Compare commits
14 Commits
v0.1.6.29
...
71c7f2aab5
| Author | SHA1 | Date | |
|---|---|---|---|
|
71c7f2aab5 | ||
|
|
096682929d | ||
|
|
cebdf7a5a2 | ||
|
|
afbdb74516 | ||
|
|
9372264174 | ||
|
|
25680a19b6 | ||
|
|
fb3e4c10dd | ||
|
|
b7293a4614 | ||
|
|
830e91fdff | ||
|
|
bc95af8027 | ||
|
|
56461fe0bb | ||
|
|
989654f62e | ||
|
|
bf9fbe37c0 | ||
|
|
c83dc7a5e5 |
@@ -24,10 +24,12 @@ COPY --from=deps /app/node_modules ./node_modules
|
||||
COPY . .
|
||||
|
||||
# Extract version: use build arg if provided, otherwise get from git, fallback to package.json
|
||||
# Only use tags that are reachable from the current commit to ensure version matches the code
|
||||
RUN if [ -n "$APP_VERSION" ]; then \
|
||||
echo "$APP_VERSION" > /tmp/version.txt; \
|
||||
else \
|
||||
(git describe --tags --always 2>/dev/null || \
|
||||
(git describe --tags --exact-match 2>/dev/null || \
|
||||
git describe --tags --abbrev=0 2>/dev/null || \
|
||||
(grep -o '"version": "[^"]*"' package.json 2>/dev/null | cut -d'"' -f4 | sed 's/^/v/') || \
|
||||
echo "dev") > /tmp/version.txt; \
|
||||
fi && \
|
||||
|
||||
95
app/api/covers/[filename]/route.ts
Normal file
95
app/api/covers/[filename]/route.ts
Normal file
@@ -0,0 +1,95 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { stat } from 'fs/promises';
|
||||
import { createReadStream } from 'fs';
|
||||
import path from 'path';
|
||||
|
||||
export async function GET(
|
||||
request: NextRequest,
|
||||
{ params }: { params: Promise<{ filename: string }> }
|
||||
) {
|
||||
try {
|
||||
const { filename } = await params;
|
||||
|
||||
// Security: Prevent path traversal attacks
|
||||
// Allow alphanumeric, hyphens, underscores, and dots for image filenames
|
||||
// Support common image formats: jpg, jpeg, png, gif, webp
|
||||
const safeFilenamePattern = /^[a-zA-Z0-9_\-\.]+\.(jpg|jpeg|png|gif|webp)$/i;
|
||||
if (!safeFilenamePattern.test(filename)) {
|
||||
return new NextResponse('Invalid filename', { status: 400 });
|
||||
}
|
||||
|
||||
// Additional check: ensure no path separators
|
||||
if (filename.includes('/') || filename.includes('\\') || filename.includes('..')) {
|
||||
return new NextResponse('Invalid filename', { status: 400 });
|
||||
}
|
||||
|
||||
const filePath = path.join(process.cwd(), 'public/uploads/covers', filename);
|
||||
|
||||
// Security: Verify the resolved path is still within covers directory
|
||||
const coversDir = path.join(process.cwd(), 'public/uploads/covers');
|
||||
const resolvedPath = path.resolve(filePath);
|
||||
if (!resolvedPath.startsWith(coversDir)) {
|
||||
return new NextResponse('Forbidden', { status: 403 });
|
||||
}
|
||||
|
||||
const stats = await stat(filePath);
|
||||
const fileSize = stats.size;
|
||||
|
||||
// Determine content type based on file extension
|
||||
const ext = filename.toLowerCase().split('.').pop();
|
||||
const contentTypeMap: Record<string, string> = {
|
||||
'jpg': 'image/jpeg',
|
||||
'jpeg': 'image/jpeg',
|
||||
'png': 'image/png',
|
||||
'gif': 'image/gif',
|
||||
'webp': 'image/webp',
|
||||
};
|
||||
const contentType = contentTypeMap[ext || ''] || 'image/jpeg';
|
||||
|
||||
const stream = createReadStream(filePath);
|
||||
|
||||
