feat: enhance Socket.IO configuration and API handling

- Introduced a new function to build Socket.IO client options, streamlining the connection setup.
- Updated the resolveSocketApiOrigin function to improve API origin resolution based on public configuration.
- Enhanced logging during Socket.IO connection events to include transport details.
- Refactored socket connection logic in various components to utilize the new client options function for better maintainability.

Author: tacxou

apps/web/nuxt.config.ts

@@ -7,8 +7,11 @@ import setupApp from './src/server/extension.setup'
 import { loadingBarHijackFilter } from './src/composables/useLoadingBarHijackFilter'
 
 const SESAME_APP_API_URL = process.env.SESAME_APP_API_URL || 'http://127.0.0.1:4000'
-/** URL API exposée au navigateur (WebSocket). Ex. http://mactacx:4002 si l'API est joignable sur ce host. */
+const SESAME_APP_API_URL_PARSED = new URL(SESAME_APP_API_URL)
+/** URL API exposée au navigateur (WebSocket). Ex. http://mactacx:4002 (Docker) ou :4000 (API native). */
 const SESAME_APP_PUBLIC_API_URL = process.env.SESAME_APP_PUBLIC_API_URL || ''
+/** Port API vu depuis le navigateur (Docker : 4002 mappé, interne API : 4000). */
+const SESAME_APP_PUBLIC_API_PORT = process.env.SESAME_APP_PUBLIC_API_PORT || ''
 const SESAME_ALLOWED_HOSTS = process.env.SESAME_ALLOWED_HOSTS ? process.env.SESAME_ALLOWED_HOSTS.split(',') : []
 const SOCKET_IO_PROXY_TARGET = SESAME_APP_API_URL.replace(/\/$/, '')
 const IS_DEV = process.env.NODE_ENV === 'development'
@@ -18,6 +21,7 @@ if (SESAME_ALLOWED_HOSTS.length === 0 && !/localhost/.test(SESAME_APP_API_URL) &
 }
 
 consola.info(`[Nuxt] SESAME_APP_API_URL: ${SESAME_APP_API_URL}`)
+consola.info(`[Nuxt] Socket.IO public port: ${SESAME_APP_PUBLIC_API_PORT || SESAME_APP_API_URL_PARSED.port || '4000'}`)
 consola.info(`[Nuxt] SESAME_ALLOWED_HOSTS: ${SESAME_ALLOWED_HOSTS}`)
 
 let SESAME_APP_DARK_MODE: 'auto' | boolean = false
@@ -81,6 +85,9 @@ export default defineNuxtConfig({
     public: {
       release: process.env.npm_package_name + '@' + process.env.npm_package_version,
       socketApiUrl: SESAME_APP_PUBLIC_API_URL,
+      socketApiPort: SESAME_APP_API_URL_PARSED.port || (SESAME_APP_API_URL_PARSED.protocol === 'https:' ? '443' : '4000'),
+      socketPublicApiPort: SESAME_APP_PUBLIC_API_PORT || SESAME_APP_API_URL_PARSED.port || (SESAME_APP_API_URL_PARSED.protocol === 'https:' ? '443' : '4000'),
+      socketApiProtocol: SESAME_APP_API_URL_PARSED.protocol,
       sentry: {
         dsn: process.env.SESAME_SENTRY_DSN,
       },

apps/web/src/composables/useSocketApiOrigin.ts

@@ -1,18 +1,84 @@
+import type { ManagerOptions, SocketOptions } from 'socket.io-client'
+import { tryUseNuxtApp, useAppConfig, useRuntimeConfig } from '#app'
+
+/** WebSocket d'abord ; Socket.IO repasse en long-polling si le proxy bloque l'upgrade. */
+export const SOCKET_IO_TRANSPORTS = ['websocket', 'polling'] as const
+
+export function buildSocketIoClientOptions(auth: { id: string; key: string }): Partial<ManagerOptions & SocketOptions> {
+  return {
+    path: '/socket.io',
+    query: { id: String(auth.id), key: String(auth.key) },
+    transports: [...SOCKET_IO_TRANSPORTS],
+    reconnectionAttempts: 10,
+  }
+}
+
+type PublicRuntimeConfig = ReturnType<typeof useRuntimeConfig>['public']
+
+function readPublicRuntimeConfig(): PublicRuntimeConfig {
+  const nuxtApp = tryUseNuxtApp()
+  if (nuxtApp?.$config?.public) {
+    return nuxtApp.$config.public as PublicRuntimeConfig
+  }
+
+  if (import.meta.client) {
+    const injected = (window as { __NUXT__?: { config?: { public?: PublicRuntimeConfig } } }).__NUXT__?.config?.public
+    if (injected) {
+      return injected
+    }
+  }
+
+  return useRuntimeConfig().public
+}
+
+function resolveBrowserApiPort(publicConfig: PublicRuntimeConfig): number {
+  const publicPort = Number(publicConfig.socketPublicApiPort)
+  if (publicPort > 0) {
+    return publicPort
+  }
+
+  const internalPort = Number(publicConfig.socketApiPort)
+  if (internalPort > 0) {
+    return internalPort
+  }
+
+  return 4000
+}
+
+function resolveDirectApiOrigin(hostname: string, publicConfig: PublicRuntimeConfig): string {
+  const protocol = `${publicConfig.socketApiProtocol || 'http:'}`
+  const port = resolveBrowserApiPort(publicConfig)
+  return `${protocol}//${hostname}:${port}`
+}
+
 /**
  * Origine Socket.IO côté navigateur.
- * Par défaut : même origine que le front (Nitro/Vite proxifient `/socket.io` vers l'API).
- * Si `SESAME_APP_PUBLIC_API_URL` est défini : connexion directe à l'API (requis quand le
- * reverse-proxy route `/socket.io` vers le port 4000 ou que le proxy Nitro n'est pas joignable).
+ *
+ * Priorité :
+ * 1. `SESAME_APP_PUBLIC_API_URL` si défini (prod / reverse-proxy).
+ * 2. En dev, si le front et l'API publique sont sur des ports différents : connexion directe
+ *    (ex. front `mactacx:3002` → API `mactacx:4002` via `SESAME_APP_PUBLIC_API_PORT`).
+ * 3. Sinon : même origine que le front (Nitro proxifie `/socket.io` en long-polling).
+ *
+ * Note : `SESAME_APP_API_URL` (port interne, ex. 4000 dans Docker) sert au proxy serveur Nuxt,
+ * pas à l'origine Socket.IO du navigateur.
  */
 export function resolveSocketApiOrigin(): string {
-  const runtimeConfig = useRuntimeConfig()
-  const configuredPublic = `${runtimeConfig.public.socketApiUrl || ''}`.trim()
+  const publicConfig = readPublicRuntimeConfig()
+  const configuredPublic = `${publicConfig.socketApiUrl || ''}`.trim()
 
