v0.9.3 db and web fixes for deployment

v0.9.2 web and wasm changes for deployment
v0.9.1 web ui fixes and improvements
2026-02-28 01:37:40 -05:00 · 2026-02-27 18:35:49 -05:00 · 2026-02-25 10:27:52 -05:00
12 changed files with 119 additions and 61 deletions
--- a/cmd/chess-client-cli/main.go
+++ b/cmd/chess-client-cli/main.go
@ -30,8 +30,8 @@ func runClient() (restart bool) {
 	}()

 	s := &session.Session{
-		APIBaseURL: "http://localhost:8080",
-		Client:     api.New("http://localhost:8080"),
+		APIBaseURL: defaultAPIBase,
+		Client:     api.New(defaultAPIBase),
 		Verbose:    false,
 	}

@ -133,3 +133,4 @@ func buildPrompt(s *session.Session) string {

 	return display.Prompt(b.String())
 }
+
--- a/cmd/chess-client-cli/url_native.go
+++ b/cmd/chess-client-cli/url_native.go
@ -0,0 +1,5 @@
+//go:build !js
+
+package main
+
+const defaultAPIBase = "http://localhost:8080"
--- a/cmd/chess-client-cli/url_wasm.go
+++ b/cmd/chess-client-cli/url_wasm.go
@ -0,0 +1,11 @@
+//go:build js && wasm
+
+package main
+
+import "syscall/js"
+
+// Derive base URL from the page's own origin at runtime
+// When served via nginx at domain.com, origin = "https://domain.com"
+// and the chess API proxy lives at /chess — so BaseURL = "https://comain.com/chess".
+// Works correctly for any deployment domain without rebuilding
+var defaultAPIBase = js.Global().Get("location").Get("origin").String() + "/chess"
--- a/cmd/chess-server/main.go
+++ b/cmd/chess-server/main.go
@ -75,6 +75,9 @@ func main() {
 		if err != nil {
 			log.Fatalf("Failed to initialize storage: %v", err)
 		}
+		if err := store.InitDB(); err != nil {
+			log.Fatalf("Failed to initialize schema: %v", err)
+		}
 		defer func() {
 			if err := store.Close(); err != nil {
 				log.Printf("Warning: failed to close storage cleanly: %v", err)
@ -190,3 +193,4 @@ func main() {

 	log.Println("Servers exited")
 }
+
--- a/go.mod
+++ b/go.mod
@ -1,6 +1,6 @@
 module chess

-go 1.25.4
+go 1.26.0

 require (
 	github.com/go-playground/validator/v10 v10.30.1
--- a/internal/server/http/auth.go
+++ b/internal/server/http/auth.go
@ -1,6 +1,7 @@
 package http

 import (
+	"errors"
 	"fmt"
 	"regexp"
 	"strings"
@ -93,6 +94,13 @@ func (h *HTTPHandler) RegisterHandler(c *fiber.Ctx) error {
 	// Create user (temp by default via API)
 	user, err := h.svc.CreateUser(req.Username, req.Email, req.Password, false)
 	if err != nil {
+		if errors.Is(err, service.ErrAtCapacity) || errors.Is(err, service.ErrPermanentSlotsFull) {
+			return c.Status(fiber.StatusServiceUnavailable).JSON(core.ErrorResponse{
+				Error:   "registration temporarily unavailable",
+				Code:    core.ErrResourceLimit,
+				Details: err.Error(),
+			})
+		}
 		if strings.Contains(err.Error(), "already exists") {
 			return c.Status(fiber.StatusConflict).JSON(core.ErrorResponse{
 				Error:   "user already exists",
@ -100,13 +108,6 @@ func (h *HTTPHandler) RegisterHandler(c *fiber.Ctx) error {
 				Details: "username or email already taken",
 			})
 		}
-		if strings.Contains(err.Error(), "limit") || strings.Contains(err.Error(), "capacity") {
-			return c.Status(fiber.StatusServiceUnavailable).JSON(core.ErrorResponse{
-				Error:   "registration temporarily unavailable",
-				Code:    core.ErrResourceLimit,
-				Details: err.Error(),
-			})
-		}
 		return c.Status(fiber.StatusInternalServerError).JSON(core.ErrorResponse{
 			Error: "failed to create user",
 			Code:  core.ErrInternalError,
@ -262,3 +263,4 @@ func (h *HTTPHandler) LogoutHandler(c *fiber.Ctx) error {

