--

.gitea/workflows/deployProd.yml

@@ -0,0 +1,23 @@
+name: Deploy
+run-name: ${{ gitea.actor }} build image and push to container registry
+
+on: 
+  push:
+    branches:
+      - 'main'
+
+jobs:
+  CreateImage:
+    runs-on: [hubstaging]
+    uses: http://gitea.pena/PenaDevops/actions.git/.gitea/workflows/build-image.yml@v1.1.6-p
+    with:
+      runner: hubstaging
+    secrets:
+      REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
+      REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
+  DeployService:
+    runs-on: [hubprod]
+    needs: CreateImage
+    uses: http://gitea.pena/PenaDevops/actions.git/.gitea/workflows/deploy.yml@v1.1.4-p7
+    with:
+      runner: hubprod

.gitea/workflows/deployStaging.yml

@@ -4,7 +4,6 @@ run-name: ${{ gitea.actor }} build image and push to container registry
 on: 
   push:
     branches:
-      - 'main'
       - 'staging'
 
 jobs:

deployments/main/docker-compose.yaml

@@ -1,44 +1,36 @@
-version: '3.3'
-
 services:
   codeword:
-    hostname: codeword
-    container_name: codeword
-    image: $CI_REGISTRY_IMAGE/main:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID
+    image: gitea.pena/penaside/codeword/main:$GITHUB_RUN_NUMBER
     tty: true
     environment:
       APP_NAME: 'codeword'
-      HTTP_HOST: '0.0.0.0'
-      HTTP_PORT: '3000'
-      MONGO_HOST: '10.8.0.8'
-      MONGO_PORT: '27017'
-      MONGO_USER: 'auth-service-user-prod'
-      MONGO_PASSWORD: 'LFYFpTvqtxSzXDJV'
-      MONGO_DB: 'auth'
-      MONGO_AUTH: 'auth'
-      PUBLIC_CURVE_KEY: "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAEbnIvjIMle4rqVol6K2XUqOxHy1KJoNoZdKJrRUPKL4=\n-----END PUBLIC KEY-----"
-      PRIVATE_CURVE_KEY: "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEIKn0BKwF3vZvODgWAnUIwQhd8de5oZhY48gc23EWfrfs\n-----END PRIVATE KEY-----"
-      SIGN_SECRET: 'pena-auth-microservice-group'
-      REDIS_ADDR: '10.8.0.9:6379'
-      REDIS_PASS: 'Redalert2'
+      CLIENT_HTTP_URL: '0.0.0.0:3000'
+      ADMIN_HTTP_URL: '0.0.0.0:3001'
+      GRPC_URL: '0.0.0.0:9000'
+      MONGO_URL: mongodb://auth-service-user-prod:LFYFpTvqtxSzXDJV@10.8.0.226:27017/?authSource=auth
+      MONGO_DB_NAME: auth
+      ENCRYPT_PUBLIC_KEY: "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAEbnIvjIMle4rqVol6K2XUqOxHy1KJoNoZdKJrRUPKL4=\n-----END PUBLIC KEY-----"
+      ENCRYPT_PRIVATE_KEY: "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEIKn0BKwF3vZvODgWAnUIwQhd8de5oZhY48gc23EWfrfs\n-----END PRIVATE KEY-----"
+      ENCRYPT_SIGN_SECRET: 'pena-auth-microservice-group'
+      REDIS_HOST: '10.8.0.226:6379'
+      REDIS_PASSWORD: 'Redalert2'
       REDIS_DB: 3
-      SMTP_API_URL: 'https://api.smtp.bz/v1/smtp/send'
-      SMTP_HOST: 'connect.smtp.bz'
-      SMTP_PORT: '587'
-      SMTP_UNAME: 'team@pena.digital'
-      SMTP_PASS: 'AyMfwqA9LkQH'
-      SMTP_API_KEY: '8tv2xcsfCMBX3TCQxzgeeEwAEYyQrPUp0ggw'
-      SMTP_SENDER: 'recovery@noreply.pena.digital'
+      API_URL: 'https://api.smtp.bz/v1/smtp/send'
+      MAIL_API_KEY: '8tv2xcsfCMBX3TCQxzgeeEwAEYyQrPUp0ggw'
+      MAIL_SENDER: 'recovery@noreply.pena.digital'
       DEFAULT_REDIRECTION_URL: 'https://hub.pena.digital/'
-      AUTH_EXCHANGE_URL: 'http://10.8.0.8:59300/auth/exchange'
-      RECOVER_URL: 'https://hub.pena.digital/codeword/recover/'
+      AUTH_EXCHANGE_URL: 'http://10.8.0.226:59300/auth/exchange'
+      MAIL_RECOVERY_URL: 'https://hub.pena.digital/codeword/v1.0.0/recover/'
       JWT_AUDIENCE: 'pena'
       JWT_ISSUER: 'pena-auth-service'
-      JWT_PUBLIC_KEY: $JWT_PUBLIC_KEY 
-      DISCOUNT_ADDRESS: "10.8.0.8:9001"
-      KAFKA_BROKERS: "10.8.0.8:9092"
+      JWT_PUBLIC_KEY: "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCLW1tlHyKC9AG0hGpmkksET2DE\nr7ojSPemxFWAgFgcPJWQ7x3uNbsdJ3bIZFoA/FClaWKMCZmjnH9tv0bKZtY/CDhM\nZEyHpMruRSn6IKrxjtQZWy4uv/w6MzUeyBYG0OvNCiYpdvz5SkAGAUHD5ZNFqn2w\nKKFD0I2Dr59BFVSGJwIDAQAB\n-----END PUBLIC KEY-----"
+      DISCOUNT_MICROSERVICE_GRPC_URL: "10.8.0.226:9001"
+      KAFKA_BROKERS: "10.8.0.226:9092"
       KAFKA_TOPIC_TARIFF: "tariffs"
+      GRPC_HOST: "0.0.0.0"
+      TRASH_LOG_HOST: "10.8.0.200:7123"
+      AUTH_MICROSERVICE_URL: http://10.8.0.226:59300
     ports:
-      - 10.8.0.8:59664:3000
-    networks:
-      - default
+      - 10.8.0.226:19100:3000
+      - 10.8.0.226:29100:3001
+      - 10.8.0.226:39100:9000

