process.env.APIKEY_USER, key: process.env.APIKEY_PASSWORD }];
 function check(req, res, next) {
-  if (req.authorization && req.authorization.basic) {
-    var found = false;
-    for (let auth of apiKeys) {
-      if (auth.key === req.authorization.basic.password
-        && auth.user === req.authorization.basic.username) {
-        found = true;
-        break;
-      }
-    }
-    if (found) next();
-    else {
-      res.status(401).send("Not authenticated");
-    }
-  } else if (req.authorization && req.authorization.bearer) {
+  if (req.authorization && req.authorization.bearer) {
     var found = false;
     for (let auth of apiKeys) {
       if (auth.key === req.authorization.bearer.password

post-svc/.env.development

@@ -13,6 +13,7 @@ GOOGLE_AUTH_CALLBACKURL=encrypted:BO6FPv48GMxzPWhkd6MYVayrjbKmTbAUQHb5feQ8QW1Qy4
 USER_SERVICE_URL=encrypted:BNXdsTmrTTcMu+59q3toi8njhhXQ8Rk/BMfVag9dQ2ZmDZ4NJNTr8nf4X/bdr7K+MQC0F5CP8cLf/itfuWEgydAYcIiXg13/M6PSrYms7mEd4ZqH7ZQRxfoiEuw96K7Ncd/Hhho60dDQXyccm8LM+E1DcXlbdQ==
 USERS_AUTHID=encrypted:BI6PGKytMjk6X3hgZv4+aZLAWxXuWlVRyoNgojr1FiO6mBTSgZJ3dDFQcdk4kKDchL1S/DeTvhzXwzK2UPeXyPeGGD9DxJLls5o/Ntc4JnrUN4c4gjRS9Q0gTOI4jN7r7DFdVN0U8qcQkqDI88uNTD3zHGwpwBRjQEGX8rCOv3cxKDtq2w==
 USERS_AUTHCODE=encrypted:BMn7KDmUWZSbV9bd23GF6EUpM4EvdnjyQ/3dReB/au5FHFptQJoSi/af41s6qpr4tVMQTmevNCQJPVH5o09RrrqGIGXi2LCFDPfeEHuHIEY4N3k2qdtMcR+1r8O64OdIt+tTOVeBxSi+K2edInAmzxTYf0ZMtUKWJ1s9iAWJabZko90HdA==
+USERS_TOKEN_PRIVATEKEY=encrypted:BDY8sjWs38xzAOPv6UFViDnLgUoQLhxUrlBtQp7jX57RiN4/K/vXxGHI4lFd4GqXC/QE9Gp2iVmNAwKQGtfXxX8WVVCQzitabKU80YDr9CIoXMEUTqqCz7/s5uYtY8kGO8L3JuLdelFXSpVISKmaYVtk9gkDyOeMpor0g96fv/jzJyOBOg==
 #db
 
 POSTS_MODEL=encrypted:BIbKACY+ceQ7j+4WJ1yCD4TPylntbmyocfGFmx1rwWTJPUHCzorJpKBjlIoGQbGu33uwseHILy3W0hdZIQLJqStvpnnAjIDyToelFdR9TIkwKKBtIOmCT2DlHi5DiHyamS1LYMw/kA==

post-svc/.env.production

@@ -1,17 +1,17 @@
 
 DOTENV_PUBLIC_KEY_PRODUCTION="03a00202ae7b3ad87b4f856c7281db20733d192d5e426a619225782b49b7aeb34c"
 
