From 0ebb2b15e5592ba9dfaa5711f5aa0a693c3fec03 Mon Sep 17 00:00:00 2001
From: dmolinari <dmolinari@eldia.com>
Date: Fri, 13 Feb 2026 15:07:16 -0300
Subject: [PATCH] Fix: Recorte de URL Front Para Notificaciones.

---
 Backend/MotoresArgentinosV2.API/Program.cs    | 21 +++++++++++++++++--
 .../Services/AdExpirationService.cs           |  2 +-
 .../Services/IdentityService.cs               |  8 +++----
 .../Services/NotificationService.cs           |  2 +-
 docker-compose.yml                            |  4 ++--
 5 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/Backend/MotoresArgentinosV2.API/Program.cs b/Backend/MotoresArgentinosV2.API/Program.cs
index e15d716..dd2b6b3 100644
--- a/Backend/MotoresArgentinosV2.API/Program.cs
+++ b/Backend/MotoresArgentinosV2.API/Program.cs
@@ -28,7 +28,7 @@ builder.Logging.AddConsole();
 builder.Logging.AddDebug();
 
 // 🔒 CORS POLICY
-var frontendUrls = (builder.Configuration["AppSettings:FrontendUrl"] ?? "http://localhost:5173").Split(',');
+var frontendUrls = (builder.Configuration["AppSettings:FrontendUrl"] ?? "http://localhost:5173" ?? "https://clasificados.eldia.com").Split(',');
 builder.Services.AddCors(options =>
 {
     options.AddPolicy("AllowSpecificOrigin",
@@ -176,7 +176,7 @@ app.Use(async (context, next) =>
                  "connect-src 'self' https: ws: wss:; " +
                  "object-src 'none'; " +
                  "base-uri 'self'; " +
-                 "form-action 'self' https://developers-ventasonline.payway.com.ar; " +
+                 "form-action 'self'; " +
                  "frame-ancestors 'none';";
     context.Response.Headers.Append("Content-Security-Policy", csp);
     context.Response.Headers.Remove("Server");
@@ -199,6 +199,23 @@ app.UseHttpsRedirection();
 app.UseStaticFiles();
 
 // 🔒 APLICAR CORS & RATE LIMIT
+app.Use(async (context, next) =>
+{
+    // Para las peticiones de imágenes, agregamos el header PNA
+    if (context.Request.Path.StartsWithSegments("/uploads"))
+    {
+        context.Response.Headers.Append("Access-Control-Allow-Private-Network", "true");
+    }
+
+    // Permitir que la petición OPTIONS pase sin más checks
+    if (context.Request.Method == "OPTIONS")
+    {
+        context.Response.StatusCode = 204; // No Content
+        return;
+    }
+
+    await next();
+});
 app.UseCors("AllowSpecificOrigin");
 app.UseRateLimiter();
 
diff --git a/Backend/MotoresArgentinosV2.Infrastructure/Services/AdExpirationService.cs b/Backend/MotoresArgentinosV2.Infrastructure/Services/AdExpirationService.cs
index 9aba90b..8584ea8 100644
--- a/Backend/MotoresArgentinosV2.Infrastructure/Services/AdExpirationService.cs
+++ b/Backend/MotoresArgentinosV2.Infrastructure/Services/AdExpirationService.cs
@@ -216,7 +216,7 @@ public class AdExpirationService : BackgroundService
       var notifService = scope.ServiceProvider.GetRequiredService<INotificationService>();
 
       var config = scope.ServiceProvider.GetRequiredService<IConfiguration>();
-      var frontendUrl = config["AppSettings:FrontendUrl"] ?? "http://localhost:5173";
+      var frontendUrl = config["AppSettings:FrontendUrl"]?.Split(',')[0].Trim() ?? "http://localhost:5173";
 
       var cutoff = DateTime.UtcNow.AddHours(-24);
 
diff --git a/Backend/MotoresArgentinosV2.Infrastructure/Services/IdentityService.cs b/Backend/MotoresArgentinosV2.Infrastructure/Services/IdentityService.cs
index 73099c7..fd29cc3 100644
--- a/Backend/MotoresArgentinosV2.Infrastructure/Services/IdentityService.cs
+++ b/Backend/MotoresArgentinosV2.Infrastructure/Services/IdentityService.cs
@@ -80,7 +80,7 @@ public class IdentityService : IIdentityService
         await _v2Context.SaveChangesAsync();
 