deployments/staging/docker-compose.yaml

@@ -1,5 +1,3 @@
-version: '3.3'
-
 services:
   codewordv1.0.0:
     image: gitea.pena:3000/penaside/codeword/staging:$GITHUB_RUN_NUMBER

internal/adapters/client/mail.go

@@ -41,7 +41,7 @@ func (r *RecoveryEmailSender) SendRecoveryEmail(email string, signature string)
 
 	message := fmt.Sprintf(`Здравствуйте, ваша <a href="%s">ссылка для восстановление пароля</a>(доступна всего 15 минут)
 
-Если это были не вы, напишите пожалуйста в техническую поддержку.`, r.recoveryUrl+signature)
+Если это были не вы, напишите пожалуйста в техническую поддержку.`, signature)
 
 	form := new(bytes.Buffer)
 	writer := multipart.NewWriter(form)

internal/controller/client/client_promocode/promocode_controller.go

@@ -60,7 +60,7 @@ func (p *PromoCodeController) Activate(c *fiber.Ctx) error {
 		case errors.Is(err, repository.ErrPromoCodeExpired):
 			hlogger.Emit(models.InfoPromocodeDeadlined{
 
-				CtxID: promocode.ID.String(),
+				CtxID: req.Codeword,
 			})
 			return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": err.Error()})
 		case errors.Is(err, repository.ErrPromoCodeExhausted):

internal/controller/client/client_recovery/recovery_controller.go

@@ -10,6 +10,7 @@ import (
 	"go.uber.org/zap"
 	"gitea.pena/PenaSide/common/log_mw"
 	"time"
+  "strings"
 )
 
 type Deps struct {
@@ -47,7 +48,7 @@ func (r *RecoveryController) HandleRecoveryRequest(c *fiber.Ctx) error {
 		return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "email is required"})
 	}
 
-	referralURL := c.Get("Referrer")
+	referralURL := c.Get("Referer")
 
 	if req.RedirectionURL == "" && referralURL != "" {
 		req.RedirectionURL = referralURL
@@ -67,7 +68,7 @@ func (r *RecoveryController) HandleRecoveryRequest(c *fiber.Ctx) error {
 		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Internal Server Error"})
 	}
 
-	signUrl := req.RedirectionURL
+	signUrl := referralURL +"/codeword/v1.0.0/recover"
 	sign := base64.URLEncoding.EncodeToString(key)
 
 	id, err := r.service.StoreRecoveryRecord(c.Context(), models.StoreRecDeps{
@@ -83,7 +84,12 @@ func (r *RecoveryController) HandleRecoveryRequest(c *fiber.Ctx) error {
 
 	signWithID := sign + id // подпись с id записи
 
-	err = r.service.RecoveryEmailTask(c.Context(), models.RecEmailDeps{UserID: user.ID.Hex(), Email: req.Email, SignWithID: signWithID, ID: id})
+	err = r.service.RecoveryEmailTask(c.Context(), models.RecEmailDeps{
+    UserID: user.ID.Hex(), 
+    Email: req.Email, 
+    SignWithID: strings.Replace(signUrl, "/changepwd","",1) + "/"+signWithID, 
+    ID: id,
+  })
 	if err != nil {
 		r.logger.Error("Failed to send recovery email", zap.Error(err))
 
@@ -111,7 +117,7 @@ func (r *RecoveryController) HandleRecoveryLink(c *fiber.Ctx) error {
 	record, err := r.service.GetRecoveryRecord(c.Context(), sign)
 	if err != nil {
 		r.logger.Error("Recovery link expired", zap.String("signature", sign))
-		return c.Redirect("https://shub.pena.digital/recover/expired")
+		return c.Redirect("https://hub.pena.digital/recover/expired")
 	}
 
 	if time.Since(record.CreatedAt) > 15*time.Minute {
@@ -147,5 +153,5 @@ func (r *RecoveryController) HandleRecoveryLink(c *fiber.Ctx) error {
 		CtxUserID: record.UserID,
 	})
 
-	return c.Redirect(record.SignUrl + "?auth=" + tokens["accessToken"])
+  return c.Redirect("https://" + strings.Replace(record.SignUrl,"/codeword/v1.0.0/recover","/changepwd",1) + "?auth=" + tokens["accessToken"])
 }