-GOOGLE_CLIENT_ID=encrypted:BILwqB0Q8SjQaGGnQhRAZ74EgAGhXVeKolUODVTZULDf7wcyLzJ7J3FDzhRf6NrxsKdJllvvJTTCkgZsj9EY0AXwErku6qdVbKKcVr7tG5wUAMfdO79mwxiHohusCWxsHNr7YT4ETC61/vQ0DLo17LG45B0NGMvHBuqK9ofBwzJy0icmxV/vlcbummRVwP4KMoAamfaf2P1cQw/0+ywmnBX6x0p8waCq+A==
-GOOGLE_CLIENT_SECRET=encrypted:BCjGc4JB+CfXCmjt2QtNXsEWvUBGpWjktFuhYEt6CpZLUvzt0E1FJH9D9wQtg1EfufA8r2zgIdaX1cqd7jx0O47Hd/lioCf6ZEhtyPLJPOrKLofdLygf2tCmOWBrX9TEVZxZQw2tBFZATDiZ3JlZkGGIlMA3CctPJZjkC5k5+QaFOUQb
-GOOGLE_AUTH_CALLBACKURL=encrypted:BJExPVqXhnAwUs6J/0rYkta4JmigQ6GYdldDuL6YE0qEEm22KjebZ8NPiwS3Ss/Ei7zfMg8JSnVxr0M3ko5Bg/vGybKtiU1kG/KewctRIqo01QVJWYzjs9xThpZBMyxYDUsRtZei9jRrdbamtad+/VjfMQZdX1uhqkwZ1kmWvyd6McEDrtDTN913p6Tlebj5BK7v0/IB51e1BnOzwQ==
+GOOGLE_CLIENT_ID=encrypted:BGoMbd1lnNs86N8qNk1mGuSvv9YxeZvMQGsNVrhzOF8gXGoDl6EcA9czLNkX16aiocwA3fJfxz9Jf28l5MnSWNFpugym9dmkjDixfZP2Iew08Nsesprf3WV0N5k9My+7CtDQtFOWWDduIw4g+wbajqw3K9Q/MfAoVMKOTUyts4jFC4J1Fd+wrPEDqO8HE7q8jAthLBpfotD8q1WE4w84+zEFbW3TvtbHYw==
+GOOGLE_CLIENT_SECRET=encrypted:BM+oNM8Rlg1gL0Oh9FSgLtMKBOHUgdOTvc3Fo5KAHldiouozbm0HCp37Uh3J3tDcTA0d+5S+JChRnfRN0HfgA3EObJ9Ln5TflGeDepd+lJAO7B47YOi6HFDc+P/g8Ga2Mmi4nKg4szRrLpd5lFSnao10nI/0hWC+w0rbmWkGn4myieso
+GOOGLE_AUTH_CALLBACKURL=encrypted:BCfpL/CgJcXLI+zQjryCKAMoban7/WZAamjyrd0AyFwA1SEv398eyIxuh7BlNMC1TkNqIpwv57CbweJO1mplyutrwGCdSV0T7Jc3pYJhcJNlLztWE+UX2Niy/fcL+HtqFbiVd8Ovfzft0gzQRdHn0ec5NnVIq24rOFmzUURV6ZSMg21065O4A8nIY1ZnSza2+Da51y5cZmFf05AKXQ==
 #USER_API
-USER_SERVICE_URL=encrypted:BArlnvuE7RCBXbapK89l5kt40Ke+PSNbJkUhRD3n2Qx0RtITo3bjM/Vkb5N6iKDAmo6Ls2bXnd2nsnEJAM3hJBvMUiPAySgOAqZ/ejcJdmDubordcmEFqBEc7+SoLnQ3qXjCuHhHfTiVmLMYax2UeeuoAksJfAvt7O+wBLZuOZiUsu/IiLHkNkKYHTetvK1ph5YjwAA=
