backend changes

docker-compose.yml

@@ -555,6 +555,9 @@ services:
       - RABBITMQ_PORT=5672
       - RABBITMQ_USER=pipeline_admin
       - RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD}
+      # JWT Configuration (must match user-auth service)
+      - JWT_ACCESS_SECRET=access-secret-key-2024-tech4biz-${POSTGRES_PASSWORD}
+      - JWT_REFRESH_SECRET=refresh-secret-key-2024-tech4biz-${POSTGRES_PASSWORD}
       # Internal service URLs for proxying (Docker network names)
       - USER_AUTH_URL=http://user-auth:8011
       - TEMPLATE_MANAGER_URL=http://template-manager:8009

package-lock.json

@@ -0,0 +1,6 @@
+{
+  "name": "codenuk-backend-live",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {}
+}

services/api-gateway/package-lock.json

@@ -15,7 +15,7 @@
         "express-rate-limit": "^6.8.1",
         "express-validator": "^7.0.1",
         "helmet": "^7.0.0",
-        "http-proxy-middleware": "^3.0.5",
+        "http-proxy-middleware": "^2.0.6",
         "jsonwebtoken": "^9.0.1",
         "morgan": "^1.10.0",
         "pg": "^8.11.1",
@@ -2803,45 +2803,29 @@
       }
     },
     "node_modules/http-proxy-middleware": {
-      "version": "3.0.5",
+      "version": "2.0.9",
-      "resolved": "https://registry.npmjs.org/http-proxy-middleware/-/http-proxy-middleware-3.0.5.tgz",
+      "resolved": "https://registry.npmjs.org/http-proxy-middleware/-/http-proxy-middleware-2.0.9.tgz",
-      "integrity": "sha512-GLZZm1X38BPY4lkXA01jhwxvDoOkkXqjgVyUzVxiEK4iuRu03PZoYHhHRwxnfhQMDuaxi3vVri0YgSro/1oWqg==",
+      "integrity": "sha512-c1IyJYLYppU574+YI7R4QyX2ystMtVXZwIdzazUIPIJsHuWNd+mho2j+bKoHftndicGj9yh+xjd+l0yj7VeT1Q==",
       "license": "MIT",
       "dependencies": {
-        "@types/http-proxy": "^1.17.15",
+        "@types/http-proxy": "^1.17.8",
-        "debug": "^4.3.6",
         "http-proxy": "^1.18.1",
-        "is-glob": "^4.0.3",
+        "is-glob": "^4.0.1",
-        "is-plain-object": "^5.0.0",
+        "is-plain-obj": "^3.0.0",
-        "micromatch": "^4.0.8"
+        "micromatch": "^4.0.2"
       },
       "engines": {
-        "node": "^14.15.0 || ^16.10.0 || >=18.0.0"
+        "node": ">=12.0.0"
-      }
-    },
-    "node_modules/http-proxy-middleware/node_modules/debug": {
-      "version": "4.4.1",
-      "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz",
-      "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==",
-      "license": "MIT",
-      "dependencies": {
-        "ms": "^2.1.3"
       },
-      "engines": {
+      "peerDependencies": {
-        "node": ">=6.0"
+        "@types/express": "^4.17.13"
       },
       "peerDependenciesMeta": {
-        "supports-color": {
+        "@types/express": {
           "optional": true
         }
       }
     },
-    "node_modules/http-proxy-middleware/node_modules/ms": {
-      "version": "2.1.3",
-      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
-      "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
-      "license": "MIT"
-    },
     "node_modules/human-signals": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz",
@@ -3014,13 +2998,16 @@
         "node": ">=0.12.0"
       }
     },
-    "node_modules/is-plain-object": {
+    "node_modules/is-plain-obj": {
-      "version": "5.0.0",
+      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-5.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-3.0.0.tgz",
-      "integrity": "sha512-VRSzKkbMm5jMDoKLbltAkFQ5Qr7VDiTFGXxYFXXowVj387GeGNOCsOH6Msy00SGZ3Fp84b1Naa1psqgcCIEP5Q==",
+      "integrity": "sha512-gwsOE28k+23GP1B6vFl1oVh/WOzmawBrKwo5Ev6wMKzPkaXaCDIQKzLnvsA42DRlbVTWorkgTKIviAKCWkfUwA==",
       "license": "MIT",
       "engines": {
-        "node": ">=0.10.0"
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
       }
     },
     "node_modules/is-stream": {