// Convert Node stream to Web stream
|
||||
const readable = new ReadableStream({
|
||||
start(controller) {
|
||||
let isClosed = false;
|
||||
|
||||
stream.on('data', (chunk: any) => {
|
||||
if (isClosed) return;
|
||||
try {
|
||||
controller.enqueue(chunk);
|
||||
} catch (e) {
|
||||
isClosed = true;
|
||||
stream.destroy();
|
||||
}
|
||||
});
|
||||
|
||||
stream.on('end', () => {
|
||||
if (isClosed) return;
|
||||
isClosed = true;
|
||||
controller.close();
|
||||
});
|
||||
|
||||
stream.on('error', (err: any) => {
|
||||
if (isClosed) return;
|
||||
isClosed = true;
|
||||
controller.error(err);
|
||||
});
|
||||
},
|
||||
cancel() {
|
||||
stream.destroy();
|
||||
}
|
||||
});
|
||||
|
||||
return new NextResponse(readable, {
|
||||
status: 200,
|
||||
headers: {
|
||||
'Content-Length': fileSize.toString(),
|
||||
'Content-Type': contentType,
|
||||
'Cache-Control': 'public, max-age=3600, must-revalidate',
|
||||
},
|
||||
});
|
||||
} catch (error) {
|
||||
console.error('Error serving cover image:', error);
|
||||
return new NextResponse('Internal Server Error', { status: 500 });
|
||||
}
|
||||
}
|
||||
@@ -1,9 +1,14 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { PrismaClient } from '@prisma/client';
|
||||
import { requireStaffAuth } from '@/lib/auth';
|
||||
import { access } from 'fs/promises';
|
||||
import path from 'path';
|
||||
|
||||
const prisma = new PrismaClient();
|
||||
|
||||
// Mark route as dynamic to prevent caching
|
||||
export const dynamic = 'force-dynamic';
|
||||
|
||||
export async function GET(
|
||||
request: NextRequest,
|
||||
{ params }: { params: Promise<{ id: string }> }
|
||||
@@ -52,13 +57,40 @@ export async function GET(
|
||||
return NextResponse.json({ error: 'Special not found' }, { status: 404 });
|
||||
}
|
||||
|
||||
// Filtere Songs ohne vollständige Song-Daten (song, song.filename)
|
||||
// Dies verhindert Fehler im Frontend, wenn Songs gelöscht wurden oder Daten fehlen
|
||||
const filteredSongs = special.songs.filter(ss => ss.song && ss.song.filename);
|
||||
// Filtere Songs ohne vollständige Song-Daten und prüfe Datei-Existenz
|
||||
// Dies verhindert Fehler im Frontend, wenn Songs gelöscht wurden, Daten fehlen
|
||||
// oder Dateien noch nicht im Container verfügbar sind (Volume Mount Delay)
|
||||
const uploadsDir = path.join(process.cwd(), 'public/uploads');
|
||||
|
||||
const filteredSongs = await Promise.all(
|
||||
special.songs
|
||||
.filter(ss => ss.song && ss.song.filename)
|
||||
.map(async (ss) => {
|
||||
const filePath = path.join(uploadsDir, ss.song.filename);
|
||||
try {
|
||||
// Prüfe ob Datei existiert und zugänglich ist
|
||||
await access(filePath);
|
||||
return ss;
|
||||
} catch (error) {
|
||||
// Datei existiert nicht oder ist nicht zugänglich
|
||||
console.warn(`[API] Song file not available: ${ss.song.filename} (may be syncing)`);
|
||||
return null;
|
||||
}
|
||||
})
|
||||
);
|
||||
|
||||
// Entferne null-Werte (Songs ohne verfügbare Dateien)
|
||||
const availableSongs = filteredSongs.filter((ss): ss is typeof special.songs[0] => ss !== null);
|
||||
|
||||
return NextResponse.json({
|
||||
...special,
|
||||
songs: filteredSongs,
|
||||
