iulian/streamflow
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit: StreamFlow IPTV platform

Browse source
This commit is contained in:
aiulian25 2025-12-17 00:42:43 +00:00
commit 73a8ae9ffd
1240 changed files with 278451 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

297
scripts/README.md Normal file
View file

@ -0,0 +1,297 @@
# StreamFlow Scripts
Utility scripts for managing the StreamFlow IPTV application.
## Available Scripts
### test-vpn.sh
Tests VPN connection and checks for IP/DNS leaks.
**Usage:**
```bash
# From inside the container
docker exec -it streamflow bash
./scripts/test-vpn.sh
# Or directly from host
docker exec -it streamflow /app/scripts/test-vpn.sh
```
**What it checks:**
- VPN interface (tun0) status
- Routing table configuration
- DNS server configuration
- Public IP address
- IP geolocation information
- OpenVPN process status
- Firewall rules
**Example output:**
```
=========================================
VPN Connection Test
=========================================
1. Checking VPN Interface (tun0)...
✓ VPN interface (tun0) is UP
IP: 10.2.0.2/32
2. Checking Routing Table...
default via 10.2.0.1 dev tun0
✓ Traffic is routed through VPN
3. Checking DNS Configuration...
DNS Servers: 10.2.0.1 10.2.0.2
✓ Using VPN DNS servers
4. Checking Public IP Address...
Public IP: 185.159.x.x
Location: Amsterdam, NL
ISP: AS62371 ProtonVPN AG
✓ IP appears to be from VPN provider
5. Checking OpenVPN Process...
✓ OpenVPN process is running
PID: 1234
6. Checking Firewall Rules...
✓ VPN firewall rules are active (3 rules)
=========================================
Summary
=========================================
✓ VPN appears to be working correctly!
```
---
### start.sh
Starts the StreamFlow application using Docker Compose.
**Usage:**
```bash
./scripts/start.sh
```
**What it does:**
- Checks if Docker is running
- Builds Docker images if needed
- Starts all containers in detached mode
- Shows container status
- Displays access URL
**Options:**
```bash
./scripts/start.sh --build # Force rebuild images
./scripts/start.sh --logs # Show logs after starting
```
---
### stop.sh
Stops the StreamFlow application and removes containers.
**Usage:**
```bash
./scripts/stop.sh
```
**What it does:**
- Stops all running containers
- Removes containers
- Preserves volumes (data persistence)
- Shows final status
**Options:**
```bash
./scripts/stop.sh --volumes # Also remove volumes (WARNING: deletes data)
```
---
## Creating New Scripts
When adding new scripts to this directory:
1. **Make it executable:**
```bash
chmod +x scripts/your-script.sh
```
2. **Use proper shebang:**
```bash
#!/bin/bash
```
3. **Add error handling:**
```bash
set -e # Exit on error
```
4. **Document the script:**
- Add comments explaining what it does
- Update this README with usage instructions
5. **Test thoroughly:**
- Test on a clean environment
- Handle edge cases
- Provide helpful error messages
---
## Common Script Patterns
### Docker Commands
```bash
# Start in development mode with logs
docker-compose up
# Start in production (detached)
docker-compose up -d
# View logs
docker-compose logs -f
# Rebuild and start
docker-compose up -d --build
# Stop containers
docker-compose down
# Stop and remove volumes
docker-compose down -v
```
### Development Scripts
```bash
# Install dependencies
cd backend && npm install
cd frontend && npm install
# Run in development mode
cd backend && npm run dev
cd frontend && npm run dev
# Run tests
npm test
# Lint code
npm run lint
```
### Maintenance Scripts
```bash
# Clean Docker system
docker system prune -a
# View container logs
docker logs streamflow-app
# Execute command in container
docker exec -it streamflow-app sh
# Database backup
docker exec streamflow-app sqlite3 /app/data/streamflow.db .dump > backup.sql
```
---
## Script Guidelines
### Best Practices
1. **Always use absolute paths or relative from project root:**
```bash
cd "$(dirname "$0")/.." || exit
```
2. **Check prerequisites:**
```bash
if ! command -v docker &> /dev/null; then
echo "Docker is not installed"
exit 1
fi
```
3. **Provide feedback:**
```bash
echo "Starting application..."
# command here
echo "✓ Application started successfully"
```
4. **Handle errors gracefully:**
```bash
if ! docker-compose up -d; then
echo "Failed to start application"
exit 1
fi
```
5. **Use colors for output (optional):**
```bash
RED='\033[0;31m'
GREEN='\033[0;32m'
NC='\033[0m' # No Color
echo -e "${GREEN}Success!${NC}"
```
---
## Future Scripts (Ideas)
Potential scripts that could be added:
- `backup.sh` - Backup database and uploads
- `restore.sh` - Restore from backup
- `update.sh` - Pull latest changes and rebuild
- `logs.sh` - View application logs with options
- `clean.sh` - Clean up unused Docker resources
- `test.sh` - Run test suite
- `deploy.sh` - Deploy to production server
- `health-check.sh` - Check application health
- `db-migrate.sh` - Run database migrations
- `generate-icons.sh` - Generate PWA icons from source
---
## Debugging Scripts
If a script fails:
1. **Check permissions:**
```bash
ls -la scripts/
chmod +x scripts/script-name.sh
```
2. **Run with verbose output:**
```bash
bash -x scripts/script-name.sh
```
3. **Check Docker status:**
```bash
docker ps
docker-compose ps
```
4. **View logs:**
```bash
docker-compose logs
```
---
## Platform Compatibility
All scripts should be compatible with:
- Linux (Ubuntu, Debian, Fedora, Arch)
- macOS
- Windows (via Git Bash or WSL)
For Windows native support, consider creating `.bat` or `.ps1` versions.
---
**Last Updated:** December 10, 2025

