afrostream / afrostream-api-v1 Goto Github PK
View Code? Open in Web Editor NEWrecurly
recurly
https://devcenter.heroku.com/articles/docker
create a dockerfile
use docker on heroku
use the help of nelson to be sure the payment process is smooth.we have some cases of failure
We never could activate this account, i was forced to reimburse her,
could you take a look why ?
some people created an account with an upper case,
now they enter with a lower case and it doesn't work,
see with @nelsounet to smooththe process to mail all in lowercaser
[email protected],
could you look at it ?
userIp should be:
add node categories if present,
add categories in the order we defined them
check
[App:afrostream-api-v1][Err] Mon, 12 Oct 2015 12:45:41 GMT express-session deprecated undefined resave option; provide resave option at server/config/express.js:37:11
[App:afrostream-api-v1][Err] Mon, 12 Oct 2015 12:45:41 GMT express-session deprecated undefined saveUninitialized option; provide saveUninitialized option at server/config/express.js:37:11
Request Header :
POST /api/subscriptions/ HTTP/1.1
Host: afrostream-api-v1-herokuapp-com.global.ssl.fastly.net
Connection: keep-alive
Content-Length: 779
Pragma: no-cache
Cache-Control: no-cache
Origin: http://beta.afrostream.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
Content-Type: application/json
Accept: /
DNT: 1
Referer: http://beta.afrostream.tv/49/marry-us-for-christmas/a0a18b89-1da2-46c8-9129-3f376cc3d19f
Accept-Encoding: gzip, deflate
Accept-Language: fr,pt;q=0.8,en;q=0.6
Request payload :
{"plan-code":"afrostreampremium","number":"4972300207965302","month":1,"year":2017,"cvv":"999","first_name":"NELSON","last_name":"COELHO","email":"[email protected]","coupon_code":"","unit-amount-in-cents":"9999","country":"FR","starts_at":"2015-09-01T00:00:00:00Z","is_gift":"0","gift_first_name":"","gift_last_name":"","gift_email":"","version":"3.1.1","key":"sjc-WOBbERhzqRX5AJ6hVGOPzv","recurly-token":"GME_AltirZU6Dw8N3FjJGA","afro_token":"5a87dbefd1592ee8f6b9de4ecdce386aef141b5d","access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2Fmcm9zdHJlYW0uZXUuYXV0aDAuY29tLyIsInN1YiI6ImF1dGgwfDI0NjciLCJhdWQiOiJCdFNkSXFLcWZJc2UwSDFkcWxwSEZKZ0tJa1VHME5wRSIsImV4cCI6MTQ0MTEzNDQ0OCwiaWF0IjoxNDQxMTI5NDQ4fQ.b1ypbQPKj2bXs-mpMr7ncnT0MEqB1jChRZXZbJJkbCQ"}
Response Header :
HTTP/1.1 500 Internal Server Error
Server: Cowboy
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Accept
Content-Type: application/json
Set-Cookie: connect.sid=s%3A1WHivOouTza8eiVbTSHYBuAFfmwiyFqg.0gukefIK9e7A4dhV%2BOVpGgotZfjwep0Gp3FC5EooEtI; Path=/; HttpOnly
Via: 1.1 vegur
Content-Length: 179
Accept-Ranges: bytes
Date: Tue, 01 Sep 2015 17:45:08 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-fra1241-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1441129505.782694,VS0,VE2391
Vary: Accept-Encoding
Response :
{"name":"RecurlyError","errors":[{"#":"Your transaction was declined. Please use a different card or contact your bank.","field":"subscription.account.base","symbol":"declined"}]}
POST /api/search
linked to Afrostream/afrostream-back-end#186
it's a celery account,
could you check if it exists and activated ?
backend errors http status code will be proxied to the client
repéré par benjamin sur keymetrics
@see https://app.keymetrics.io/#/bucket/55e5866172fb5acb6a48efec/exceptions?server_name=heroku&app_name=afrostream-api-v1
TypeError: Cannot assign to read only property 'expires_at' of <!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<style type="text/css">
html, body, iframe { margin: 0; padding: 0; height: 100%; }
iframe { display: block; width: 100%; border: none; }
</style>
<title>Application Error</title>
</head>
<body>
<iframe src="//s3.amazonaws.com/heroku_pages/error.html">
<p>Application Error</p>
</iframe>
</body>
</html>
at Afrostream.setTokenData (/app/server/components/purest/provider/afrostream.js:53:25)
at /app/server/components/purest/provider/afrostream.js:29:14
at Request._callback (/app/node_modules/purest/lib/utils.js:51:14)
at Request.self.callback (/app/node_modules/purest/node_modules/request/request.js:198:22)
at Request.emit (events.js:110:17)
at Request.<anonymous> (/app/node_modules/purest/node_modules/request/request.js:1057:14)
at Request.emit (events.js:129:20)
at IncomingMessage.<anonymous> (/app/node_modules/purest/node_modules/request/request.js:1003:12)
at IncomingMessage.emit (events.js:129:20)
at _stream_readable.js:908:16
``
should fwd backend cookies until we refactor the auth.
l'api a un max-age à 0
il faudrait cacher ce qui peut l'être afin de diminuer fortement la charge & améliorer la qualité de service (utiliser un maximum le cache CDN)
Problématic :
currently, api-v1 calls the backend inlining the token in the post request
the backend is using passport.authenticate('bearer') for authentication
inlining the token prevent receiving content-type text/xml data, because req.body is a string.
Solution :
we should use header Authorization: Bearer instead of Authroization: Oauth ..., and avoid sending the token in the body request.
to stop using auth0, we need to open these routes :
workflow: the user enter email + password in the new login box
POST https://afrostream-api-v1-herokuapp-com.global.ssl.fastly.net/auth/signup
{"email":"...","password":"..."}
result
{
access_token: '1a17c416593efca902a06d871b549eff29274e25',
}
workflow: the user enter email + password in the new login box
POST https://afrostream-api-v1-herokuapp-com.global.ssl.fastly.net/auth/signin
{"email":"...","password":"..."}
result
{
access_token: '1a17c416593efca902a06d871b549eff29274e25',
}
workflow: the user click on 'facebook oauth button'
POST https://afrostream-api-v1-herokuapp-com.global.ssl.fastly.net/auth/facebook
result
{
access_token: '1a17c416593efca902a06d871b549eff29274e25',
}
workflow: the user click on 'email forgotten', the user enter : email + new password twice
POST https://afrostream-api-v1-herokuapp-com.global.ssl.fastly.net/auth/reset
{"email":"...","password":"..."}
result 200ok empty body or 500 with the error
an email is send to the user with a link https://afrostream.tv/reset?k=664355fcaab7df73065cdf43ba335e169e1dda268843d7f92416211de9ebb963ff4ce28125932878
project front-end can call
POST https://afrostream-api-v1-herokuapp-com.global.ssl.fastly.net/auth/reset
{"k":"..."}
result 200ok empty body or 500 with the error
add a specific header afr
Afr: dfjqsdjfiuqhfuhzlfihlaizuhflaiuhlazfhlaniuzfh
the content of this header is a secured json : (payload + hash).toString('hex')
{
conf : {
"afr-api-v1-staging" : {
backend: {
authority: "afr-back-end-staging-pr-4242.herokuapp.com"
}
},
features: {
"key": "variant",
"cdnSelector": "disabled",
}
}
payload.conf.* should be used to overwrite config "on the fly".
In the previous example, this payload should overwrite api-v1 staging config "on the fly" , to route the trafic to a specific backend PR.
payload.features.* should be used to activate/desactivate/addParams to features switchs.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.