Profile API deployen

Die Profile API ist ein Node.js/Express + TypeScript Microservice in /home/revolt/dreylo-profile-api/.

Deploy-Befehl

cd /home/revolt && docker compose up -d --build dreylo-profile-api

Struktur

dreylo-profile-api/
├── src/
│   ├── index.ts              # Express-Server, MongoDB-Verbindung
│   ├── models/
│   │   ├── Profile.ts        # Avatar-Ring, Banner-Farben Schema
│   │   └── ServerFolder.ts   # Server-Folder Schema
│   └── routes/
│       ├── profile.ts        # GET /api/profile/:id, PATCH /api/profile/me
│       └── folders.ts        # GET /api/folders/:id, PUT /api/folders/me
├── Dockerfile
├── package.json
├── tsconfig.json
└── .env                      # Lokal (wird nicht genutzt, da compose.yml ENV setzt)

Endpoints

Profile

GET  /api/profile/:userId    → Öffentlich, gibt Profil zurück
PATCH /api/profile/me        → Authentifiziert, speichert Profil

Body (PATCH):
{
"ring_type": "none" | "solid" | "gradient" | "animated",
"ring_color": "#hex",
"ring_gradient": ["#hex1", "#hex2"],
"banner_color": "#hex",
"banner_gradient": ["#hex1", "#hex2"]
}

Folders

GET  /api/folders/:userId    → Öffentlich
PUT  /api/folders/me         → Authentifiziert

Body (PUT):
{
"folders": [
{
"id": "folder:abc123",
"name": "Gaming",
"color": "#5865F2",
"server_ids": ["SERVER_ID_1", "SERVER_ID_2"]
}
],
"server_order": ["SERVER_ID_A", "folder:abc123", "SERVER_ID_B"]
}

Health

GET /health → { "status": "ok" }

Authentifizierung

Der Service validiert jeden Request gegen die Stoat API:

// Middleware-Ablauf:
// 1. Token aus Header lesen (X-Session-Token oder Authorization: Bearer)
const token = req.headers["x-session-token"] || req.headers.authorization?.replace("Bearer ", "");

// 2. Token gegen Stoat validieren
const res = await fetch(${STOAT_API_URL}/users/@me, {
headers: { "x-session-token": token }
});

// 3. User-ID aus Response extrahieren
const user = await res.json();
req.userId = user._id;

ENV-Variablen (in compose.yml setzen!)

environment:
  PORT: 3010
  MONGO_URL: mongodb://database:27017/dreylo-profiles
  STOAT_API_URL: http://api:14702

API testen (curl)

# Token aus MongoDB holen (Testtoken)
TOKEN=$(docker exec stoat-database-1 mongosh revolt --quiet --eval "db.sessions.findOne().token")

Profile abrufen

curl https://chat.dreylo.com/profile-api/api/profile/USER_ID

Profile speichern

curl -X PATCH https://chat.dreylo.com/profile-api/api/profile/me \ -H "Content-Type: application/json" \ -H "X-Session-Token: $TOKEN" \ -d ""{"ring_type":"solid","ring_color":"#ff6b6b"}""

Health check

curl https://chat.dreylo.com/profile-api/health