110
scripts/build-android.sh Executable file
View file

@ -0,0 +1,110 @@
#!/bin/bash
# StreamFlow - Android APK Builder
# Builds Android APK using Capacitor
set -e
echo "📱 StreamFlow Android APK Builder"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
# Check prerequisites
if ! command -v node &> /dev/null; then
echo "❌ Node.js is not installed. Please install Node.js 18+"
exit 1
fi
if ! command -v npm &> /dev/null; then
echo "❌ npm is not installed. Please install npm"
exit 1
fi
# Check for Android SDK
if [ -z "$ANDROID_HOME" ]; then
echo "⚠️ Warning: ANDROID_HOME not set. Android Studio SDK required."
echo " Install Android Studio and set ANDROID_HOME environment variable"
echo " Example: export ANDROID_HOME=\$HOME/Android/Sdk"
fi
cd "$(dirname "$0")"
PROJECT_ROOT="$(pwd)"
echo ""
echo "📦 Step 1: Installing dependencies..."
npm install
echo ""
echo "🔧 Step 2: Installing Capacitor for Android..."
npm install @capacitor/core @capacitor/cli @capacitor/android
echo ""
echo "🏗️ Step 3: Building frontend..."
cd frontend
npm install
npm run build
cd "$PROJECT_ROOT"
echo ""
echo "⚙️ Step 4: Initializing Capacitor..."
if [ ! -f "capacitor.config.json" ]; then
npx cap init "StreamFlow" "com.streamflow.iptv" --web-dir=frontend/dist
fi
echo ""
echo "📱 Step 5: Adding Android platform..."
if [ ! -d "android" ]; then
npx cap add android
else
echo " Android platform already exists, syncing..."
npx cap sync android
fi
echo ""
echo "🎨 Step 6: Generating Android assets..."
# Copy icons to Android resources
if [ -d "frontend/public/icons" ]; then
echo " Copying icons to Android project..."
mkdir -p android/app/src/main/res/mipmap-{mdpi,hdpi,xhdpi,xxhdpi,xxxhdpi}
# Convert SVG to PNG if needed (requires imagemagick)
if command -v convert &> /dev/null; then
convert frontend/public/icons/icon-192x192.svg -resize 48x48 android/app/src/main/res/mipmap-mdpi/ic_launcher.png 2>/dev/null || true
convert frontend/public/icons/icon-192x192.svg -resize 72x72 android/app/src/main/res/mipmap-hdpi/ic_launcher.png 2>/dev/null || true
convert frontend/public/icons/icon-192x192.svg -resize 96x96 android/app/src/main/res/mipmap-xhdpi/ic_launcher.png 2>/dev/null || true
convert frontend/public/icons/icon-192x192.svg -resize 144x144 android/app/src/main/res/mipmap-xxhdpi/ic_launcher.png 2>/dev/null || true
convert frontend/public/icons/icon-192x192.svg -resize 192x192 android/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png 2>/dev/null || true
fi
fi
echo ""
echo "🔐 Step 7: Configuring permissions..."
cat > android/app/src/main/AndroidManifest.xml.patch << 'EOF'
<!-- Add these permissions to AndroidManifest.xml -->
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
EOF
echo ""
echo "📋 Next steps:"
echo ""
echo "1. Open Android Studio:"
echo " npx cap open android"
echo ""
echo "2. Build APK in Android Studio:"
echo " Build → Build Bundle(s) / APK(s) → Build APK(s)"
echo ""
echo "3. Or build from command line:"
echo " cd android && ./gradlew assembleDebug"
echo " APK location: android/app/build/outputs/apk/debug/app-debug.apk"
echo ""
echo "4. For release build:"
echo " cd android && ./gradlew assembleRelease"
echo ""
echo "✅ Android project setup complete!"
echo ""
echo "📚 Documentation:"
echo " Capacitor: https://capacitorjs.com/docs/android"
echo " Android: https://developer.android.com/studio/build/building-cmdline"