   if (configuredPublic) {
     return new URL(configuredPublic).origin
   }
 
   if (import.meta.client) {
+    const apiPort = resolveBrowserApiPort(publicConfig)
+    const frontPort = Number(window.location.port) || (window.location.protocol === 'https:' ? 443 : 80)
+
+    if (import.meta.dev && frontPort !== apiPort) {
+      return resolveDirectApiOrigin(window.location.hostname, publicConfig)
+    }
+
     return window.location.origin
   }
 

apps/web/src/composables/useSocketIoDebug.ts

@@ -147,7 +147,10 @@ export function attachSocketIoDebug(socket: Socket, namespace: string): void {
   })
 
   socket.on('connect', () => {
-    maybeLog('lifecycle', 'connect', { socketId: socket.id })
+    maybeLog('lifecycle', 'connect', {
+      socketId: socket.id,
+      transport: socket.io.engine.transport.name,
+    })
   })
 
   socket.on('disconnect', (reason) => {

apps/web/src/layouts/default.vue

@@ -24,7 +24,7 @@ import { IdentityState } from '~/constants/enums'
 import { useIdentityStateStore } from '~/stores/identityState'
 import { loadingBarDefaults } from '~/composables/useLoadingBarHijackFilter'
 import { attachSocketIoDebug } from '~/composables/useSocketIoDebug'
-import { resolveSocketApiOrigin } from '~/composables/useSocketApiOrigin'
+import { buildSocketIoClientOptions, resolveSocketApiOrigin } from '~/composables/useSocketApiOrigin'
 import { io, type Socket } from 'socket.io-client'
 
 export default defineNuxtComponent({
@@ -159,12 +159,7 @@ export default defineNuxtComponent({
 
         this.disconnectBackendsSocket()
 
-        this.socket = io(`${resolveSocketApiOrigin()}/core/backends`, {
-          path: '/socket.io',
-          query: { id: String(id), key: String(key) },
-          transports: ['polling'],
-          reconnectionAttempts: 10,
-        })
+        this.socket = io(`${resolveSocketApiOrigin()}/core/backends`, buildSocketIoClientOptions({ id, key }))
         attachSocketIoDebug(this.socket, '/core/backends')
         this.socket.on('connect', () => {
           Object.assign(this.daemonStatus, { checking: true })

apps/web/src/pages/settings/cron.vue

@@ -220,7 +220,7 @@
 import type { LocationQueryValue } from 'vue-router'
 import { reactive, ref } from 'vue'
 import { attachSocketIoDebug } from '~/composables/useSocketIoDebug'
-import { resolveSocketApiOrigin } from '~/composables/useSocketApiOrigin'
+import { buildSocketIoClientOptions, resolveSocketApiOrigin } from '~/composables/useSocketApiOrigin'
 import { io, type Socket } from 'socket.io-client'
 import { NewTargetId } from '~/constants/variables'
 
@@ -597,12 +597,7 @@ export default defineNuxtComponent({
       this.logsFollowTail = true
       this.logsLoading = true
 
-      this.logsSocket = io(`${resolveSocketApiOrigin()}/core/cron`, {
-        path: '/socket.io',
-        query: { id: String(id), key: String(key) },
-        transports: ['polling'],
-        reconnectionAttempts: 10,
-      })
+      this.logsSocket = io(`${resolveSocketApiOrigin()}/core/cron`, buildSocketIoClientOptions({ id, key }))
       attachSocketIoDebug(this.logsSocket, '/core/cron')
 
       this.logsSocket.on('connect', () => {

apps/web/src/server/middleware/socket-io-proxy.ts

@@ -12,5 +12,10 @@ export default defineEventHandler(async (event) => {
     return
   }
 
+  // proxyRequest (h3) ne gère pas l'upgrade WebSocket — laisser devProxy / reverse-proxy s'en charger.
+  if (event.node.req.headers.upgrade?.toLowerCase() === 'websocket') {
+    return
+  }
+
   return proxyRequest(event, `${resolveApiBaseUrl()}${url}`)
 })