services/api-gateway/src/middleware/authentication.js

@@ -4,9 +4,14 @@ const axios = require('axios');
 // JWT token verification middleware
 const verifyToken = async (req, res, next) => {
   try {
-    const token = req.headers.authorization?.split(' ')[1];
+    const authHeader = req.headers.authorization;
+    console.log('🔐 [API Gateway] Authorization header:', authHeader ? 'Present' : 'Missing');
+    
+    const token = authHeader?.split(' ')[1];
+    console.log('🔐 [API Gateway] Token extracted:', token ? `${token.substring(0, 20)}...` : 'None');
     
     if (!token) {
+      console.log('❌ [API Gateway] No token provided');
       return res.status(401).json({
         success: false,
         message: 'Access token required',
@@ -14,8 +19,14 @@ const verifyToken = async (req, res, next) => {
       });
     }
 
-    // Verify JWT token
+    // Verify JWT token using the same secret as the auth service
-    const decoded = jwt.verify(token, process.env.JWT_SECRET);
+    const jwtSecret = process.env.JWT_ACCESS_SECRET || process.env.JWT_SECRET || 'access-secret-key-2024-tech4biz';
+    console.log('🔐 [API Gateway] Verifying token with secret:', jwtSecret.substring(0, 20) + '...');
+    console.log('🔐 [API Gateway] Environment JWT_ACCESS_SECRET:', process.env.JWT_ACCESS_SECRET ? 'Set' : 'Not set');
+    console.log('🔐 [API Gateway] Environment JWT_SECRET:', process.env.JWT_SECRET ? 'Set' : 'Not set');
+    
+    const decoded = jwt.verify(token, jwtSecret);
+    console.log('✅ [API Gateway] Token verified successfully for user:', decoded.id || decoded.userId);
     req.user = decoded;
     
     // Add user context to headers for downstream services
@@ -25,9 +36,12 @@ const verifyToken = async (req, res, next) => {
     
     next();
   } catch (error) {
-    console.error('Token verification failed:', error.message);
+    console.error('❌ [API Gateway] Token verification failed:', error.message);
+    console.error('❌ [API Gateway] Error type:', error.name);
+    console.error('❌ [API Gateway] Error stack:', error.stack);
     
     if (error.name === 'TokenExpiredError') {
+      console.log('❌ [API Gateway] Token expired');
       return res.status(401).json({
         success: false,
         message: 'Token expired',
@@ -36,6 +50,7 @@ const verifyToken = async (req, res, next) => {
     }
     
     if (error.name === 'JsonWebTokenError') {
+      console.log('❌ [API Gateway] Invalid token format or signature');
       return res.status(401).json({
         success: false,
         message: 'Invalid token',
@@ -43,6 +58,7 @@ const verifyToken = async (req, res, next) => {
       });
     }
     
+    console.log('❌ [API Gateway] General authentication error');
     return res.status(401).json({
       success: false,
       message: 'Authentication failed',

services/api-gateway/src/middleware/requestLogger.js

@@ -10,8 +10,6 @@ const logger = winston.createLogger({
   ),
   defaultMeta: { service: 'api-gateway' },
   transports: [
-    new winston.transports.File({ filename: 'logs/error.log', level: 'error' }),
-    new winston.transports.File({ filename: 'logs/combined.log' }),
     new winston.transports.Console({
       format: winston.format.combine(
         winston.format.colorize(),