112
scripts/generate-assets.sh Executable file
View file

@ -0,0 +1,112 @@
#!/bin/bash
# StreamFlow - Platform Asset Generator
# Generates optimized assets for PWA, Android, and Desktop
set -e
echo "🎨 StreamFlow Platform Asset Generator"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
cd "$(dirname "$0")/.."
PROJECT_ROOT="$(pwd)"
# Check for ImageMagick
if ! command -v convert &> /dev/null; then
echo "❌ ImageMagick is not installed. Installing..."
if command -v apt-get &> /dev/null; then
sudo apt-get update && sudo apt-get install -y imagemagick
elif command -v brew &> /dev/null; then
brew install imagemagick
else
echo "Please install ImageMagick manually: https://imagemagick.org/script/download.php"
exit 1
fi
fi
SOURCE_ICON="frontend/public/icons/icon-512x512.svg"
if [ ! -f "$SOURCE_ICON" ]; then
echo "❌ Source icon not found: $SOURCE_ICON"
exit 1
fi
echo ""
echo "📱 Generating PWA icons..."
PWA_SIZES=(72 96 128 144 152 192 384 512)
for size in "${PWA_SIZES[@]}"; do
echo "${size}x${size}px"
convert "$SOURCE_ICON" -resize ${size}x${size} "frontend/public/icons/icon-${size}x${size}.png"
done
echo ""
echo "🍎 Generating iOS icons..."
convert "$SOURCE_ICON" -resize 180x180 "frontend/public/icons/apple-touch-icon.png"
convert "$SOURCE_ICON" -resize 167x167 "frontend/public/icons/apple-touch-icon-ipad.png"
echo ""
echo "🤖 Generating Android icons..."
ANDROID_SIZES=(48 72 96 144 192)
ANDROID_DENSITIES=(mdpi hdpi xhdpi xxhdpi xxxhdpi)
mkdir -p frontend/public/android-icons
for i in "${!ANDROID_SIZES[@]}"; do
size="${ANDROID_SIZES[$i]}"
density="${ANDROID_DENSITIES[$i]}"
echo "${density} (${size}x${size}px)"
convert "$SOURCE_ICON" -resize ${size}x${size} "frontend/public/android-icons/icon-${density}.png"
done
echo ""
echo "🐧 Generating Linux Desktop icons..."
convert "$SOURCE_ICON" -resize 512x512 "desktop-app/build/icon.png"
cp "$SOURCE_ICON" "desktop-app/build/icon.svg"
echo ""
echo "🌐 Generating favicon..."
convert "$SOURCE_ICON" -resize 32x32 "frontend/public/favicon.png"
convert "$SOURCE_ICON" -resize 16x16 -resize 32x32 -resize 48x48 "frontend/public/favicon.ico"
echo ""
echo "📄 Generating splash screens..."
# PWA splash screens for iOS
IOS_SPLASH_SIZES=(
"640x1136:iphone5"
"750x1334:iphone6"
"828x1792:iphone11"
"1125x2436:iphonex"
"1242x2208:iphone6plus"
"1242x2688:iphonemax"
"1536x2048:ipad"
"1668x2224:ipadpro10"
"1668x2388:ipadpro11"
"2048x2732:ipadpro12"
)
mkdir -p frontend/public/splash
for splash_config in "${IOS_SPLASH_SIZES[@]}"; do
IFS=':' read -r size name <<< "$splash_config"
IFS='x' read -r width height <<< "$size"
echo "${name} (${width}x${height}px)"
# Create splash with icon centered on background
convert -size ${width}x${height} xc:"#121212" \
\( "$SOURCE_ICON" -resize 256x256 \) \
-gravity center -composite \
"frontend/public/splash/splash-${name}.png"
done
echo ""
echo "✅ Asset generation complete!"
echo ""
echo "📦 Generated assets:"
echo " PWA: frontend/public/icons/*.png"
echo " iOS: frontend/public/icons/apple-touch-icon*.png"
echo " Android: frontend/public/android-icons/*.png"
echo " Desktop: desktop-app/build/icon.{png,svg}"
echo " Favicon: frontend/public/favicon.{ico,png}"
echo " Splash: frontend/public/splash/*.png"
echo ""
echo "🔄 Next: Rebuild Docker container to include new assets"
echo " docker compose build --no-cache"

