senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/veza-backend-api/internal/handlers
History
senke b8eed72f96 feat(webrtc): coturn ICE config endpoint + frontend wiring + ops template (v1.0.9 item 1.2) 
Closes FUNCTIONAL_AUDIT.md §4 #1: WebRTC 1:1 calls had working
signaling but no NAT traversal, so calls between two peers behind
symmetric NAT (corporate firewalls, mobile carrier CGNAT, Incus
container default networking) failed silently after the SDP exchange.

Backend:
  - GET /api/v1/config/webrtc (public) returns {iceServers: [...]}
    built from WEBRTC_STUN_URLS / WEBRTC_TURN_URLS / *_USERNAME /
    *_CREDENTIAL env vars. Half-config (URLs without creds, or vice
    versa) deliberately omits the TURN block — a half-configured TURN
    surfaces auth errors at call time instead of falling back cleanly
    to STUN-only.
  - 4 handler tests cover the matrix.

Frontend:
  - services/api/webrtcConfig.ts caches the config for the page
    lifetime and falls back to the historical hardcoded Google STUN
    if the fetch fails.
  - useWebRTC fetches at mount, hands iceServers synchronously to
    every RTCPeerConnection, exposes a {hasTurn, loaded} hint.
  - CallButton tooltip warns up-front when TURN isn't configured
    instead of letting calls time out silently.

Ops:
  - infra/coturn/turnserver.conf — annotated template with the SSRF-
    safe denied-peer-ip ranges, prometheus exporter, TLS for TURNS,
    static lt-cred-mech (REST-secret rotation deferred to v1.1).
  - infra/coturn/README.md — Incus deploy walkthrough, smoke test
    via turnutils_uclient, capacity rules of thumb.
  - docs/ENV_VARIABLES.md gains a 13bis. WebRTC ICE servers section.

Coturn deployment itself is a separate ops action — this commit lands
the plumbing so the deploy can light up the path with zero code
changes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-26 23:38:42 +02:00
..
account_deletion_handler.go fix(v0.12.6): apply all pentest remediations — 36 findings across 36 files 2026-03-14 00:44:46 +01:00
admin_transfer_handler.go feat(marketplace): async stripe connect reversal worker — v1.0.7 item B day 2 2026-04-17 15:34:29 +02:00
admin_transfer_handler_test.go feat(marketplace): async stripe connect reversal worker — v1.0.7 item B day 2 2026-04-17 15:34:29 +02:00
announcement_handler.go feat: backend — config, handlers, services, logging, migration 2026-03-23 15:46:57 +01:00
announcement_handler_test.go test(v0.803): unit tests for CCPA, reports, announcements, feature flags 2026-02-25 20:02:24 +01:00
api_flow_test.go stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
api_key_handler.go feat(developer): add API keys backend (Lot C) 2026-02-20 00:18:36 +01:00
audit.go api-contracts: update backend handlers to use wrapped format 2026-01-15 17:32:02 +01:00
audit_test.go stabilisation commit A 2026-01-07 19:39:21 +01:00
auth.go feat(auth): defer JWT to post-verify + verify-email header (v1.0.9 items 1.3+1.4) 2026-04-26 22:56:31 +02:00
auth_fuzz_test.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
auth_handler_test.go feat(auth): defer JWT to post-verify + verify-email header (v1.0.9 items 1.3+1.4) 2026-04-26 22:56:31 +02:00
auth_integration_test.go ci: bump Go to 1.25 and fix goimports drift in 3 files 2026-04-14 17:02:09 +02:00
avatar_handler.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
avatar_handler_test.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
bitrate_handler.go api-contracts: update backend handlers to use wrapped format 2026-01-15 17:32:02 +01:00
bitrate_handler_test.go fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
chat_attachment_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
chat_handler.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
chat_handler_test.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
chat_reaction_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
chat_search_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