 	return c.JSON(fiber.Map{"message": "logged out"})
 }
+
--- a/internal/server/http/handler.go
+++ b/internal/server/http/handler.go
@ -36,9 +36,9 @@ func NewFiberApp(proc *processor.Processor, svc *service.Service, devMode bool)
 	// Initialize Fiber app
 	app := fiber.New(fiber.Config{
 		ErrorHandler: customErrorHandler,
-		ReadTimeout:  10 * time.Second,
-		WriteTimeout: 10 * time.Second,
-		IdleTimeout:  30 * time.Second,
+		ReadTimeout:  15 * time.Second,
+		WriteTimeout: 35 * time.Second,
+		IdleTimeout:  60 * time.Second,
 	})

 	// Global middleware (order matters)
@ -518,3 +518,4 @@ func (h *HTTPHandler) GetBoard(c *fiber.Ctx) error {

 	return c.JSON(resp.Data)
 }
+
--- a/internal/server/processor/queue.go
+++ b/internal/server/processor/queue.go
@ -90,7 +90,7 @@ func (q *EngineQueue) worker(id int) {
 			// Send result if receiver still listening
 			select {
 			case task.Response <- result:
-			case <-time.After(100 * time.Millisecond):
+			case <-time.After(15 * time.Millisecond):
 				// Receiver abandoned, discard result
 			}

@ -206,3 +206,4 @@ func (q *EngineQueue) Shutdown(timeout time.Duration) error {
 		return fmt.Errorf("shutdown timeout exceeded")
 	}
 }
+
--- a/internal/server/service/user.go
+++ b/internal/server/service/user.go
@ -1,6 +1,7 @@
 package service

 import (
+	"errors"
 	"fmt"
 	"strings"
 	"time"
@ -11,6 +12,12 @@ import (
 	"github.com/lixenwraith/auth"
 )

+var (
+	ErrStorageDisabled    = errors.New("storage disabled")
+	ErrAtCapacity         = errors.New("at capacity")
+	ErrPermanentSlotsFull = errors.New("permanent slots full")
+)
+
 // User represents a registered user account
 type User struct {
 	UserID      string
@ -24,13 +31,13 @@ type User struct {
 // CreateUser creates new user with registration limits enforcement
 func (s *Service) CreateUser(username, email, password string, permanent bool) (*User, error) {
 	if s.store == nil {
-		return nil, fmt.Errorf("storage disabled")
+		return nil, ErrStorageDisabled
 	}

 	// Check registration limits
 	total, permCount, _, err := s.store.GetUserCounts()
 	if err != nil {
-		return nil, fmt.Errorf("failed to check user limits: %w", err)
+		return nil, fmt.Errorf("failed to get user count: %w", err)
 	}

 	// Determine account type
@ -39,7 +46,7 @@ func (s *Service) CreateUser(username, email, password string, permanent bool) (

 	if permanent {
 		if permCount >= PermanentSlots {
-			return nil, fmt.Errorf("permanent user slots full (%d/%d)", permCount, PermanentSlots)
+			return nil, fmt.Errorf("%w (%d/%d)", ErrPermanentSlotsFull, permCount, PermanentSlots)
 		}
 		accountType = "permanent"
 	} else {
@ -50,7 +57,7 @@ func (s *Service) CreateUser(username, email, password string, permanent bool) (
 	// Handle capacity - remove oldest temp user if at max
 	if total >= MaxUsers {
 		if err := s.removeOldestTempUser(); err != nil {
-			return nil, fmt.Errorf("at capacity and cannot make room: %w", err)
+			return nil, fmt.Errorf("%w: %v", ErrAtCapacity, err)
 		}
 	}