-USERS_AUTHID=encrypted:BLF8srIMZzMGcw8+pK4BT31XaREEUnsbVyhoVvGg4SucweN5DhLaTAV7Z9SSxnQsSy/YF9uYKZFY51dlAMxkik17pRXkCrZgzPTfkvqWJFsx8n9Q2gpphmDZxYYsBY8Qs2UhqHslcWnXmFOvBN1OYlP+jE+gV9ul+vWevg2QpMbyTf758g==
-USERS_AUTHCODE=encrypted:BKXAzxhKWOmCznVztlKfcy4f4PBjMZjxMd+l0scYdwfGg61C3zgowMaTy/p4pH9143nLf/QMUzGdMKnID5lcH7rTP33Opqh0eFlZjL9TVYVfQ32HebxMdVX1Gid0ZkWsAiUrPpCbFt9cSWqaybIKg0GzZkr9lJTTxVXLgkhBxUz/6S1Jqg==
+USER_SERVICE_URL=encrypted:BOezTokCUk5m549EylJbWVK6OhaTGxxESX3iO2+9G0GYt8BxLwX7v8304gEfI02wKiLQQVFeYyN9zSVAdfn6p0zq+fzDbOwMNePQFeDeQLtlrmo4QfJs8+ksqWTXfTZ6f4FTMC9BtHaFrb/aGcqoqjm/JqdGPpL811cNG0W/ICBUtKCktYuUPSPy/q2SY579Pjmpf/Q=
+USERS_AUTHID=encrypted:BN96bIcgeYmu33KOVtxhnrtOGuhQKaCmOXHkiZRDTkQu9i+PDje4laOSJo1TqNt14dRqI5bZSgBfQ3JdmN4G+2Yv+jiXBBvWqcHjAY4rCXOnFwE2gfiwxiLhFhplsQ/G9+uNylErhVtUxLXU5QIoIZuWVHgXGdFiQg1TBP5Q+bmhZmUWgQ==
+USERS_AUTHCODE=encrypted:BASToYVZVMQu6b0Gk9xpUw9lSG/h4UAsL2512jtRnWGtDFNHrWxxXtTHFCDEwJmfZmNUweDIHk3ZWu3zhZM45VV9emy9JceLXHBJCiRbVIcDp/F2QLSkxwOpq7mXj1v5Z7l7Z+AJMGugjmshQ52Vre4qXuidoK50C2TvXhAr9MjCNXxlog==
+USERS_TOKEN_PRIVATEKEY=encrypted:BLPIIqVkr/WtAtrI7p0y8IXBZ2HRhyY0CXmZ4SSrwdNVTCYLVOpESNipsl6Nd3AzeajzVW6x/eNST3uf2FD4HOtH9QfpAghyMoP9EyftV0pdsWtv8tWnB5Z+a0YMUHNU6ri0i+hW7INJIO6SzAC0sCbIaCqsvYKNvc/U7HuFTEdb/zEwAQ==
+POSTS_MODEL=encrypted:BDiWiWpT8279iRwRsIxk4Wlt46/e4A02yqcCgnM4BdZYlpAGZkl+SXCHcXIh+NVwKJMxkgkdKWryJpZIUHtrKvRPCr/umUUjWJt3wEFv743FWJYFEU8lzz8r/yTtI4hWQY80yU28Fw==
+DATABASE_URL="encrypted:BPm0LWhBxlN7qKYHR1ZQ8CDCr7999kH03N3uj5ggxQuSrqa4VkDAKpOBXGn2PXgeDsUiX6eMh4rfSw1o/ICbyQ6ajpIatuKtcTkXwM8n1l28qrhPt8EmZS+mtXdWApPi8oB7vV3DoJvzIRY348kFvdCbUMhwevvf/4mJkjcXEHDJRiDQMmzPMNEIr6g/ItM+N0BwRUZmKxAfzPgZOFe7AYawaajUg+Zuo4yAs7fgAo2PTFJfVB+nQUhVKbqOhliuG1Ee7NNeeEEu9nZTlQJc1I1KvvWNgyZd8j0+BJP9XutKMHwd4hOR0Q+908RV/vxjN6/bTY167Q=="
 
