6dcae6956c
L'éditeur du blog (jusqu'ici limité au seeder) a maintenant une vraie
interface au-dessus de l'API.
Backend (apps/api) :
* Migration users.is_admin (boolean default false).
* Middleware admin (404 si user.is_admin=false après auth).
* Commande ace promote:admin --email=… [--revoke].
* AdminPostsController CRUD complet : list/show/store/update/publish/
unpublish/destroy + suggest-slug. Au save, contentHtml + wordCount +
readingTime sont re-calculés via blog_renderer. Au publish, durcit la
validation SEO (titre ≤60, excerpt 120-160, hero+alt requis, ≥600 mots),
flippe status='published' + publishedAt, ping Google+Bing pour le sitemap.
* BlogUploadsController :
- POST /api/v1/admin/uploads (multipart, JPEG/PNG/WebP, max 4MB)
→ MinIO clé uploads/blog/{uuid}.{ext}
→ renvoie URL relative /api/v1/uploads/blog/{filename}
- GET /api/v1/uploads/blog/:filename (public, cache immutable 1 an)
→ stream depuis MinIO, regex anti-traversal sur le nom.
* UserTransformer expose isAdmin (cf. shared/types/user).
* k3s/app/landing.yml : NodePort 30111 explicite (pour Traefik repo proxmox).
Frontend (apps/web) :
* Lib typée admin-blog (calls API, queryKeys, helpers URL).
* Route /admin/blog : liste filtrable avec status badge, ouverture
publique, dépublier, supprimer, "+ Nouveau brouillon".
* Route /admin/blog/:id : éditeur 2-colonnes
- Gauche : @uiw/react-md-editor (lazy import) avec preview live.
- Droite : hero image (drag&drop + alt), excerpt avec compteur
120-160, tags, aperçu Google snippet, validations bloquantes.
- Autosave debounce 2s + bouton Publier qui sauve d'abord.
- Hero image upload via MinIO (HeroImageUpload component).
* Sidebar : lien "Blog (admin)" si user.isAdmin.
* Gate côté client (beforeLoad redirect si non admin) + côté serveur
(middleware admin) — defense in depth.
Note : les requirements de publish miroir backend ↔ frontend (cf.
PUBLISH_REQUIREMENTS dans validators/post.ts et VALIDATION_RULES dans
admin.blog_.\$id.tsx). À synchroniser si un seuil bouge.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
53 lines
1.6 KiB
TypeScript
53 lines
1.6 KiB
TypeScript
/*
|
|
|--------------------------------------------------------------------------
|
|
| HTTP kernel file
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The HTTP kernel file is used to register the middleware with the server
|
|
| or the router.
|
|
|
|
|
*/
|
|
|
|
import router from '@adonisjs/core/services/router'
|
|
import server from '@adonisjs/core/services/server'
|
|
|
|
/**
|
|
* The error handler is used to convert an exception
|
|
* to a HTTP response.
|
|
*/
|
|
server.errorHandler(() => import('#exceptions/handler'))
|
|
|
|
/**
|
|
* The server middleware stack runs middleware on all the HTTP
|
|
* requests, even if there is no route registered for
|
|
* the request URL.
|
|
*/
|
|
server.use([
|
|
() => import('#middleware/force_json_response_middleware'),
|
|
() => import('#middleware/container_bindings_middleware'),
|
|
() => import('@adonisjs/cors/cors_middleware'),
|
|
() => import('@adonisjs/static/static_middleware')
|
|
])
|
|
|
|
/**
|
|
* The router middleware stack runs middleware on all the HTTP
|
|
* requests with a registered route.
|
|
*/
|
|
router.use([
|
|
() => import('@adonisjs/core/bodyparser_middleware'),
|
|
() => import('@adonisjs/session/session_middleware'),
|
|
() => import('@adonisjs/shield/shield_middleware'),
|
|
() => import('@adonisjs/auth/initialize_auth_middleware'),
|
|
() => import('#middleware/silent_auth_middleware'),
|
|
() => import('#middleware/initialize_bouncer_middleware')
|
|
])
|
|
|
|
/**
|
|
* Named middleware collection must be explicitly assigned to
|
|
* the routes or the routes group.
|
|
*/
|
|
export const middleware = router.named({
|
|
auth: () => import('#middleware/auth_middleware'),
|
|
admin: () => import('#middleware/admin_middleware'),
|
|
})
|