songs: availableSongs,
|
||||
}, {
|
||||
headers: {
|
||||
'Cache-Control': 'no-store, no-cache, must-revalidate, proxy-revalidate',
|
||||
'Pragma': 'no-cache',
|
||||
'Expires': '0',
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@@ -1615,7 +1615,7 @@ export default function CuratorPageClient() {
|
||||
</div>
|
||||
)}
|
||||
|
||||
<div style={{ overflowX: 'auto' }}>
|
||||
<div style={{ overflowX: 'auto', position: 'relative' }}>
|
||||
<table
|
||||
style={{
|
||||
width: '100%',
|
||||
@@ -1686,7 +1686,17 @@ export default function CuratorPageClient() {
|
||||
{t('columnRating')} {sortField === 'averageRating' && (sortDirection === 'asc' ? '↑' : '↓')}
|
||||
</th>
|
||||
<th style={{ padding: '0.5rem' }}>{t('columnExcludeGlobal')}</th>
|
||||
<th style={{ padding: '0.5rem' }}>{t('columnActions')}</th>
|
||||
<th
|
||||
style={{
|
||||
padding: '0.5rem',
|
||||
position: 'sticky',
|
||||
right: 0,
|
||||
backgroundColor: 'white',
|
||||
zIndex: 10,
|
||||
}}
|
||||
>
|
||||
{t('columnActions')}
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
@@ -1701,12 +1711,13 @@ export default function CuratorPageClient() {
|
||||
|
||||
const isSelected = selectedSongIds.has(song.id);
|
||||
|
||||
const rowBackgroundColor = isSelected ? '#eff6ff' : 'white';
|
||||
return (
|
||||
<tr
|
||||
key={song.id}
|
||||
style={{
|
||||
borderBottom: '1px solid #f3f4f6',
|
||||
backgroundColor: isSelected ? '#eff6ff' : 'transparent',
|
||||
backgroundColor: rowBackgroundColor,
|
||||
}}
|
||||
>
|
||||
<td style={{ padding: '0.5rem' }}>
|
||||
@@ -1810,7 +1821,7 @@ export default function CuratorPageClient() {
|
||||
}}
|
||||
>
|
||||
<img
|
||||
src={`/uploads/covers/${song.coverImage}`}
|
||||
src={`/api/covers/${song.coverImage}`}
|
||||
alt={`Cover für ${song.title}`}
|
||||
style={{
|
||||
width: '200px',
|
||||
@@ -2010,6 +2021,10 @@ export default function CuratorPageClient() {
|
||||
style={{
|
||||
padding: '0.5rem',
|
||||
whiteSpace: 'nowrap',
|
||||
position: 'sticky',
|
||||
right: 0,
|
||||
backgroundColor: rowBackgroundColor,
|
||||
zIndex: 10,
|
||||
}}
|
||||
>
|
||||
{isEditing ? (
|
||||
@@ -2025,6 +2040,7 @@ export default function CuratorPageClient() {
|
||||
border: 'none',
|
||||
borderRadius: '0.25rem',
|
||||
cursor: 'pointer',
|
||||
whiteSpace: 'nowrap',
|
||||
}}
|
||||
>
|
||||
💾
|
||||
@@ -2038,6 +2054,7 @@ export default function CuratorPageClient() {
|
||||
border: 'none',
|
||||
borderRadius: '0.25rem',
|
||||
cursor: 'pointer',
|
||||
whiteSpace: 'nowrap',
|
||||
}}
|
||||
>
|
||||
✖
|
||||
|
||||
@@ -32,6 +32,7 @@ export default function CuratorSpecialEditorPage() {
|
||||
}
|
||||
const res = await fetch(`/api/curator/specials/${specialId}`, {
|
||||
headers: getCuratorAuthHeaders(),
|
||||
cache: 'no-store',
|
||||
});
|
||||
if (res.status === 403) {
|
||||
setError(t('specialForbidden'));
|
||||
|
||||
@@ -22,8 +22,8 @@ const AudioPlayer = forwardRef<AudioPlayerRef, AudioPlayerProps>(({ src, unlocke
|
||||
const [progress, setProgress] = useState(0);
|
||||
const [hasPlayedOnce, setHasPlayedOnce] = useState(false);
|
||||
|
||||
const [processedSrc, setProcessedSrc] = useState(src);
|
||||