-POSTS_MODEL=encrypted:BKgeFCyIr+yO2h6oAN8X6cIhW1TIr4xvJFP3tybAQlXsZ++bOGmwEDZWgQV823rpRVy8BPgGBYRrOeO0qhaMIzU4z+Ya94+/jux+EiUXvkJbedLLOBY4ruC5RjAwOplpTKcvXM0xKQ==
-DATABASE_URL="encrypted:BClnZqEWee1u+/5UlliLdLR0JJqApiceKpwhjU+zmIF85owpKQ35sEeeu6ebsU+O5vkas7yPA4cGntVu7ZU2+2TEkSuIZojGIHk3w8znJawZJ2AbpFNkBrV5F+IGULvZE/zIntBLReQma6q2j2Lef1jOuiF8NtY8Cz+g6Nsw925n4c+/UC2LDWLWRyjpTXusFw0lWTMWTLVU81LRnhCBIBrnM/snu4hw53Rrh9hokf5ytMKm+KjmiSiGZnjs33HJ6kO82+3QQymuq7WYHewW03ke7OgD34PUjx7bnpWNbcSFR4shGk0ETf05u+bV9fR4+K38wJ7VPw=="
-
-SESSION_JWT_SECRET=encrypted:BJy/9gONcXtsDVkLV3aYS5rVg0GuavG2MhhLbyoCPv4k6fn1TAKkad7ZyVFgyFvYq0ONt1T0TpXmAZ4r9Hlrhm1idLS8kcCgh+wBeh3L8Nnnmdu+/+cvEdRyOiXe7/GwEdVnc2eEZEDpP0Hc94hEl1Sa/rmJLkIq6AGk22Mi7zSNpG8EZA==
-SESSION_COOKIE_SECRET=encrypted:BI97N796PPwNBTi7D0kMPt2t7CXcD2JIR0CKY6kZv/e2WHJMR6d1LFx22icnT7BKliRdn9A01Suw8Uca9QzpmU4+tgyMFkKrIHU21tt2WcJjWPxn4OIPx/fg9O5xonvPCcjQnbCaDfS/5gD7rFgSQq291VrVUvf1w+PPl+b4HPL/7q7rUA==
-X_WORKER="encrypted:BLU2+RlMOJozt5VjmefomtYkTH5KozSIAaq7423eyeOQHYVyK39yfbdO+w+EvgKouZnRt4+d/uEw6NhNJ4TgPu6CzVu2c3bYlGdDDvlx9HIqHxMim1tv2cT4+8Y3ogfdM+rFn1y/gA=="
+SESSION_JWT_SECRET=encrypted:BHIlVvLly256Jj+xJt5n9vWony7P9Kc72+LnZgc1Zj2lE/bl7wTVS73l/47pOVfKGSQHm0e2PIBj85lSZk2pItPs5LX9HGNzjVYdWbAguwLZk0Rm8Z+JTj3GNhQPZl597P5xsn2u0jKGLNOIEcqnkVAUbKxyfj9zM66WqjAUZ32gQqaBuw==
+SESSION_COOKIE_SECRET=encrypted:BHMHX4QQ0a19kDZVuD7KokgrVRjK61qpocWMb9hkxj6OQCsDEZCzfkCkGxnasRalLpzdhpg63E6mur+ouDJ2XuGm3ZGwrGSj1F03r2fp6S7fcUGlCP23XdB2ZavtJ2r09JJxVyIXsBndCIW/wEDTY0OfS93nZ9Y1Q0/AkdX3t7i6cFsUpQ==
+X_WORKER="encrypted:BIag01JzwGD2Ckc88XvsmiSrWR4QRapqSxyVq3csLp9N1Gfg1r5IkXxflwCIzrPAVWZRj6yVe47AN9s+qmCu0/oU7JdMoS7FNcDEtvI4/aGHsPYs7ESQZksAsQYc4m5ZrMzlnlZwQg=="