@ -276,3 +283,4 @@ func (s *Service) CreateUserSession(userID string) (string, error) {

 	return sessionID, nil
 }
+
--- a/internal/server/service/waiter.go
+++ b/internal/server/service/waiter.go
@ -9,7 +9,7 @@ import (

 const (
 	// WaitTimeout is the maximum time a client can wait for notifications
-	WaitTimeout = 25 * time.Second
+	WaitTimeout = 30 * time.Second

 	// WaitChannelBuffer size for notification channels
 	WaitChannelBuffer = 1
@ -175,3 +175,4 @@ func (w *WaitRegistry) removeWaiter(gameID string, req *WaitRequest) {
 	// Stop timer if still running
 	req.Timer.Stop()
 }
+
--- a/internal/server/storage/user.go
+++ b/internal/server/storage/user.go
@ -27,8 +27,8 @@ func DefaultUserLimits() UserLimits {
 func (s *Store) GetUserCounts() (total, permanent, temp int, err error) {
 	query := `SELECT 
 	    COUNT(*) as total,
-		SUM(CASE WHEN account_type = 'permanent' THEN 1 ELSE 0 END) as permanent,
-		SUM(CASE WHEN account_type = 'temp' THEN 1 ELSE 0 END) as temp
+	    COALESCE(SUM(CASE WHEN account_type = 'permanent' THEN 1 ELSE 0 END), 0) as permanent,
+	    COALESCE(SUM(CASE WHEN account_type = 'temp' THEN 1 ELSE 0 END), 0) as temp
 	FROM users`

 	err = s.db.QueryRow(query).Scan(&total, &permanent, &temp)
@ -38,6 +38,7 @@ func (s *Store) GetUserCounts() (total, permanent, temp int, err error) {
 // GetOldestTempUser returns the oldest temporary user for replacement
 func (s *Store) GetOldestTempUser() (*UserRecord, error) {
 	var user UserRecord
+	var email sql.NullString
 	query := `SELECT user_id, username, email, password_hash, account_type, created_at, expires_at, last_login_at
 		FROM users 
 		WHERE account_type = 'temp'
@ -45,13 +46,14 @@ func (s *Store) GetOldestTempUser() (*UserRecord, error) {
 		LIMIT 1`

 	err := s.db.QueryRow(query).Scan(
-		&user.UserID, &user.Username, &user.Email,
+		&user.UserID, &user.Username, &email,
 		&user.PasswordHash, &user.AccountType, &user.CreatedAt,
 		&user.ExpiresAt, &user.LastLoginAt,
 	)
 	if err != nil {
 		return nil, err
 	}
+	user.Email = email.String
 	return &user, nil
 }

@ -165,14 +167,16 @@ func (s *Store) GetAllUsers() ([]UserRecord, error) {
 	var users []UserRecord
 	for rows.Next() {
 		var user UserRecord
+		var email sql.NullString
 		err := rows.Scan(
-			&user.UserID, &user.Username, &user.Email,
+			&user.UserID, &user.Username, &email,
 			&user.PasswordHash, &user.AccountType, &user.CreatedAt,
 			&user.ExpiresAt, &user.LastLoginAt,
 		)
 		if err != nil {
 			return nil, err
 		}
+		user.Email = email.String
 		users = append(users, user)
 	}

