#!/bin/bash # COMPREHENSIVE DIAGNOSTIC FOR 403 DELETE ISSUE OUTPUT_FILE="/media/pts/Website/Church_HOP_MusicData/new-site/diagnostic-report.txt" exec > "$OUTPUT_FILE" 2>&1 echo "=======================================================================" echo "COMPREHENSIVE WORSHIP LIST DELETE DIAGNOSTIC" echo "=======================================================================" echo "Timestamp: $(date)" echo "" # 1. CHECK SERVICES echo "1. SERVICE STATUS" echo "=======================================================================" echo "" echo "Backend Service:" systemctl is-active church-music-backend && echo " ✅ RUNNING" || echo " ❌ NOT RUNNING" systemctl is-enabled church-music-backend && echo " Enabled: YES" || echo " Enabled: NO" echo "" echo "Nginx Service:" systemctl is-active nginx && echo " ✅ RUNNING" || echo " ❌ NOT RUNNING" echo "" # 2. CHECK PROCESSES echo "2. RUNNING PROCESSES" echo "=======================================================================" echo "" echo "Node processes:" ps aux | grep -E "node.*server" | grep -v grep || echo " ❌ No Node server running" echo "" echo "Nginx processes:" ps aux | grep nginx | grep -v grep | head -3 || echo " ❌ No Nginx running" echo "" # 3. CHECK PORTS echo "3. PORT BINDINGS" echo "=======================================================================" echo "" echo "Port 8080 (Backend):" netstat -tlnp 2>/dev/null | grep ":8080" || echo " ❌ Port 8080 not listening" echo "" echo "Port 443 (HTTPS):" netstat -tlnp 2>/dev/null | grep ":443" || echo " ❌ Port 443 not listening" echo "" echo "Port 5100 (Frontend Dev):" netstat -tlnp 2>/dev/null | grep ":5100" || echo " ❌ Port 5100 not listening" echo "" # 4. CHECK NGINX CONFIG echo "4. NGINX CONFIGURATION" echo "=======================================================================" echo "" echo "Enabled sites:" ls -la /etc/nginx/sites-enabled/ echo "" echo "Testing Nginx config:" nginx -t 2>&1 echo "" # 5. CHECK FIREWALL echo "5. FIREWALL RULES" echo "=======================================================================" echo "" echo "UFW Status:" ufw status 2>/dev/null || echo " UFW not active" echo "" echo "IPTables rules (first 10):" iptables -L -n 2>/dev/null | head -15 || echo " Cannot read iptables" echo "" # 6. TEST BACKEND DIRECTLY echo "6. BACKEND DIRECT TEST" echo "=======================================================================" echo "" echo "Testing http://localhost:8080/health:" HEALTH=$(curl -s -m 5 http://localhost:8080/health 2>&1) if [ $? -eq 0 ]; then echo " ✅ Backend responding: $HEALTH" else echo " ❌ Backend not responding: $HEALTH" fi echo "" # 7. TEST AUTHENTICATION echo "7. AUTHENTICATION TEST" echo "=======================================================================" echo "" echo "Testing login endpoint:" LOGIN_RESPONSE=$(curl -s -m 10 -X POST http://localhost:8080/api/auth/login \ -H "Content-Type: application/json" \ -d '{"username":"hop","password":"hopWorship2024"}' 2>&1) if echo "$LOGIN_RESPONSE" | grep -q "token"; then echo " ✅ Login works" TOKEN=$(echo "$LOGIN_RESPONSE" | grep -o '"token":"[^"]*"' | cut -d'"' -f4) echo " Token: ${TOKEN:0:40}..." else echo " ❌ Login failed: $LOGIN_RESPONSE" TOKEN="" fi echo "" # 8. TEST DELETE ENDPOINT (DIRECT BACKEND) echo "8. DELETE ENDPOINT TEST (DIRECT BACKEND)" echo "=======================================================================" echo "" if [ -n "$TOKEN" ]; then echo "Testing DELETE via localhost:8080:" DELETE_RESPONSE=$(curl -s -w "\nHTTP_STATUS:%{http_code}" -m 10 -X DELETE \ "http://localhost:8080/api/lists/24474ea3-6f34-4704-ac48-a80e1225d79e/songs/9831e027-aeb1-48a0-8763-fd3120f29692" \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" 2>&1) HTTP_CODE=$(echo "$DELETE_RESPONSE" | grep "HTTP_STATUS:" | cut -d: -f2) BODY=$(echo "$DELETE_RESPONSE" | grep -v "HTTP_STATUS:") echo " Status: $HTTP_CODE" echo " Response: $BODY" if [ "$HTTP_CODE" = "200" ]; then echo " ✅ DELETE works on backend!" elif [ "$HTTP_CODE" = "403" ]; then echo " ❌ Backend returning 403 - auth middleware