136
scripts/security-check.sh Executable file
View file

@ -0,0 +1,136 @@
#!/bin/bash
# Local Security Testing Script
# Run SAST and basic security checks locally before pushing
set -e
echo "🔒 Starting Local Security Tests..."
echo ""
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# Function to print colored output
print_status() {
echo -e "${2}${1}${NC}"
}
# 1. NPM Audit
print_status "📦 Running NPM Audit..." "$YELLOW"
echo "Backend:"
cd backend
npm audit --audit-level=moderate || true
cd ..
echo ""
echo "Frontend:"
cd frontend
npm audit --audit-level=moderate || true
cd ..
echo ""
# 2. ESLint Security Check
print_status "🔍 Running ESLint Security Scan..." "$YELLOW"
echo "Installing eslint-plugin-security if needed..."
cd backend
npm install --save-dev eslint eslint-plugin-security 2>/dev/null || true
npx eslint . --ext .js || print_status "⚠️ Backend ESLint issues found" "$YELLOW"
cd ..
cd frontend
npm install --save-dev eslint eslint-plugin-security eslint-plugin-react eslint-plugin-react-hooks 2>/dev/null || true
npx eslint . --ext .js,.jsx || print_status "⚠️ Frontend ESLint issues found" "$YELLOW"
cd ..
echo ""
# 3. Sensitive Data Check
print_status "🔐 Checking for sensitive data..." "$YELLOW"
if grep -r -i "password.*=" --include="*.js" --include="*.jsx" --exclude-dir="node_modules" . | grep -v "password.*process.env" | grep -v "password.*req.body" | grep -v "password:" | grep -v "// password"; then
print_status "⚠️ Potential hardcoded passwords found" "$RED"
else
print_status "✅ No hardcoded passwords detected" "$GREEN"
fi
if grep -r "api[_-]?key.*=.*['\"][a-zA-Z0-9]" --include="*.js" --include="*.jsx" --exclude-dir="node_modules" . | grep -v "process.env"; then
print_status "⚠️ Potential hardcoded API keys found" "$RED"
else
print_status "✅ No hardcoded API keys detected" "$GREEN"
fi
echo ""
# 4. SQL Injection Check
print_status "💉 Checking for SQL injection vulnerabilities..." "$YELLOW"
if grep -r "db.run\|db.all\|db.get" --include="*.js" backend/ | grep -v "?" | grep -v "\[" | grep "\`"; then
print_status "⚠️ Potential SQL injection vulnerabilities found (template literals)" "$RED"
else
print_status "✅ No obvious SQL injection issues" "$GREEN"
fi
echo ""
# 5. XSS Check
print_status "🌐 Checking for XSS vulnerabilities..." "$YELLOW"
if grep -r "dangerouslySetInnerHTML\|innerHTML" --include="*.js" --include="*.jsx" frontend/src/ ; then
print_status "⚠️ Potential XSS vulnerabilities found" "$YELLOW"
else
print_status "✅ No obvious XSS issues" "$GREEN"
fi
echo ""
# 6. Dependency Check
print_status "📚 Checking dependency versions..." "$YELLOW"
outdated_backend=$(cd backend && npm outdated || true)
outdated_frontend=$(cd frontend && npm outdated || true)
if [ ! -z "$outdated_backend" ] || [ ! -z "$outdated_frontend" ]; then
print_status "⚠️ Outdated dependencies found. Run 'npm outdated' for details" "$YELLOW"
else
print_status "✅ All dependencies up to date" "$GREEN"
fi
echo ""
# 7. Docker Security (if Docker is available)
if command -v docker &> /dev/null; then
print_status "🐳 Checking Docker configuration..." "$YELLOW"
if grep -q "latest" Dockerfile; then
print_status "⚠️ Using 'latest' tag in Dockerfile is not recommended" "$YELLOW"
fi
if ! grep -q "USER" Dockerfile; then
print_status "⚠️ Dockerfile doesn't specify non-root USER" "$YELLOW"
else
print_status "✅ Dockerfile uses non-root user" "$GREEN"
fi
else
print_status " Docker not available, skipping Docker checks" "$YELLOW"
fi
echo ""
# 8. Environment Variables Check
print_status "🔑 Checking environment configuration..." "$YELLOW"
if [ -f ".env" ]; then
print_status "⚠️ .env file found - ensure it's in .gitignore!" "$YELLOW"
if grep -q ".env" .gitignore; then
print_status "✅ .env is in .gitignore" "$GREEN"
else
print_status "❌ .env NOT in .gitignore - SECURITY RISK!" "$RED"
fi
else
print_status "✅ No .env file in root directory" "$GREEN"
fi
echo ""
# Summary
print_status "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" "$GREEN"
print_status "✅ Local security checks completed!" "$GREEN"
print_status "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" "$GREEN"
echo ""
print_status "💡 For comprehensive security testing:" "$YELLOW"
echo " 1. Push to GitHub to trigger automated SAST/DAST scans"
echo " 2. Run 'npm run security:full' for detailed reports"
echo " 3. Review GitHub Security tab for vulnerability alerts"
echo ""

51
scripts/start.sh Executable file
View file

@ -0,0 +1,51 @@
#!/bin/bash
# StreamFlow IPTV - Build and Run Script
echo "🎬 StreamFlow IPTV - Starting build process..."
# Check if Docker is installed
if ! command -v docker &> /dev/null; then
echo "❌ Docker is not installed. Please install Docker first."
exit 1
fi
# Check if Docker Compose is installed
if ! command -v docker-compose &> /dev/null; then
echo "❌ Docker Compose is not installed. Please install Docker Compose first."
exit 1
fi
# Create .env file if it doesn't exist
if [ ! -f .env ]; then
echo "📝 Creating .env file from template..."
cp .env.example .env
echo "⚠️ Please update JWT_SECRET and SESSION_SECRET in .env file before running in production!"
fi
# Build and start the containers
echo "🏗️ Building Docker containers..."
docker-compose build
if [ $? -ne 0 ]; then
echo "❌ Docker build failed. Please check the errors above."
exit 1
fi
echo "🚀 Starting StreamFlow application..."
docker-compose up -d
if [ $? -ne 0 ]; then
echo "❌ Failed to start containers. Please check the errors above."
exit 1
fi
echo ""
echo "✅ StreamFlow is now running!"
echo ""
echo "🌐 Access the application at: http://localhost:12345"
echo ""
echo "📊 View logs with: docker-compose logs -f"
echo "🛑 Stop the application: docker-compose down"
echo ""
echo "🔐 Don't forget to register your first user account!"