@ -192,51 +196,57 @@ func (s *Store) UpdateUserLastLoginSync(userID string, loginTime time.Time) erro
 // GetUserByUsername retrieves user by username with case-insensitive matching
 func (s *Store) GetUserByUsername(username string) (*UserRecord, error) {
 	var user UserRecord
+	var email sql.NullString
 	query := `SELECT user_id, username, email, password_hash, account_type, created_at, expires_at, last_login_at
 		FROM users WHERE username = ? COLLATE NOCASE`

 	err := s.db.QueryRow(query, username).Scan(
-		&user.UserID, &user.Username, &user.Email,
+		&user.UserID, &user.Username, &email,
 		&user.PasswordHash, &user.AccountType, &user.CreatedAt,
 		&user.ExpiresAt, &user.LastLoginAt,
 	)
 	if err != nil {
 		return nil, err
 	}
+	user.Email = email.String
 	return &user, nil
 }

 // GetUserByEmail retrieves user by email with case-insensitive matching
 func (s *Store) GetUserByEmail(email string) (*UserRecord, error) {
 	var user UserRecord
+	var emailNull sql.NullString
 	query := `SELECT user_id, username, email, password_hash, account_type, created_at, expires_at, last_login_at
 		FROM users WHERE email = ? COLLATE NOCASE`

 	err := s.db.QueryRow(query, email).Scan(
-		&user.UserID, &user.Username, &user.Email,
+		&user.UserID, &user.Username, &emailNull,
 		&user.PasswordHash, &user.AccountType, &user.CreatedAt,
 		&user.ExpiresAt, &user.LastLoginAt,
 	)
 	if err != nil {
 		return nil, err
 	}
+	user.Email = emailNull.String
 	return &user, nil
 }

 // GetUserByID retrieves user by unique user ID
 func (s *Store) GetUserByID(userID string) (*UserRecord, error) {
 	var user UserRecord
+	var email sql.NullString
 	query := `SELECT user_id, username, email, password_hash, account_type, created_at, expires_at, last_login_at
 		FROM users WHERE user_id = ?`

 	err := s.db.QueryRow(query, userID).Scan(
-		&user.UserID, &user.Username, &user.Email,
+		&user.UserID, &user.Username, &email,
 		&user.PasswordHash, &user.AccountType, &user.CreatedAt,
 		&user.ExpiresAt, &user.LastLoginAt,
 	)
 	if err != nil {
 		return nil, err
 	}
+	user.Email = email.String
 	return &user, nil
 }

--- a/internal/server/webserver/chess-client-web/app.js
+++ b/internal/server/webserver/chess-client-web/app.js
@ -28,6 +28,9 @@ document.addEventListener('DOMContentLoaded', async () => {
    const config = await getConfig();
    gameState.apiUrl = config.apiUrl;

+    // Check for existing session on load
+    restoreAuthSession();
+
    document.getElementById('new-game-btn').addEventListener('click', showNewGameModal);
    document.getElementById('undo-btn').addEventListener('click', undoMoves);
    document.getElementById('start-game-btn').addEventListener('click', startNewGame);
@ -55,8 +58,6 @@ document.getElementById('register-submit-btn').addEventListener('click', handleR
 document.getElementById('auth-cancel-btn').addEventListener('click', hideAuthModal);
 document.getElementById('auth-cancel-btn-2').addEventListener('click', hideAuthModal);

-// Check for existing session on load
-restoreAuthSession();

 // Auth functions
 function restoreAuthSession() {
@ -117,6 +118,8 @@ function handleAuthClick() {
 function showAuthModal() {
    document.getElementById('auth-modal-overlay').classList.add('show');
    document.getElementById('login-identifier').focus();
+    // Remove first to prevent duplicate registrations
+    document.removeEventListener('keydown', handleAuthModalKeydown);
    document.addEventListener('keydown', handleAuthModalKeydown);
 }

@ -152,6 +155,15 @@ function switchAuthTab(tab) {
    document.getElementById('register-form').style.display = tab === 'register' ? 'block' : 'none';
 }

+// Shared helper: safely parse error response regardless of Content-Type
+async function parseErrorResponse(response) {
+    try {
+        return await response.json();
+    } catch {
+        return { error: `Server error (${response.status})`, details: null };
+    }
+}
+
 async function handleLogin() {
    const identifier = document.getElementById('login-identifier').value.trim();
    const password = document.getElementById('login-password').value;
@ -161,6 +173,9 @@ async function handleLogin() {
        return;
    }

