- Fix login/register to treat usernames case-insensitively (HeagBoKaT == heagbokat) using LOWER() in SQL with JS .toLowerCase() for Unicode safety - Add helmet for HTTP security headers and express-rate-limit on auth endpoints (20 req / 15 min) to prevent brute-force - Lock CORS to ALLOWED_ORIGIN env var; warn if JWT_SECRET is the default dev key - Serve built client/dist from Express so a single PM2 process handles everything - Add deploy.sh, README.md with full first-run and auto-restart instructions, and server/.env.example Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
21 lines
399 B
Bash
21 lines
399 B
Bash
#!/bin/bash
|
|
set -e
|
|
|
|
echo "==> Pulling latest changes..."
|
|
git pull
|
|
|
|
echo "==> Installing server dependencies..."
|
|
npm install --prefix server
|
|
|
|
echo "==> Installing client dependencies..."
|
|
npm install --prefix client
|
|
|
|
echo "==> Building client..."
|
|
npm run build
|
|
|
|
echo "==> Restarting PM2 process..."
|
|
sudo pm2 restart cats
|
|
sudo pm2 save
|
|
|
|
echo "==> Done! Site updated at http://cats.heagbokat-server.ru"
|