const [processedUnlockedSeconds, setProcessedUnlockedSeconds] = useState(unlockedSeconds);
|
||||
const [processedSrc, setProcessedSrc] = useState<string | null>(null);
|
||||
const [processedUnlockedSeconds, setProcessedUnlockedSeconds] = useState<number | null>(null);
|
||||
|
||||
useEffect(() => {
|
||||
console.log('[AudioPlayer] MOUNTED');
|
||||
@@ -41,7 +41,7 @@ const AudioPlayer = forwardRef<AudioPlayerRef, AudioPlayerProps>(({ src, unlocke
|
||||
let startPos = startTime;
|
||||
|
||||
// If same song but more time unlocked, start from where previous segment ended
|
||||
if (src === processedSrc && unlockedSeconds > processedUnlockedSeconds) {
|
||||
if (processedSrc !== null && src === processedSrc && processedUnlockedSeconds !== null && unlockedSeconds > processedUnlockedSeconds) {
|
||||
startPos = startTime + processedUnlockedSeconds;
|
||||
}
|
||||
|
||||
@@ -62,8 +62,11 @@ const AudioPlayer = forwardRef<AudioPlayerRef, AudioPlayerProps>(({ src, unlocke
|
||||
const initialPercent = unlockedSeconds > 0 ? (initialElapsed / unlockedSeconds) * 100 : 0;
|
||||
setProgress(Math.min(initialPercent, 100));
|
||||
|
||||
setHasPlayedOnce(false); // Reset for new segment
|
||||
// Only reset hasPlayedOnce if the song changed, not if just more time was unlocked
|
||||
if (processedSrc !== null && src !== processedSrc) {
|
||||
setHasPlayedOnce(false); // Reset for new song
|
||||
onHasPlayedChange?.(false); // Notify parent
|
||||
}
|
||||
|
||||
// Update processed state
|
||||
setProcessedSrc(src);
|
||||
@@ -72,7 +75,11 @@ const AudioPlayer = forwardRef<AudioPlayerRef, AudioPlayerProps>(({ src, unlocke
|
||||
if (autoPlay) {
|
||||
// Delay play slightly to ensure currentTime sticks
|
||||
setTimeout(() => {
|
||||
const playPromise = audioRef.current?.play();
|
||||
if (audioRef.current) {
|
||||
// Use startPos (which may be startTime + processedUnlockedSeconds if more time was unlocked)
|
||||
// instead of always using startTime
|
||||
audioRef.current.currentTime = startPos;
|
||||
const playPromise = audioRef.current.play();
|
||||
if (playPromise !== undefined) {
|
||||
playPromise
|
||||
.then(() => {
|
||||
@@ -86,8 +93,13 @@ const AudioPlayer = forwardRef<AudioPlayerRef, AudioPlayerProps>(({ src, unlocke
|
||||
setIsPlaying(false);
|
||||
});
|
||||
}
|
||||
}
|
||||
}, 150);
|
||||
}
|
||||
} else if (startTime !== undefined && audioRef.current.currentTime < startTime) {
|
||||
// If startTime is set and currentTime is before it, reset to startTime
|
||||
// This handles the case where the audio element was reset or reloaded
|
||||
audioRef.current.currentTime = startTime;
|
||||
}
|
||||
}
|
||||
}, [src, unlockedSeconds, startTime, autoPlay, processedSrc, processedUnlockedSeconds]);
|
||||
@@ -97,6 +109,16 @@ const AudioPlayer = forwardRef<AudioPlayerRef, AudioPlayerProps>(({ src, unlocke
|
||||
play: () => {
|
||||
if (!audioRef.current) return;
|
||||
|
||||
// Check if we need to reset to startTime
|
||||
const current = audioRef.current.currentTime;
|
||||
const elapsed = current - startTime;
|
||||
|
||||
// Reset if: never played before, current position is before startTime, or we've exceeded the unlocked segment
|
||||
