Fix admin route access and backend configuration

- Added /admin redirect to login page in nginx config - Fixed backend server.js route ordering for proper admin handling - Updated authentication middleware and routes - Added user management routes - Configured PostgreSQL integration - Updated environment configuration
2025-12-13 22:34:11 -06:00
parent 8bb6430a70
commit 703ab57984
253 changed files with 29870 additions and 157 deletions
--- a/nginx-skyartshop-secured.conf
+++ b/nginx-skyartshop-secured.conf
@@ -65,6 +65,47 @@ server {
        deny all;
    }

+    # Admin root redirect - exact matches for /admin and /admin/
+    location = /admin {
+        limit_req zone=admin burst=10 nodelay;
+        
+        proxy_pass http://skyartshop_backend;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection keep-alive;
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Real-IP $remote_addr;
+        
+        proxy_connect_timeout 60s;
+        proxy_send_timeout 60s;
+        proxy_read_timeout 60s;
+        
+        client_max_body_size 1M;
+    }
+
+    location = /admin/ {
+        limit_req zone=admin burst=10 nodelay;
+        
+        proxy_pass http://skyartshop_backend;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection keep-alive;
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Real-IP $remote_addr;
+        
+        proxy_connect_timeout 60s;
+        proxy_send_timeout 60s;
+        proxy_read_timeout 60s;
+        
+        client_max_body_size 1M;
+    }
+
    # Admin login with strict rate limiting
    location = /admin/login {
        limit_req zone=login burst=2 nodelay;
@@ -87,8 +128,8 @@ server {
        client_max_body_size 1M;
    }

-    # Admin area with stricter rate limiting
-    location /admin {
+    # Admin area with stricter rate limiting (handles all other /admin/* paths)
+    location /admin/ {
        limit_req zone=admin burst=10 nodelay;
        
        proxy_pass http://skyartshop_backend;