chat_websocket_handler.go fix(v0.12.6): apply all pentest remediations — 36 findings across 36 files 2026-03-14 00:44:46 +01:00
cloud_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
co_listening_handler.go feat(v0.10.7): Collaboration Temps Réel F481-F483 2026-03-10 13:34:16 +01:00
co_listening_websocket_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
comment_handler.go fix(v0.12.6.1): remediate remaining 15 MEDIUM + LOW pentest findings 2026-03-12 06:13:38 +01:00
comment_handler_test.go chore: consolidate CI, E2E, backend and frontend updates 2026-02-17 16:43:21 +01:00
common.go refactor(backend): J3 — remove 3 deprecated unused handlers 2026-04-14 18:11:07 +02:00
config_reload.go v0.9.4 2026-03-05 23:03:43 +01:00
config_reload_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
csrf.go state-ownership: delete unused optimisticStoreUpdates.ts file 2026-01-15 19:26:53 +01:00
csrf_test.go chore(v0.102): consolidate remaining changes — docs, frontend, backend 2026-02-20 13:02:12 +01:00
dashboard.go release(v0.903): Vault - ORDER BY whitelist, rate limiter, VERSION sync, chat-server cleanup, Go 1.24 2026-02-27 09:43:25 +01:00
dashboard_test.go chore(release): v0.922 — Greenlight (handler tests: dashboard, presence) 2026-03-02 12:30:51 +01:00
distribution_handler.go fix(distribution,audit): propagate ErrSubscriptionNoPayment to handler + P0.12 closure date + E2E regression TODO 2026-04-17 12:43:21 +02:00
distribution_handler_test.go feat(v0.12.2): F501-F510 distribution service, handler, and routes 2026-03-10 19:54:26 +01:00
education_handler.go feat(backend,web): single source of truth for upload-size limits 2026-04-16 19:37:37 +02:00
education_handler_test.go feat(v0.12.3): F276-F305 video upload, HLS transcoding, education tests 2026-03-11 19:20:48 +01:00
error_contract_test.go fix: stabilize builds, tests, and lint across all stacks 2026-04-05 16:48:07 +02:00
error_response.go v0.9.8 2026-03-06 19:13:16 +01:00
feature_flag_handler.go feat: backend — config, handlers, services, logging, migration 2026-03-23 15:46:57 +01:00
feature_flag_handler_test.go test(v0.803): unit tests for CCPA, reports, announcements, feature flags 2026-02-25 20:02:24 +01:00
frontend_log_handler.go api-contracts: update backend handlers to use wrapped format 2026-01-15 17:32:02 +01:00
frontend_log_handler_test.go stabilisation commit A 2026-01-07 19:39:21 +01:00
gdpr_export_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
gear_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
health.go feat(v0.701): AdminTransfers page/route, MSW, stories, Deep Health, API ref, docs, scope v0.702 2026-02-23 23:42:02 +01:00
health_deep_test.go feat(v0.701): AdminTransfers page/route, MSW, stories, Deep Health, API ref, docs, scope v0.702 2026-02-23 23:42:02 +01:00
health_p1_test.go refonte: backend-api go first; phase 1 2025-12-12 21:34:34 -05:00
health_test.go fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
hls_handler.go [T0-006] test(backend): Ajout tests pour hls_handler 2026-01-04 01:44:22 +01:00
hls_handler_test.go chore(v0.102): consolidate remaining changes — docs, frontend, backend 2026-02-20 13:02:12 +01:00
kyc_handler.go feat(v0.13.5): polish marketplace & compliance — KYC, support, payout E2E 2026-03-13 14:57:19 +01:00
live_health_handler.go feat(backend,web): surface RTMP ingest health on the Go Live page 2026-04-16 23:52:36 +02:00
live_health_handler_test.go feat(backend,web): surface RTMP ingest health on the Go Live page 2026-04-16 23:52:36 +02:00
live_stream_callback.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
live_stream_handler.go feat(v0.10.6): Livestreaming basique F471-F476 2026-03-10 10:21:57 +01:00
login_history_handler.go feat(v0.13.3): complete - Polish Sécurité Avancée 2026-03-13 10:09:01 +01:00
marketplace.go feat(backend,marketplace): refund reverse-charge with idempotent webhook 2026-04-17 02:02:57 +02:00
marketplace_handler.go v0.9.8 2026-03-06 19:13:16 +01:00
marketplace_test.go fix: stabilize builds, tests, and lint across all stacks 2026-04-05 16:48:07 +02:00
metrics.go adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
metrics_aggregated.go stabilisation commit A 2026-01-07 19:39:21 +01:00
metrics_aggregated_test.go stabilisation commit A 2026-01-07 19:39:21 +01:00
metrics_test.go fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
metrics_test.go.disabled fix(backend-tests): enable room_handler_test and resolve metric collisions 2025-12-06 12:53:15 +01:00
notification_handlers.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
notification_handlers_test.go feat(v0.10.5): Notifications complètes — F551-F555 2026-03-10 10:02:21 +01:00
oauth_handlers.go v0.9.4 2026-03-05 23:03:43 +01:00
oauth_handlers_test.go release(v0.902): Sentinel - PKCE OAuth, token encryption, redirect validation, CHAT_JWT_SECRET 2026-02-26 19:49:15 +01:00
password_reset_handler.go feat(openapi): annotate queue + password-reset handlers + regen 2026-04-26 00:55:26 +02:00
password_reset_handler_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
payout_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
payout_handler_test.go feat(v0.12.0): F252-F254 marketplace service enhancements 2026-03-10 18:52:06 +01:00
playback_analytics_handler.go chore(v0.102): consolidate remaining changes — docs, frontend, backend 2026-02-20 13:02:12 +01:00
playback_analytics_handler_test.go chore(v0.102): consolidate remaining changes — docs, frontend, backend 2026-02-20 13:02:12 +01:00
playback_websocket_handler.go refactor(backend): J3 — remove 3 deprecated unused handlers 2026-04-14 18:11:07 +02:00
playback_websocket_handler_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
playlist_collaboration_integration_test.go [BE-TEST-010] test: Add integration tests for playlist collaboration 2025-12-25 01:39:43 +01:00
playlist_error_helper.go adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
playlist_error_helper_test.go STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
playlist_export_handler.go stabilisation commit: while implementing v0.10.5 2026-03-09 19:36:33 +01:00
playlist_export_handler_test.go [T0-006] test(backend): Ajout tests pour frontend_log_handler 2026-01-04 01:44:22 +01:00
playlist_handler.go feat(openapi): annotate playlist handler gap — 12 endpoints (v1.0.8 B-annot) 2026-04-24 01:04:15 +02:00
playlist_handler_integration_test.go stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
playlist_handler_test.go feat(v0.10.4): Playlists collaboratives - F136, F140, F141, F143, F145 2026-03-09 16:49:05 +01:00
playlist_track_handler_integration_test.go stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
presence_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
presence_handler_test.go chore(release): v0.922 — Greenlight (handler tests: dashboard, presence) 2026-03-02 12:30:51 +01:00
privacy_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
profile_handler.go feat(openapi): annotate profile_handler users endpoints (v1.0.8 B-annot) 2026-04-24 01:09:05 +02:00
profile_handler_integration_test.go [BE-API-002] api: Implement playlist collaborators endpoints 2025-12-23 01:41:43 +01:00
profile_handler_test.go [BE-TEST-007] test: Add unit tests for webhook handlers 2025-12-25 01:32:54 +01:00
profile_handler_test.go.disabled fix(backend-tests): enable room_handler_test and resolve metric collisions 2025-12-06 12:53:15 +01:00
queue_handler.go feat(openapi): annotate queue + password-reset handlers + regen 2026-04-26 00:55:26 +02:00
queue_session_handler.go feat(openapi): annotate queue + password-reset handlers + regen 2026-04-26 00:55:26 +02:00
report_handler.go fix(v0.12.6.1): remediate remaining 15 MEDIUM + LOW pentest findings 2026-03-12 06:13:38 +01:00
report_handler_test.go test(v0.803): unit tests for CCPA, reports, announcements, feature flags 2026-02-25 20:02:24 +01:00
response.go STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
role_handler.go [T0-006] test(backend): Ajout tests pour role_handler 2026-01-04 01:44:22 +01:00
role_handler_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
room_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
room_handler_test.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
search_handlers.go chore(api): orval-migrate search/social wrappers + drop dead auth duplicates (v1.0.9 item 1.6) 2026-04-26 23:25:07 +02:00
search_handlers_test.go feat(search): add autocomplete suggestions endpoint and UI (G3) 2026-02-20 16:54:17 +01:00
sell_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
session.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
session_test.go feat(auth): enrich sessions page with history and revoke (A4) 2026-02-20 14:52:20 +01:00
settings_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
settings_handler_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
social.go chore(api): orval-migrate search/social wrappers + drop dead auth duplicates (v1.0.9 item 1.6) 2026-04-26 23:25:07 +02:00
social_group_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
social_test.go chore(release): v0.931 — Cursor (cursor-based pagination, performance baseline) 2026-03-02 12:35:49 +01:00
status_handler.go STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
status_handler_test.go fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
stream_events_handler.go v0.9.8 2026-03-06 19:13:16 +01:00
subscription_handler.go feat(subscription): pending_payment state machine + mandatory provider (v1.0.9 item G — Phase 1) 2026-04-26 10:02:00 +02:00
subscription_handler_test.go feat(v0.12.1): subscription plans service, handler, and routes 2026-03-10 19:36:57 +01:00
support_handler.go feat(v0.13.5): polish marketplace & compliance — KYC, support, payout E2E 2026-03-13 14:57:19 +01:00
support_handler_test.go feat(v0.13.5): polish marketplace & compliance — KYC, support, payout E2E 2026-03-13 14:57:19 +01:00
system_metrics.go state-ownership: delete unused optimisticStoreUpdates.ts file 2026-01-15 19:26:53 +01:00
system_metrics_test.go state-ownership: delete unused optimisticStoreUpdates.ts file 2026-01-15 19:26:53 +01:00
system_metrics_test.go.disabled fix(backend-tests): enable room_handler_test and resolve metric collisions 2025-12-06 12:53:15 +01:00
tag_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
tag_handler_test.go feat(v0.802): frontend Cloud/Gear, MSW, docs, scope v0.803, archive 2026-02-25 14:00:58 +01:00
track_stem_handler.go feat(v0.10.7): Collaboration Temps Réel F481-F483 2026-03-10 13:34:16 +01:00
two_factor_handler.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
two_factor_handler_test.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
upgrade_creator_handler.go feat(backend,web): self-service creator role upgrade via /settings 2026-04-16 18:35:07 +02:00
upgrade_creator_handler_test.go feat(backend,web): self-service creator role upgrade via /settings 2026-04-16 18:35:07 +02:00
upload.go feat(backend,web): single source of truth for upload-size limits 2026-04-16 19:37:37 +02:00
upload_test.go fix(security): add ownership check to GetUploadStatus handler (IDOR fix) 2026-02-22 17:30:30 +01:00
validate.go security: create useFormValidation hook for pre-validation 2026-01-15 20:06:30 +01:00
validation_test.go refonte: backend-api go first; phase 1 2025-12-12 21:34:34 -05:00
webauthn_handler.go feat(v0.13.3): complete - Polish Sécurité Avancée 2026-03-13 10:09:01 +01:00
webhook_handlers.go chore(docs): add v0.101 diagnostic baseline 2026-02-19 16:08:05 +01:00
webhook_handlers_test.go [BE-TEST-007] test: Add unit tests for webhook handlers 2025-12-25 01:32:54 +01:00
webrtc_config_handler.go feat(webrtc): coturn ICE config endpoint + frontend wiring + ops template (v1.0.9 item 1.2) 2026-04-26 23:38:42 +02:00
webrtc_config_handler_test.go feat(webrtc): coturn ICE config endpoint + frontend wiring + ops template (v1.0.9 item 1.2) 2026-04-26 23:38:42 +02:00