17
scripts/stop.sh Executable file
View file

@ -0,0 +1,17 @@
#!/bin/bash
# StreamFlow IPTV - Stop Script
echo "🛑 Stopping StreamFlow IPTV..."
docker-compose down
if [ $? -eq 0 ]; then
echo "✅ StreamFlow has been stopped successfully."
else
echo "❌ Failed to stop StreamFlow. Please check for errors."
exit 1
fi
echo ""
echo "📝 To start again, run: ./start.sh or npm start"

308
scripts/test-error-handling.sh Executable file
View file

@ -0,0 +1,308 @@
#!/bin/bash
# Error Handling Security Test Script
# Tests CWE-209 mitigation and error handling implementation
set -e
echo "🔐 Error Handling Security Tests"
echo "================================="
echo ""
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# Test counter
TESTS_PASSED=0
TESTS_FAILED=0
# Function to test endpoint
test_endpoint() {
local test_name="$1"
local url="$2"
local expected_pattern="$3"
local should_not_contain="$4"
echo -n "Testing: $test_name... "
response=$(curl -s "$url" 2>&1 || echo "ERROR")
# Check if response contains expected pattern
if [[ "$response" == *"$expected_pattern"* ]]; then
# Check if response does NOT contain sensitive info
if [[ -n "$should_not_contain" ]] && [[ "$response" == *"$should_not_contain"* ]]; then
echo -e "${RED}FAILED${NC} - Contains sensitive information: $should_not_contain"
TESTS_FAILED=$((TESTS_FAILED + 1))
return 1
fi
echo -e "${GREEN}PASSED${NC}"
TESTS_PASSED=$((TESTS_PASSED + 1))
return 0
else
echo -e "${RED}FAILED${NC} - Expected pattern not found"
TESTS_FAILED=$((TESTS_FAILED + 1))
return 1
fi
}
# Function to check for information disclosure
check_no_disclosure() {
local test_name="$1"
local url="$2"
echo -n "Checking: $test_name... "
response=$(curl -s "$url" 2>&1 || echo "ERROR")
# Patterns that should NOT be in error responses
FORBIDDEN_PATTERNS=(
"/home/"
"/app/"
"/usr/"
"/var/"
"node_modules"
".js:"
"Error:"
"at "
"line "
"SQLITE_"
"ENOENT"
"EACCES"
"password"
"secret"
"token"
)
for pattern in "${FORBIDDEN_PATTERNS[@]}"; do
if [[ "$response" == *"$pattern"* ]]; then
echo -e "${RED}FAILED${NC} - Contains forbidden pattern: $pattern"
TESTS_FAILED=$((TESTS_FAILED + 1))
return 1
fi
done
echo -e "${GREEN}PASSED${NC}"
TESTS_PASSED=$((TESTS_PASSED + 1))
return 0
}
echo "1⃣ Backend Syntax Tests"
echo "------------------------"
# Test backend files compile without errors
if node -c backend/server.js 2>&1 | grep -q "error"; then
echo -e "${RED}FAILED${NC} - server.js has syntax errors"
TESTS_FAILED=$((TESTS_FAILED + 1))
else
echo -e "${GREEN}PASSED${NC} - server.js syntax valid"
TESTS_PASSED=$((TESTS_PASSED + 1))
fi
if node -c backend/utils/errorHandler.js 2>&1 | grep -q "error"; then
echo -e "${RED}FAILED${NC} - errorHandler.js has syntax errors"
TESTS_FAILED=$((TESTS_FAILED + 1))
else
echo -e "${GREEN}PASSED${NC} - errorHandler.js syntax valid"
TESTS_PASSED=$((TESTS_PASSED + 1))
fi
if node -c backend/utils/logger.js 2>&1 | grep -q "error"; then
echo -e "${RED}FAILED${NC} - logger.js has syntax errors"
TESTS_FAILED=$((TESTS_FAILED + 1))
else
echo -e "${GREEN}PASSED${NC} - logger.js syntax valid"
TESTS_PASSED=$((TESTS_PASSED + 1))
fi
echo ""
echo "2⃣ Frontend Syntax Tests"
echo "-------------------------"
if node -c frontend/src/utils/errorHandler.js 2>&1 | grep -q "error"; then
echo -e "${RED}FAILED${NC} - errorHandler.js has syntax errors"
TESTS_FAILED=$((TESTS_FAILED + 1))
else
echo -e "${GREEN}PASSED${NC} - errorHandler.js syntax valid"
TESTS_PASSED=$((TESTS_PASSED + 1))
fi
if node -c frontend/src/utils/api.js 2>&1 | grep -q "error"; then
echo -e "${RED}FAILED${NC} - api.js has syntax errors"
TESTS_FAILED=$((TESTS_FAILED + 1))
else
echo -e "${GREEN}PASSED${NC} - api.js syntax valid"
TESTS_PASSED=$((TESTS_PASSED + 1))
fi
echo ""
echo "3⃣ Translation Files"
echo "---------------------"
# Check if translation files are valid JSON
if jq empty frontend/src/locales/en.json 2>/dev/null; then
echo -e "${GREEN}PASSED${NC} - en.json is valid JSON"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}FAILED${NC} - en.json is not valid JSON"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
if jq empty frontend/src/locales/ro.json 2>/dev/null; then
echo -e "${GREEN}PASSED${NC} - ro.json is valid JSON"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}FAILED${NC} - ro.json is not valid JSON"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
# Check if error translations exist
if jq -e '.errors' frontend/src/locales/en.json >/dev/null 2>&1; then