         // 4. Enviar Email REAL
-        var frontendUrl = _config["AppSettings:FrontendUrl"] ?? "http://localhost:5173";
+        var frontendUrl = _config["AppSettings:FrontendUrl"]?.Split(',')[0].Trim() ?? "http://localhost:5173";
         var verifyLink = $"{frontendUrl}/verificar-email?token={token}";
 
         var emailBody = $@"
@@ -187,7 +187,7 @@ public class IdentityService : IIdentityService
         await _v2Context.SaveChangesAsync();
 
         // Email
-        var frontendUrl = _config["AppSettings:FrontendUrl"] ?? "http://localhost:5173";
+        var frontendUrl = _config["AppSettings:FrontendUrl"]?.Split(',')[0].Trim() ?? "http://localhost:5173";
         var verifyLink = $"{frontendUrl}/verificar-email?token={token}";
 
         var emailBody = $@"
@@ -241,7 +241,7 @@ public class IdentityService : IIdentityService
 
         await _v2Context.SaveChangesAsync();
 
-        var frontendUrl = _config["AppSettings:FrontendUrl"] ?? "http://localhost:5173";
+        var frontendUrl = _config["AppSettings:FrontendUrl"]?.Split(',')[0].Trim() ?? "http://localhost:5173";
         var resetLink = $"{frontendUrl}/restablecer-clave?token={token}";
 
         var emailBody = $@"
@@ -371,7 +371,7 @@ public class IdentityService : IIdentityService
         await _v2Context.SaveChangesAsync();
 
         // Enviar Email al NUEVO correo
-        var frontendUrl = _config["AppSettings:FrontendUrl"]?.Split(',')[0] ?? "http://localhost:5173";
+        var frontendUrl = _config["AppSettings:FrontendUrl"]?.Split(',')[0].Trim() ?? "http://localhost:5173";
         var link = $"{frontendUrl}/confirmar-cambio-email?token={token}";
 
         var body = $@"
diff --git a/Backend/MotoresArgentinosV2.Infrastructure/Services/NotificationService.cs b/Backend/MotoresArgentinosV2.Infrastructure/Services/NotificationService.cs
index 1777393..3c45aaa 100644
--- a/Backend/MotoresArgentinosV2.Infrastructure/Services/NotificationService.cs
+++ b/Backend/MotoresArgentinosV2.Infrastructure/Services/NotificationService.cs
@@ -15,7 +15,7 @@ public class NotificationService : INotificationService
         _emailService = emailService;
         _logger = logger;
         // Leemos la URL del appsettings o usamos localhost como fallback
-        _frontendUrl = config["AppSettings:FrontendUrl"] ?? "http://localhost:5173";
+        _frontendUrl = config["AppSettings:FrontendUrl"]?.Split(',')[0].Trim() ?? "http://localhost:5173";
     }
 
     private string GetEmailShell(string title, string content)
diff --git a/docker-compose.yml b/docker-compose.yml
index f787fec..c57cb76 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -12,7 +12,7 @@ services:
       - ASPNETCORE_ENVIRONMENT=Production
       - ASPNETCORE_HTTP_PORTS=8080
       # Soportamos ambos: el dominio final y la IP de pruebas para CORS
-      - AppSettings__FrontendUrl=https://www.motoresargentinos.com,http://192.168.5.129:8086,http://localhost:5173
+      - AppSettings__FrontendUrl=https://motoresargentinos.com,http://192.168.5.129:8086,http://localhost:5173,https://clasificados.eldia.com
       # Para links generados (pagos/confirmaciones), usamos la IP por ahora si vas a probar sin dominio
       - AppSettings__BaseUrl=http://192.168.5.129:8086/api
     networks:
@@ -28,7 +28,7 @@ services:
         # Al usar Nginx como proxy, podemos usar rutas relativas desde el navegador
         - VITE_API_BASE_URL=/api
         - VITE_STATIC_BASE_URL=
-        - VITE_MP_PUBLIC_KEY=TEST-2c7996fc-da9a-4e40-b693-a5ab386ad88e
+        - VITE_MP_PUBLIC_KEY=APP_USR-12bbd874-5ea7-49cf-b9d9-0f3e7df089b3
     container_name: motores-frontend
     restart: always
     ports: