fix sync und deploy problems

2026-02-21 10:38:25 +01:00 · 2026-02-21 10:38:25 +01:00 · a320b1c291
parent e8e3f2eb15
commit a320b1c291
10 changed files with 46 additions and 36 deletions
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
@ -10,7 +10,8 @@
      "Bash(pkill:*)",
      "Bash(npm run db:generate:*)",
      "Bash(docker ps:*)",
-      "Bash(docker compose:*)"
+      "Bash(docker compose:*)",
+      "Bash(az webapp config appsettings list:*)"
    ]
  }
 }
--- a/ka-note/Dockerfile
+++ b/ka-note/Dockerfile
@ -16,7 +16,6 @@ RUN npm run build -w shared
 FROM shared-build AS client-build
 ARG VITE_AZURE_CLIENT_ID
 ARG VITE_AZURE_TENANT_ID
-ARG VITE_APP_VERSION=dev
 COPY client/ client/
 RUN npm run build -w client

@ -42,6 +41,9 @@ COPY --from=server-build /app/server/dist/ server/dist/
 COPY --from=server-build /app/server/drizzle/ server/drizzle/
 COPY --from=client-build /app/client/build/ public/

+ARG APP_VERSION=dev
+RUN echo "{\"version\":\"$APP_VERSION\"}" > public/version.json
+
 ENV NODE_ENV=production
 ENV PORT=3001
 ENV DATABASE_PATH=/home/data/ka-note.db
--- a/ka-note/VERSION
+++ b/ka-note/VERSION
@ -0,0 +1 @@
+1.0.6
--- a/ka-note/client/src/lib/components/Sidebar.svelte
+++ b/ka-note/client/src/lib/components/Sidebar.svelte
@ -12,7 +12,8 @@
 	import { syncStatus, lastSyncAt } from '$lib/sync/syncService';

 	const isDev = import.meta.env.DEV;
-	const appVersion = import.meta.env.VITE_APP_VERSION ?? 'dev';
+	let appVersion = $state('…');
+	fetch('/version.json').then(r => r.json()).then(d => appVersion = d.version).catch(() => appVersion = 'dev');

 	interface Props {
 		onnavigate?: () => void;
--- a/ka-note/client/src/lib/sync/syncService.ts
+++ b/ka-note/client/src/lib/sync/syncService.ts
@ -17,6 +17,10 @@ const API_BASE = import.meta.env.VITE_API_URL ?? '';

 async function apiFetch(path: string, init: RequestInit): Promise<Response> {
 	const token = await getAccessToken();
+	try {
+		const payload = JSON.parse(atob(token.split('.')[1]));
+		console.log('[sync] token aud:', payload.aud, '| scp:', payload.scp, '| exp:', new Date(payload.exp * 1000).toISOString());
+	} catch { /* ignore */ }
 	return fetch(`${API_BASE}${path}`, {
 		...init,
 		headers: {
--- a/ka-note/deploy.ps1
+++ b/ka-note/deploy.ps1
@ -14,14 +14,13 @@ $APP = "ka-note"
 $RG = "rg-koogle-prod"
 $IMAGE = "$ACR.azurecr.io/${APP}:latest"

-# Bump patch version in root package.json
-$pkgPath = Join-Path $PSScriptRoot "package.json"
-$pkg = Get-Content $pkgPath -Raw | ConvertFrom-Json
-$parts = $pkg.version -split '\.'
+# Bump patch version in VERSION file
+$versionFile = Join-Path $PSScriptRoot "VERSION"
+$current = (Get-Content $versionFile -Raw).Trim()
+$parts = $current -split '\.'
 $parts[2] = [int]$parts[2] + 1
-$pkg.version = $parts -join '.'
-$pkg | ConvertTo-Json -Depth 10 | Set-Content $pkgPath -Encoding UTF8
-$VERSION = $pkg.version
+$VERSION = $parts -join '.'
+Set-Content $versionFile $VERSION -Encoding UTF8 -NoNewline
 Write-Host "=== Version: $VERSION ===" -ForegroundColor Yellow

 Write-Host "=== Generate migrations ===" -ForegroundColor Cyan
@ -40,7 +39,7 @@ Write-Host "=== Build Docker image ===" -ForegroundColor Cyan
 docker build -t $IMAGE `
  --build-arg VITE_AZURE_CLIENT_ID=$env:AZURE_CLIENT_ID `
  --build-arg VITE_AZURE_TENANT_ID=$env:AZURE_TENANT_ID `
-  --build-arg VITE_APP_VERSION=$VERSION `
+  --build-arg APP_VERSION=$VERSION `
  .
 if ($LASTEXITCODE -ne 0) { throw "Docker build failed" }

@ -48,8 +47,14 @@ Write-Host "=== Push to ACR ===" -ForegroundColor Cyan
 docker push $IMAGE
 if ($LASTEXITCODE -ne 0) { throw "Docker push failed" }

+Write-Host "=== Set App Service environment ===" -ForegroundColor Cyan
+az webapp config appsettings set --name $APP --resource-group $RG --settings `
+  AZURE_CLIENT_ID=$env:AZURE_CLIENT_ID `
+  AZURE_TENANT_ID=$env:AZURE_TENANT_ID | Out-Null
+
 Write-Host "=== Restart App Service ===" -ForegroundColor Cyan
 az webapp restart --name $APP --resource-group $RG

 Write-Host "=== Done! $VERSION deployed ===" -ForegroundColor Green
 Write-Host "Check: https://$APP.azurewebsites.net"
+Read-Host "Press Enter to close"
--- a/ka-note/docker-compose.yml
+++ b/ka-note/docker-compose.yml
@ -6,7 +6,7 @@ services:
      args:
        - VITE_AZURE_CLIENT_ID=${AZURE_CLIENT_ID}
        - VITE_AZURE_TENANT_ID=${AZURE_TENANT_ID}
-        - VITE_APP_VERSION=${APP_VERSION:-dev}
+        - APP_VERSION=${APP_VERSION:-dev}
    ports:
      - "8080:3001"
    environment:
--- a/ka-note/package.json
+++ b/ka-note/package.json
@ -1,18 +1,13 @@
-{
-    "name":  "ka-note",
-    "version":  "1.0.2",
-    "private":  true,
-    "workspaces":  [
-                       "shared",
-                       "client",
-                       "server"
-                   ],
-    "scripts":  {
-                    "dev":  "concurrently -n client,server -c blue,green \"npm run dev -w client\" \"npm run dev -w server\"",
-                    "build":  "npm run build -w shared \u0026\u0026 npm run build -w client \u0026\u0026 npm run build -w server"
-                },
-    "devDependencies":  {
-                            "concurrently":  "^9.1.2",
-                            "typescript":  "^5.7.3"
-                        }
+{
+  "name": "ka-note",
+  "private": true,
+  "workspaces": ["shared", "client", "server"],
+  "scripts": {
+    "dev": "concurrently -n client,server -c blue,green \"npm run dev -w client\" \"npm run dev -w server\"",
+    "build": "npm run build -w shared && npm run build -w client && npm run build -w server"
+  },
+  "devDependencies": {
+    "concurrently": "^9.1.2",
+    "typescript": "^5.7.3"
+  }
 }
--- a/ka-note/server/src/middleware/auth.ts
+++ b/ka-note/server/src/middleware/auth.ts
@ -15,7 +15,8 @@ const clientId = process.env.AZURE_CLIENT_ID ?? '';
 const tenantId = process.env.AZURE_TENANT_ID ?? '';

 const jwksUrl = `https://login.microsoftonline.com/${tenantId}/discovery/v2.0/keys`;
-const issuer = `https://login.microsoftonline.com/${tenantId}/v2.0`;
+const issuerV2 = `https://login.microsoftonline.com/${tenantId}/v2.0`;
+const issuerV1 = `https://sts.windows.net/${tenantId}/`;

 const JWKS = createRemoteJWKSet(new URL(jwksUrl));

@ -26,10 +27,9 @@ export const authMiddleware = createMiddleware<AuthEnv>(async (c, next) => {
  }

  const token = authHeader.slice(7);
-
  try {
    const { payload } = await jwtVerify(token, JWKS, {
-      issuer,
+      issuer: [issuerV2, issuerV1],
      audience: `api://${clientId}`,
    });

@ -45,7 +45,8 @@ export const authMiddleware = createMiddleware<AuthEnv>(async (c, next) => {

    c.set('auth', auth);
    await next();
-  } catch {
+  } catch (err) {
+    console.error('[auth] JWT verification failed:', err instanceof Error ? err.message : err);
    return c.json({ error: 'Invalid or expired token' }, 401);
  }
 });
--- a/ka-note/server/src/routes/sync.ts
+++ b/ka-note/server/src/routes/sync.ts
@ -13,11 +13,11 @@ sync.post('/push', async (c) => {
  return c.json(result);
 });

-sync.post('/pull', async (c) => {
+sync.get('/pull', async (c) => {
  const { userId } = c.get('auth');
  await ensureDailyLog(userId);
-  const body = await c.req.json<SyncPullRequest>();
-  const result = await pullChanges(body, userId);
+  const since = c.req.query('since') ?? '';
+  const result = await pullChanges({ since }, userId);
  return c.json(result);
 });