echo -e "${GREEN}PASSED${NC} - English error translations exist"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}FAILED${NC} - English error translations missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
if jq -e '.errors' frontend/src/locales/ro.json >/dev/null 2>&1; then
echo -e "${GREEN}PASSED${NC} - Romanian error translations exist"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}FAILED${NC} - Romanian error translations missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
echo ""
echo "4⃣ File Structure"
echo "------------------"
# Check if required files exist
FILES=(
"backend/utils/errorHandler.js"
"backend/utils/logger.js"
"frontend/src/utils/errorHandler.js"
"frontend/src/components/ErrorBoundary.jsx"
"frontend/src/components/ErrorNotificationProvider.jsx"
"docs/ERROR_HANDLING_SECURITY.md"
"docs/ERROR_HANDLING_QUICK_REFERENCE.md"
)
for file in "${FILES[@]}"; do
if [[ -f "$file" ]]; then
echo -e "${GREEN}${NC} $file exists"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}${NC} $file missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
done
echo ""
echo "5⃣ Docker Integration"
echo "----------------------"
# Check if Dockerfile exists and contains necessary commands
if [[ -f "Dockerfile" ]]; then
echo -e "${GREEN}${NC} Dockerfile exists"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}${NC} Dockerfile missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
if [[ -f "docker-compose.yml" ]]; then
echo -e "${GREEN}${NC} docker-compose.yml exists"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}${NC} docker-compose.yml missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
echo ""
echo "6⃣ Process Error Handlers"
echo "-------------------------"
# Check if backend has process-level error handlers
if grep -q "process.on('uncaughtException'" backend/server.js; then
echo -e "${GREEN}${NC} Uncaught exception handler exists"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}${NC} Uncaught exception handler missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
if grep -q "process.on('unhandledRejection'" backend/server.js; then
echo -e "${GREEN}${NC} Unhandled rejection handler exists"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}${NC} Unhandled rejection handler missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
# Check if frontend has window-level error handlers
if grep -q "window.addEventListener('error'" frontend/src/main.jsx; then
echo -e "${GREEN}${NC} Window error handler exists"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}${NC} Window error handler missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
if grep -q "window.addEventListener('unhandledrejection'" frontend/src/main.jsx; then
echo -e "${GREEN}${NC} Window unhandled rejection handler exists"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}${NC} Window unhandled rejection handler missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
echo ""
echo "7⃣ Service Worker Protection"
echo "-----------------------------"
if grep -q "self.addEventListener('error'" frontend/public/service-worker.js; then
echo -e "${GREEN}${NC} Service worker error handler exists"
TESTS_PASSED=$((TESTS_PASSED + 1))
else
echo -e "${RED}${NC} Service worker error handler missing"
TESTS_FAILED=$((TESTS_FAILED + 1))
fi
echo ""
echo "📊 Test Summary"
echo "==============="
echo -e "Total Tests: $((TESTS_PASSED + TESTS_FAILED))"
echo -e "${GREEN}Passed: $TESTS_PASSED${NC}"
echo -e "${RED}Failed: $TESTS_FAILED${NC}"
echo ""
if [[ $TESTS_FAILED -eq 0 ]]; then
echo -e "${GREEN}✅ All tests passed!${NC}"
echo ""
echo "🔒 Security Features Implemented:"
echo " ✓ CWE-209 mitigation (no information leakage)"
echo " ✓ CWE-391 compliance (no unhandled exceptions)"
echo " ✓ Error sanitization (backend + frontend)"
echo " ✓ Secure logging (sensitive data redaction)"
echo " ✓ User-friendly error messages"
echo " ✓ Multi-language support (EN, RO)"
echo " ✓ Error boundary protection"
echo " ✓ Global notification system"
echo " ✓ Process-level error handlers"
echo " ✓ Window-level error handlers"
echo " ✓ Service worker protection"
echo " ✓ Docker integration"
echo ""
echo "📚 Documentation:"
echo " - docs/ERROR_HANDLING_SECURITY.md"
echo " - docs/ERROR_HANDLING_QUICK_REFERENCE.md"
echo ""
exit 0
else
echo -e "${RED}❌ Some tests failed${NC}"
echo "Please review the errors above and fix them."
exit 1
fi