post-svc/src/models/posts-prisma.mjs

@@ -122,7 +122,9 @@ export default class PrismaPostsStore {
   async close() {
     await prisma.$disconnect();
   }
-
+  async connectDB() {
+    await prisma.$connect()
+  }
   async create(key, title, body, autherId, imageURL, ...catgs) {
     const catgsData = [];
     const uniqeCatgs = new Set()

post-svc/src/models/user-superagent.mjs

@@ -1,6 +1,6 @@
 import { default as request } from "superagent";
 import { default as bcrypt } from 'bcryptjs';
-import * as util from "node:util";
+import { sign, verify, decode } from "jsonwebtoken";
 import * as url from "node:url";
 import debug from "debug";
 
@@ -14,6 +14,13 @@ async function genHash(password) {
 var authid = process.env.USERS_AUTHID ;
 var authcode =process.env.USERS_AUTHCODE ;
 
+let AUTHTOKEN;
+function genJWT () {
+  if (AUTHTOKEN) return AUTHTOKEN;
+  AUTHTOKEN = sign(`${authid}:${authcode}`, process.env.USERS_TOKEN_PRIVATEKEY)
+  return AUTHTOKEN;
+}
+
 function reqURL(path) {
   const requrl = new URL(process.env.USER_SERVICE_URL);
   requrl.pathname = path
@@ -32,7 +39,7 @@ export async function create(username, password,
     })
     .set("Content-type", "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body
 }
 
@@ -48,7 +55,7 @@ export async function update(username, password,
     })
     .set("Content-type", "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body
 }
 
@@ -66,59 +73,59 @@ export async function findOrCreate(profile) {
       photoType: profile.photoType
     }).set('Content-Type', 'application/json')
     .set('Acccept', 'application/json')
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body;
 }
 export async function passwordCheck(username, password) {
   const res = await request.post(reqURL(`/password-check`))
     .send({ username, password })
     .set("Content-type", "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body;
 }
 export async function destroy(username) {
   const res = await request.delete(reqURL(`/destroy/${username}`))
     .set('content-type', "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body;
 }
 export async function findUserName(username) {
   const res = await request.get(reqURL(`/find/username/${username}`))
     .set("Content-type", "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body;
 }
 export async function find(userId) {
   const res = await request.get(reqURL(`/find/${userId}`))
     .set("Content-type", "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body;
 }
 
 export async function findEmail(email) {
   const res = await request.get(reqURL(`/find/email/${email}`))
     .set("Content-type", "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body;
 }
 export async function updatePhoto(id, photoURL, photoType) {
   const res= await request.post(reqURL(`/update-user/photo/${id}`))
     .set("Content-type", "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode)
+    .auth(genJWT(), {type: "bearer"})
     .send({photoURL, photoType});
   return res.body;
 }
 export async function list() {
   const res = await request.get(reqURL(`/list`))
     .set("Content-type", "application/json")
     .set("Accept", "application/json")
-    .auth(authid, authcode);
+    .auth(genJWT(), {type: "bearer"});
   return res.body;
 }
 

post-svc/src/public/assets/javascripts/like-control.js

@@ -14,8 +14,8 @@ class LikesControl {
   }
   async init() {
     if (USERID)
-    await this.setLikes()
-    this.attachEvents()
+      await this.setLikes()
+    this.attachLikeBtnEvents()
   }
   async setLikes() {
     const res = await fetch('/users/likes/keys').then(async res => await res.text())
@@ -31,7 +31,7 @@ class LikesControl {
     })
 
   }
-  attachEvents() {
+  attachSocketEvents() {
     SOCKET.on("likecreated", (postkey, userid) => {
       if (USERID == userid) {
         const btn = document.getElementById(`${postkey}-likebtn`)
@@ -47,6 +47,7 @@ class LikesControl {
         updatePageUI()
       }
     })
+
     SOCKET.on("likedestroyed", (postkey, userid) => {
       if (USERID == userid) {
         const btn = document.getElementById(`${postkey}-likebtn`)
@@ -62,6 +63,9 @@ class LikesControl {
         updatePageUI()
       }
     })
+  }
+
+  attachLikeBtnEvents() {
     if (!USERID) return
     Array.from(this.likeButtons).forEach((btn, i) => {
       btn.addEventListener("click", async (event) => {
@@ -136,5 +140,7 @@ class LikesControl {
 
 }
 window.addEventListener("load", () => {
-  new LikesControl().init()
+  const likeControl = new LikesControl();
+  likeControl.init();
+  likeControl.attachSocketEvents();
 })