🔒 Improve OAuth proxy with enhanced logging, configuration handling, health check middleware, and graceful shutdown support

code/websites/pokedex.online/server/oauth-proxy.js

@@ -97,7 +97,8 @@ app.post('/oauth/token', async (req, res) => {
  * POST /oauth/refresh
  */
 app.post('/oauth/refresh', async (req, res) => {
-  if (!hasChallongeAuth) {
+  if (!config.challonge.configured) {
+    logger.warn('OAuth refresh request received but Challonge not configured');
     return res.status(503).json({
       error: 'Challonge OAuth not configured',
       message:
@@ -108,10 +109,12 @@ app.post('/oauth/refresh', async (req, res) => {
   const { refresh_token } = req.body;
 
   if (!refresh_token) {
+    logger.warn('OAuth refresh request missing refresh token');
     return res.status(400).json({ error: 'Missing refresh token' });
   }
 
   try {
+    logger.debug('Refreshing access token');
     const response = await fetch('https://api.challonge.com/oauth/token', {
       method: 'POST',
       headers: {
@@ -119,8 +122,8 @@ app.post('/oauth/refresh', async (req, res) => {
       },
       body: new URLSearchParams({
         grant_type: 'refresh_token',
-        client_id: CLIENT_ID,
+        client_id: config.challonge.clientId,
-        client_secret: CLIENT_SECRET,
+        client_secret: config.challonge.clientSecret,
         refresh_token: refresh_token
       })
     });
@@ -128,14 +131,14 @@ app.post('/oauth/refresh', async (req, res) => {
     const data = await response.json();
 
     if (!response.ok) {
-      console.error('Token refresh failed:', data);
+      logger.error('Token refresh failed', { status: response.status, data });
       return res.status(response.status).json(data);
     }
 
-    console.log('✅ Token refresh successful');
+    logger.info('Token refresh successful');
     res.json(data);
   } catch (error) {
-    console.error('Token refresh error:', error);
+    logger.error('Token refresh error', { error: error.message });
     res.status(500).json({
       error: 'Token refresh failed',
       message: error.message
@@ -144,20 +147,35 @@ app.post('/oauth/refresh', async (req, res) => {
 });
 
 /**
- * Health check endpoint
+ * Health check endpoint (with graceful shutdown support)
  * GET /health
  */
-app.get('/health', (req, res) => {
+app.get('/health', createHealthCheckMiddleware());
-  res.json({
+
-    status: 'ok',
+// Error logging middleware (must be after routes)
-    service: 'oauth-proxy',
+app.use(errorLogger);
-    configured: !!(CLIENT_ID && CLIENT_SECRET)
+
+// Start server
+const server = app.listen(config.port, () => {
+  logger.info('🔐 OAuth Proxy Server started', {
+    port: config.port,
+    nodeEnv: config.nodeEnv,
+    challongeConfigured: config.challonge.configured
   });
+  
+  if (!config.challonge.configured) {
+    logger.warn('⚠️  Challonge OAuth not configured - OAuth endpoints disabled');
+    logger.warn('   Set CHALLONGE_CLIENT_ID and CHALLONGE_CLIENT_SECRET to enable');
+  }
+  
+  logger.info('✅ Ready to handle requests');
 });
 
-app.listen(PORT, () => {
+// Setup graceful shutdown
-  console.log(`🔐 OAuth Proxy Server running on http://localhost:${PORT}`);
+setupGracefulShutdown(server, {
-  console.log(`📝 Client ID: ${CLIENT_ID}`);
+  timeout: 30000,
-  console.log(`🔗 Redirect URI: ${REDIRECT_URI}`);
+  onShutdown: async () => {
-  console.log('\n✅ Ready to handle OAuth requests');
+    logger.info('Running cleanup tasks...');
+    // Add any cleanup tasks here (close DB connections, etc.)
+  }
 });