143
scripts/test-pwa.sh Executable file
View file

@ -0,0 +1,143 @@
#!/bin/bash
# StreamFlow - PWA Configuration & Testing Script
# Validates and tests PWA functionality
set -e
echo "🌐 StreamFlow PWA Configuration & Testing"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
cd "$(dirname "$0")/.."
PROJECT_ROOT="$(pwd)"
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
echo ""
echo "🔍 Checking PWA requirements..."
# Check manifest.json
if [ -f "frontend/public/manifest.json" ]; then
echo -e "${GREEN}${NC} manifest.json exists"
# Validate JSON
if command -v jq &> /dev/null; then
if jq empty frontend/public/manifest.json 2>/dev/null; then
echo -e "${GREEN}${NC} manifest.json is valid JSON"
else
echo -e "${RED}${NC} manifest.json has JSON errors"
fi
fi
else
echo -e "${RED}${NC} manifest.json not found"
fi
# Check service worker
if [ -f "frontend/public/service-worker.js" ]; then
echo -e "${GREEN}${NC} service-worker.js exists"
else
echo -e "${RED}${NC} service-worker.js not found"
fi
# Check icons
REQUIRED_ICONS=(72 96 128 144 152 192 384 512)
MISSING_ICONS=()
for size in "${REQUIRED_ICONS[@]}"; do
if [ -f "frontend/public/icons/icon-${size}x${size}.svg" ] || [ -f "frontend/public/icons/icon-${size}x${size}.png" ]; then
echo -e "${GREEN}${NC} Icon ${size}x${size} exists"
else
echo -e "${YELLOW}${NC} Icon ${size}x${size} missing"
MISSING_ICONS+=($size)
fi
done
# Check HTTPS requirement
echo ""
echo "📋 PWA Requirements Checklist:"
echo ""
echo "Required for PWA:"
echo " [$([ -f frontend/public/manifest.json ] && echo '✓' || echo '✗')] manifest.json with name, icons, start_url"
echo " [$([ -f frontend/public/service-worker.js ] && echo '✓' || echo '✗')] service-worker.js registered"
echo " [$([ ${#MISSING_ICONS[@]} -eq 0 ] && echo '✓' || echo '✗')] Icons (at least 192x192 and 512x512)"
echo " [?] HTTPS in production (localhost exempt for testing)"
echo " [?] Valid SSL certificate (production only)"
echo ""
echo "Optional but recommended:"
echo " [$([ -f frontend/public/favicon.ico ] && echo '✓' || echo '✗')] favicon.ico"
echo " [$(grep -q 'apple-touch-icon' frontend/index.html 2>/dev/null && echo '✓' || echo '✗')] Apple touch icons"
echo " [$(grep -q 'theme-color' frontend/index.html 2>/dev/null && echo '✓' || echo '✗')] Theme color meta tag"
echo " [?] Background sync capability"
echo " [?] Push notifications setup"
echo ""
echo "🧪 Testing PWA functionality..."
# Check if server is running
if curl -s http://localhost:12345 > /dev/null 2>&1; then
echo -e "${GREEN}${NC} Server is running on port 12345"
# Test manifest
if curl -s http://localhost:12345/manifest.json > /dev/null 2>&1; then
echo -e "${GREEN}${NC} Manifest is accessible"
else
echo -e "${RED}${NC} Manifest is not accessible"
fi
# Test service worker
if curl -s http://localhost:12345/service-worker.js > /dev/null 2>&1; then
echo -e "${GREEN}${NC} Service worker is accessible"
else
echo -e "${RED}${NC} Service worker is not accessible"
fi
# Test icons
if curl -s http://localhost:12345/icons/icon-192x192.svg > /dev/null 2>&1 || \
curl -s http://localhost:12345/icons/icon-192x192.png > /dev/null 2>&1; then
echo -e "${GREEN}${NC} Icons are accessible"
else
echo -e "${YELLOW}${NC} Some icons may not be accessible"
fi
else
echo -e "${YELLOW}${NC} Server is not running. Start with: docker compose up -d"
fi
echo ""
echo "📱 Testing PWA on devices:"
echo ""
echo "Chrome (Desktop):"
echo " 1. Open http://localhost:12345 or https://your-domain.com"
echo " 2. Look for install icon in address bar"
echo " 3. Click to install as app"
echo ""
echo "Chrome (Android):"
echo " 1. Open the website in Chrome"
echo " 2. Tap menu (⋮) → 'Add to Home screen'"
echo " 3. App will install like native app"
echo ""
echo "Safari (iOS):"
echo " 1. Open the website in Safari"
echo " 2. Tap Share button"
echo " 3. Tap 'Add to Home Screen'"
echo ""
echo "Testing offline:"
echo " 1. Open PWA"
echo " 2. Open DevTools → Application → Service Workers"
echo " 3. Check 'Offline' checkbox"
echo " 4. Refresh page - static assets should load"
echo ""
echo "🔍 Lighthouse PWA Audit:"
echo " npm install -g lighthouse"
echo " lighthouse http://localhost:12345 --view --only-categories=pwa"
echo ""
echo "✅ PWA configuration check complete!"
echo ""
if [ ${#MISSING_ICONS[@]} -gt 0 ]; then
echo -e "${YELLOW}${NC} Missing icons: ${MISSING_ICONS[*]}"
echo " Run: ./scripts/generate-assets.sh"
fi