if (!hasPlayedOnce || current < startTime || elapsed >= unlockedSeconds) {
|
||||
// Reset to start of segment
|
||||
audioRef.current.currentTime = startTime;
|
||||
}
|
||||
|
||||
const playPromise = audioRef.current.play();
|
||||
if (playPromise !== undefined) {
|
||||
playPromise
|
||||
@@ -121,8 +143,20 @@ const AudioPlayer = forwardRef<AudioPlayerRef, AudioPlayerProps>(({ src, unlocke
|
||||
|
||||
if (isPlaying) {
|
||||
audioRef.current.pause();
|
||||
setIsPlaying(false);
|
||||
} else {
|
||||
// Check if we need to reset to startTime
|
||||
const current = audioRef.current.currentTime;
|
||||
const elapsed = current - startTime;
|
||||
|
||||
// Reset if: never played before, current position is before startTime, or we've exceeded the unlocked segment
|
||||
if (!hasPlayedOnce || current < startTime || elapsed >= unlockedSeconds) {
|
||||
// Reset to start of segment
|
||||
audioRef.current.currentTime = startTime;
|
||||
}
|
||||
|
||||
audioRef.current.play();
|
||||
setIsPlaying(true);
|
||||
onPlay?.();
|
||||
|
||||
if (hasPlayedOnce) {
|
||||
@@ -132,7 +166,6 @@ const AudioPlayer = forwardRef<AudioPlayerRef, AudioPlayerProps>(({ src, unlocke
|
||||
onHasPlayedChange?.(true); // Notify parent
|
||||
}
|
||||
}
|
||||
setIsPlaying(!isPlaying);
|
||||
};
|
||||
|
||||
const handleTimeUpdate = () => {
|
||||
|
||||
@@ -184,7 +184,7 @@ export default function CurateSpecialEditor({
|
||||
</button>
|
||||
</div>
|
||||
<WaveformEditor
|
||||
audioUrl={`/uploads/${selectedSpecialSong.song.filename}`}
|
||||
audioUrl={`/api/audio/${selectedSpecialSong.song.filename}`}
|
||||
startTime={pendingStartTime ?? selectedSpecialSong.startTime}
|
||||
duration={totalDuration}
|
||||
unlockSteps={unlockSteps}
|
||||
|
||||
88
docs/TESTING.md
Normal file
88
docs/TESTING.md
Normal file
@@ -0,0 +1,88 @@
|
||||
# Integration Testing
|
||||
|
||||
Hördle uses [Playwright](https://playwright.dev/) for end-to-end (E2E) integration testing. These tests ensure that critical flows like gameplay, authentication, and admin management function correctly across different browsers.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
Ensure you have the Playwright browsers installed:
|
||||
|
||||
```bash
|
||||
npx playwright install
|
||||
```
|
||||
|
||||
## Running Tests
|
||||
|
||||
### Headless Mode (CI/CLI)
|
||||
|
||||
To run all tests in headless mode (Chromium, Firefox, WebKit):
|
||||
|
||||
```bash
|
||||
npm run test:e2e
|
||||
```
|
||||
|
||||
### UI Mode (Interactive)
|
||||
|
||||
To run tests with a UI to inspect traces and watch execution:
|
||||
|
||||
```bash
|
||||
npm run test:e2e:ui
|
||||
```
|
||||
|
||||
### Specific Test File
|
||||
|
||||
To run a specific test file:
|
||||
|
||||
```bash
|
||||
npx playwright test tests/gameplay.spec.ts
|
||||
```
|
||||
|
||||
### Specific Project (Browser)
|
||||
|
||||
To run tests only on a specific browser (e.g., Chromium):
|
||||
|
||||
```bash
|
||||
npx playwright test --project=chromium
|
||||
```
|
||||
|
||||
## Configuration
|
||||
|
||||
The Playwright configuration is located in `playwright.config.ts`. It sets up the base URL (default: `http://localhost:3000`) and the web server command to start the app if it's not running.