issue" elif [ "$HTTP_CODE" = "401" ]; then echo " ⚠️ Backend returning 401 - token issue" else echo " ⚠️ Unexpected status: $HTTP_CODE" fi else echo " ⚠️ Cannot test - no token available" fi echo "" # 9. TEST DELETE VIA NGINX echo "9. DELETE ENDPOINT TEST (VIA NGINX/HTTPS)" echo "=======================================================================" echo "" if [ -n "$TOKEN" ]; then echo "Testing DELETE via https://houseofprayer.ddns.net:" DELETE_NGINX=$(curl -s -w "\nHTTP_STATUS:%{http_code}" -m 10 -X DELETE \ "https://houseofprayer.ddns.net/api/lists/24474ea3-6f34-4704-ac48-a80e1225d79e/songs/9831e027-aeb1-48a0-8763-fd3120f29692" \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" 2>&1) HTTP_CODE_NGINX=$(echo "$DELETE_NGINX" | grep "HTTP_STATUS:" | cut -d: -f2) BODY_NGINX=$(echo "$DELETE_NGINX" | grep -v "HTTP_STATUS:") echo " Status: $HTTP_CODE_NGINX" echo " Response: $BODY_NGINX" if [ "$HTTP_CODE_NGINX" = "200" ]; then echo " ✅ DELETE works via Nginx!" elif [ "$HTTP_CODE_NGINX" = "403" ]; then echo " ❌ Nginx returning 403 - THIS IS THE PROBLEM!" echo " Issue is in Nginx configuration or Nginx is blocking the request" else echo " ⚠️ Status: $HTTP_CODE_NGINX" fi else echo " ⚠️ Cannot test - no token available" fi echo "" # 10. CHECK NGINX ERROR LOGS echo "10. RECENT NGINX ERROR LOGS" echo "=======================================================================" echo "" tail -20 /var/log/nginx/error.log 2>/dev/null || echo " Cannot read Nginx error log" echo "" # 11. CHECK BACKEND LOGS echo "11. RECENT BACKEND LOGS" echo "=======================================================================" echo "" journalctl -u church-music-backend -n 30 --no-pager 2>/dev/null || echo " Cannot read backend logs" echo "" # 12. CHECK BACKEND CODE echo "12. BACKEND CODE VERIFICATION" echo "=======================================================================" echo "" echo "Checking if authenticate middleware is imported in routes/lists.js:" grep -n "authenticate" /media/pts/Website/Church_HOP_MusicData/new-site/backend/routes/lists.js | head -5 echo "" echo "Checking DELETE route definition:" grep -A 2 'router.delete.*/:id/songs/:songId' /media/pts/Website/Church_HOP_MusicData/new-site/backend/routes/lists.js echo "" # 13. RECOMMENDATIONS echo "=======================================================================" echo "DIAGNOSTIC COMPLETE - ANALYSIS" echo "=======================================================================" echo "" # Analyze results if [ "$HTTP_CODE" = "200" ] && [ "$HTTP_CODE_NGINX" = "403" ]; then echo "🎯 ROOT CAUSE IDENTIFIED:" echo " - Backend DELETE works correctly (returns 200)" echo " - Nginx is blocking the request (returns 403)" echo " - Problem: Nginx configuration issue" echo "" echo "SOLUTION:" echo " 1. Deploy the corrected Nginx config" echo " 2. Reload Nginx" echo "" echo "Run these commands:" echo " sudo cp /media/pts/Website/Church_HOP_MusicData/new-site/nginx-ssl.conf /etc/nginx/sites-available/church-music-ssl" echo " sudo ln -sf /etc/nginx/sites-available/church-music-ssl /etc/nginx/sites-enabled/church-music-ssl" echo " sudo nginx -t && sudo systemctl reload nginx" elif [ "$HTTP_CODE" = "403" ]; then echo "🎯 ROOT CAUSE IDENTIFIED:" echo " - Backend is returning 403" echo " - Problem: Backend authentication middleware issue" echo "" echo "SOLUTION:" echo " 1. Restart backend to load new code" echo " 2. Verify authenticate middleware is working" echo "" echo "Run: sudo systemctl restart church-music-backend" elif [ -z "$TOKEN" ]; then echo "⚠️ CANNOT DIAGNOSE:" echo " - Backend login failed" echo " - Cannot get authentication token" echo " - Check backend is running and database is accessible" else echo "⚠️ UNEXPECTED RESULTS:" echo " - Backend status: $HTTP_CODE" echo " - Nginx status: $HTTP_CODE_NGINX" echo " - Review logs above for details" fi echo "" echo "=======================================================================" echo "Full report saved to: $OUTPUT_FILE" echo "======================================================================="