134
scripts/test-vpn.sh Executable file
View file

@ -0,0 +1,134 @@
#!/bin/bash
# VPN Test Script - Quick verification that VPN is working properly
# Run this inside the Docker container
echo "========================================="
echo " VPN Connection Test"
echo "========================================="
echo ""
# Colors
GREEN='\033[0;32m'
RED='\033[0;31m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# Test 1: Check VPN Interface
echo "1. Checking VPN Interface (tun0)..."
if ip addr show tun0 &>/dev/null; then
echo -e "${GREEN}${NC} VPN interface (tun0) is UP"
ip addr show tun0 | grep "inet " | awk '{print " IP: " $2}'
else
echo -e "${RED}${NC} VPN interface (tun0) NOT FOUND"
echo " VPN is not connected!"
fi
echo ""
# Test 2: Check Routing
echo "2. Checking Routing Table..."
DEFAULT_ROUTE=$(ip route | grep default)
echo " $DEFAULT_ROUTE"
if echo "$DEFAULT_ROUTE" | grep -q "tun"; then
echo -e "${GREEN}${NC} Traffic is routed through VPN"
else
echo -e "${RED}${NC} Traffic is NOT routed through VPN"
fi
echo ""
# Test 3: Check DNS
echo "3. Checking DNS Configuration..."
DNS_SERVERS=$(grep "^nameserver" /etc/resolv.conf | awk '{print $2}')
echo " DNS Servers: $DNS_SERVERS"
if echo "$DNS_SERVERS" | grep -q "10.2.0"; then
echo -e "${GREEN}${NC} Using VPN DNS servers"
elif echo "$DNS_SERVERS" | grep -E "8.8.8.8|1.1.1.1|8.8.4.4|1.0.0.1" &>/dev/null; then
echo -e "${RED}${NC} DNS LEAK: Using public DNS servers"
else
echo -e "${YELLOW}${NC} Using unknown DNS servers"
fi
echo ""
# Test 4: Check Public IP
echo "4. Checking Public IP Address..."
PUBLIC_IP=$(curl -s --max-time 10 https://api.ipify.org 2>/dev/null)
if [ -z "$PUBLIC_IP" ]; then
echo -e "${RED}${NC} Could not determine public IP"
else
echo " Public IP: $PUBLIC_IP"
# Get IP info
IP_INFO=$(curl -s --max-time 10 https://ipinfo.io/$PUBLIC_IP/json 2>/dev/null)
if [ ! -z "$IP_INFO" ]; then
COUNTRY=$(echo "$IP_INFO" | grep -o '"country": "[^"]*' | cut -d'"' -f4)
CITY=$(echo "$IP_INFO" | grep -o '"city": "[^"]*' | cut -d'"' -f4)
ORG=$(echo "$IP_INFO" | grep -o '"org": "[^"]*' | cut -d'"' -f4)
echo " Location: $CITY, $COUNTRY"
echo " ISP: $ORG"
if echo "$ORG" | grep -iq "proton\|vpn"; then
echo -e "${GREEN}${NC} IP appears to be from VPN provider"
else
echo -e "${YELLOW}${NC} IP may not be from VPN provider"
fi
fi
fi
echo ""
# Test 5: Check OpenVPN Process
echo "5. Checking OpenVPN Process..."
if pgrep -f "openvpn.*config" &>/dev/null; then
echo -e "${GREEN}${NC} OpenVPN process is running"
ps aux | grep "[o]penvpn.*config" | awk '{print " PID: " $2}'
else
echo -e "${RED}${NC} OpenVPN process NOT found"
fi
echo ""
# Test 6: Check iptables rules
echo "6. Checking Firewall Rules..."
VPN_RULES=$(iptables -L OUTPUT -n | grep -c "tun")
if [ "$VPN_RULES" -gt 0 ]; then
echo -e "${GREEN}${NC} VPN firewall rules are active ($VPN_RULES rules)"
else
echo -e "${YELLOW}${NC} No VPN-specific firewall rules found"
fi
echo ""
# Summary
echo "========================================="
echo " Summary"
echo "========================================="
ISSUES=0
if ! ip addr show tun0 &>/dev/null; then
echo -e "${RED}${NC} VPN interface not found"
ISSUES=$((ISSUES + 1))
fi
if ! ip route | grep default | grep -q "tun"; then
echo -e "${RED}${NC} Traffic not routed through VPN"
ISSUES=$((ISSUES + 1))
fi
if ! grep "^nameserver" /etc/resolv.conf | grep -q "10.2.0"; then
echo -e "${RED}${NC} Not using VPN DNS"
ISSUES=$((ISSUES + 1))
fi
if [ $ISSUES -eq 0 ]; then
echo -e "${GREEN}✓ VPN appears to be working correctly!${NC}"
else
echo -e "${RED}✗ Found $ISSUES issue(s) with VPN connection${NC}"
echo ""
echo "Troubleshooting steps:"
echo "1. Check if VPN is connected in the web UI"
echo "2. Try disconnecting and reconnecting"
echo "3. Check backend logs: docker logs streamflow"
echo "4. Try a different VPN server/country"
echo "5. See docs/VPN_TROUBLESHOOTING.md for detailed help"
fi
echo ""