Profile API deployen

Die Profile API ist ein Node.js/Express + TypeScript Microservice in /home/revolt/dreylo-profile-api/.

Deploy-Befehl

cd /home/revolt && docker compose up -d --build dreylo-profile-api

Struktur

dreylo-profile-api/
├── src/
│   ├── index.ts              # Express-Server, MongoDB-Verbindung
│   ├── models/
│   │   ├── Profile.ts        # Avatar-Ring, Banner-Farben Schema
│   │   └── ServerFolder.ts   # Server-Folder Schema
│   └── routes/
│       ├── profile.ts        # GET /api/profile/:id, PATCH /api/profile/me
│       └── folders.ts        # GET /api/folders/:id, PUT /api/folders/me
├── Dockerfile
├── package.json
├── tsconfig.json
└── .env                      # Lokal (wird nicht genutzt, da compose.yml ENV setzt)

Endpoints

Profile

GET  /api/profile/:userId    → Öffentlich, gibt Profil zurück
PATCH /api/profile/me        → Authentifiziert, speichert Profil
Body (PATCH):
{
  "ring_type": "none" | "solid" | "gradient" | "animated",
  "ring_color": "#hex",
  "ring_gradient": ["#hex1", "#hex2"],
  "banner_color": "#hex",
  "banner_gradient": ["#hex1", "#hex2"]
}

Folders

GET  /api/folders/:userId    → Öffentlich
PUT  /api/folders/me         → Authentifiziert
Body (PUT):
{
  "folders": [
    {
      "id": "folder:abc123",
      "name": "Gaming",
      "color": "#5865F2",
      "server_ids": ["SERVER_ID_1", "SERVER_ID_2"]
    }
  ],
  "server_order": ["SERVER_ID_A", "folder:abc123", "SERVER_ID_B"]
}

Health

GET /health → { "status": "ok" }

Authentifizierung

Der Service validiert jeden Request gegen die Stoat API:

// Middleware-Ablauf:
// 1. Token aus Header lesen (X-Session-Token oder Authorization: Bearer)
const token = req.headers["x-session-token"] || req.headers.authorization?.replace("Bearer ", "");
// 2. Token gegen Stoat validieren
const res = await fetch(${STOAT_API_URL}/users/@me, {
  headers: { "x-session-token": token }
});
// 3. User-ID aus Response extrahieren
const user = await res.json();
req.userId = user._id;

ENV-Variablen (in compose.yml setzen!)

environment:
  PORT: 3010
  MONGO_URL: mongodb://database:27017/dreylo-profiles
  STOAT_API_URL: http://api:14702

API testen (curl)

# Token aus MongoDB holen (Testtoken)
TOKEN=$(docker exec stoat-database-1 mongosh revolt --quiet --eval "db.sessions.findOne().token")
Profile abrufen
curl https://chat.dreylo.com/profile-api/api/profile/USER_ID
Profile speichern
curl -X PATCH https://chat.dreylo.com/profile-api/api/profile/me \
  -H "Content-Type: application/json" \
  -H "X-Session-Token: $TOKEN" \
  -d ""{"ring_type":"solid","ring_color":"#ff6b6b"}""
Health check
curl https://chat.dreylo.com/profile-api/health