Merge pull request 'merge from dev' (#1) from dev into main

Reviewed-on: #1

api/src/main/java/fr/gameovergne/api/config/SecurityConfig.java

@@ -61,25 +61,16 @@ public class SecurityConfig {
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration config = new CorsConfiguration();
-
+        config.setAllowedOriginPatterns(Arrays.asList(
-        // IMPORTANT : origins explicites, sans path
-        config.setAllowedOrigins(Arrays.asList(
             "http://localhost:4200", 
             "http://127.0.0.1:4200", 
             "https://dev.vincent-guillet.fr",
             "https://projets.vincent-guillet.fr"
             ));
-
-        config.setAllowCredentials(true);
-
-        // Autoriser tous les headers côté requête (plus robuste)
-        config.setAllowedHeaders(Arrays.asList("*"));
-
-        // Autoriser les méthodes classiques
         config.setAllowedMethods(Arrays.asList("GET","POST","PUT","DELETE","OPTIONS"));
-
+        config.setAllowedHeaders(Arrays.asList("Authorization","Content-Type","Accept"));
-        // Headers que le client *voit* dans la réponse
+        config.setExposedHeaders(Arrays.asList("Authorization"));
-        config.setExposedHeaders(Arrays.asList("Authorization", "Content-Type"));
+        config.setAllowCredentials(true);
 
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
         source.registerCorsConfiguration("/**", config);

api/src/main/java/fr/gameovergne/api/controller/auth/AuthController.java

@@ -17,6 +17,12 @@ import java.util.Arrays;
 
 @RestController
 @RequestMapping("/api/auth")
+@CrossOrigin(
+        origins = "https://dev.vincent-guillet.fr",
+        allowCredentials = "true",
+        allowedHeaders = "*",
+        methods = {RequestMethod.GET, RequestMethod.POST, RequestMethod.OPTIONS}
+)
 public class AuthController {
 
     private final AuthService authService;

jenkinsfile

@@ -48,6 +48,7 @@ pipeline {
                 }
 
                 // ----- Push vers registry -----
+                // Si tu as des credentials, tu peux les utiliser ici via withCredentials
                 sh """
                     echo "=== Push images vers ${REGISTRY} ==="
                     docker push ${API_IMAGE}
@@ -77,11 +78,8 @@ pipeline {
                         echo "=== [DEV] docker compose down ==="
                         docker compose -f docker-compose.dev.yml down -v || true
 
-                        echo "=== [DEV] docker compose pull ==="
+                        echo "=== [DEV] docker compose up ==="
-                        docker compose -f docker-compose.dev.yml pull
+                        docker compose -f docker-compose.dev.yml up -d mysql spring angular
-
-                        echo "=== [DEV] docker compose up (force recreate) ==="
-                        docker compose -f docker-compose.dev.yml up -d --force-recreate mysql spring angular
                     """
                 }
             }
@@ -106,13 +104,10 @@ pipeline {
                         docker rm -f gameovergne-api-prod gameovergne-client-prod 2>/dev/null || true
 
                         echo "=== [PROD] docker compose down ==="
-                        docker compose -f docker-compose.prod.yml down || true
+                        docker compose -f docker-compose.prod.yml down -v || true
 
-                        echo "=== [PROD] docker compose pull ==="
+                        echo "=== [PROD] docker compose up ==="
-                        docker compose -f docker-compose.prod.yml pull
+                        docker compose -f docker-compose.prod.yml up -d mysql spring angular
-
-                        echo "=== [PROD] docker compose up (force recreate) ==="
-                        docker compose -f docker-compose.prod.yml up -d --force-recreate mysql spring angular
                     """
                 }
             }