|
||||
|
||||
### Environment Variables
|
||||
|
||||
* **`ADMIN_PASSWORD`**: The tests assume the admin password is `'admin123'`.
|
||||
* In `app/api/admin/login/route.ts`, the login logic has been enhanced to check if `ADMIN_PASSWORD` is a bcrypt hash (starts with `$2b$`) or plain text.
|
||||
* For local testing, you can set `ADMIN_PASSWORD="admin123"` in your `.env` or `.env.local` (though the default fallback in the code also handles this).
|
||||
* **Curator Credentials**: The mock Curator login page (`app/[locale]/curator/page.tsx`) mocks validation for testing.
|
||||
* Username: `elpatron`
|
||||
* Password: `example_password`
|
||||
|
||||
## Test Structure
|
||||
|
||||
Tests are located in the `tests/` directory:
|
||||
|
||||
* **`auth.spec.ts`**: Verifies public access and admin login flows.
|
||||
* **`admin.spec.ts`**: Checks the Admin Dashboard, including access protection and visibility of sections (Dashboard, Daily Puzzles, etc.).
|
||||
* **`curator.spec.ts`**: Verifies the Curator login form and authentication flows (valid/invalid credentials).
|
||||
* **`gameplay.spec.ts`**: Tests the core game loop: loading the game, playing audio, interaction with the prompt, and submitting a guess.
|
||||
|
||||
## Troubleshooting & Known Issues
|
||||
|
||||
### Next.js Development Overlay (`nextjs-portal`)
|
||||
|
||||
In development mode (`npm run dev`), Next.js injects an overlay (`<nextjs-portal>`) for hot reloading feedback. This overlay can sometimes intercept clicks intended for UI elements, causing tests to fail with "element is not clickable" or timeout errors.
|
||||
|
||||
**Solution:**
|
||||
We inject a CSS style in the `beforeEach` hook of our tests to hide this overlay:
|
||||
|
||||
```typescript
|
||||
test.beforeEach(async ({ page }) => {
|
||||
await page.addStyleTag({ content: 'nextjs-portal, #nextjs-dev-overlay, [data-nextjs-dev-overlay] { display: none !important; }' });
|
||||
});
|
||||
```
|
||||
|
||||
### WebKit (Safari) Stability
|
||||
|
||||
WebKit can be slower or more sensitive to timing in some environments. If tests fail on WebKit but pass on other browsers:
|
||||
1. Try increasing the timeout in `playwright.config.ts`.
|
||||
2. Use `await page.waitForTimeout(500)` or specific assertions like `await expect(page).toHaveURL(...)` to allow for transition times, as implemented in `tests/admin.spec.ts`.
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "hoerdle",
|
||||
"version": "0.1.6.29",
|
||||
"version": "0.1.6.36",
|
||||
"private": true,
|
||||
"scripts": {
|
||||
"dev": "next dev",
|
||||
|
||||
@@ -63,8 +63,10 @@ fi
|
||||
./scripts/backup-restic.sh
|
||||
|
||||
# Nur neueste Version holen (shallow fetch), vollständiges Repo ist im Deployment nicht nötig
|
||||
echo "📥 Fetching latest commit (shallow clone) from git..."
|
||||
git fetch --prune --tags --depth=1 origin master
|
||||
# Wichtig: Tags müssen vollständig geholt werden für Version-Anzeige
|
||||
echo "📥 Fetching latest commit and all tags from git..."
|
||||
git fetch --prune --tags origin master
|
||||
git fetch --tags origin
|
||||
git reset --hard origin/master
|
||||
|
||||
# Prüfe und erstelle/repariere Netzwerk falls nötig
|
||||
|
||||
Reference in New Issue
Block a user