+    const submitBtn = document.getElementById('login-submit-btn');
+    submitBtn.disabled = true;
+
    try {
        const response = await fetch(`${gameState.apiUrl}/api/v1/auth/login`, {
            method: 'POST',
@ -169,8 +184,8 @@ async function handleLogin() {
        });

        if (!response.ok) {
-            const err = await response.json();
-            flashErrorMessage(err.error || 'Login failed');
+            const err = await parseErrorResponse(response);
+            flashErrorMessage(err.details || err.error || 'Login failed', 3000);
            return;
        }

@ -183,6 +198,8 @@ async function handleLogin() {
        hideAuthModal();
    } catch (error) {
        flashErrorMessage('Connection failed');
+    } finally {
+        submitBtn.disabled = false;
    }
 }

@ -195,11 +212,17 @@ async function handleRegister() {
        flashErrorMessage('Username and password required');
        return;
    }
-
    if (password.length < 8) {
        flashErrorMessage('Password min 8 chars');
        return;
    }
+    if (!/[a-zA-Z]/.test(password) || !/[0-9]/.test(password)) {
+        flashErrorMessage('Password needs a letter and number');
+        return;
+    }
+
+    const submitBtn = document.getElementById('register-submit-btn');
+    submitBtn.disabled = true;

    try {
        const body = { username, password };
@ -212,8 +235,8 @@ async function handleRegister() {
        });

        if (!response.ok) {
-            const err = await response.json();
-            flashErrorMessage(err.details || err.error || 'Registration failed');
+            const err = await parseErrorResponse(response);
+            flashErrorMessage(err.details || err.error || 'Registration failed', 3000);
            return;
        }

@ -226,6 +249,8 @@ async function handleRegister() {
        hideAuthModal();
    } catch (error) {
        flashErrorMessage('Connection failed');
+    } finally {
+        submitBtn.disabled = false;
    }
 }

@ -252,17 +277,7 @@ function authFetch(url, options = {}) {
 }

 async function getConfig() {
-    try {
-        const response = await fetch('/config');
-        const contentType = response.headers.get('content-type') || '';
-        if (!response.ok || !contentType.includes('application/json')) {
-            throw new Error(`unexpected response: ${response.status} ${contentType}`);
-        }
-        return await response.json();
-    } catch (error) {
-        console.error('Failed to get config:', error);
-        return { apiUrl: 'http://localhost:8080' };
-    }
+    return { apiUrl: '/chess' };
 }

 function startHealthCheck() {
@ -972,18 +987,17 @@ function handleApiError(action, error, response = null) {
    };
 }

-function flashErrorMessage(message) {
+function flashErrorMessage(message, duration = 1500) {
    const overlay = document.getElementById('error-flash-overlay');
    const messageEl = document.getElementById('error-flash-message');

-    // Set message text
    messageEl.textContent = message;
-
-    // Show overlay
    overlay.classList.add('show');

-    // Auto-hide after animation completes
-    setTimeout(() => {
+    // Clear any pending timeout to avoid premature hide on rapid calls
+    if (overlay._flashTimeout) clearTimeout(overlay._flashTimeout);
+    overlay._flashTimeout = setTimeout(() => {
        overlay.classList.remove('show');
-    }, 1500);
+        overlay._flashTimeout = null;
+    }, duration);
 }
Author	SHA256	Message	Date
Lixen Wraith	f82091a9bd	v0.9.3 db and web fixes for deployment	2026-02-28 01:37:40 -05:00
Lixen Wraith	16fc069a8f	v0.9.2 web and wasm changes for deployment	2026-02-27 18:35:49 -05:00
Lixen Wraith	fc8a6ba6a6	v0.9.1 web ui fixes and improvements	2026-02-25 10:27:52 -05:00