feat(hardening): implement anti-silence, gateway loop protection and deep trace logging

apps/api/src/routes/internal.ts

@@ -156,5 +156,12 @@ export async function internalRoutes(fastify: FastifyInstance) {
 
         return reply.send({ ok: true });
     });
+
+    // ── Simple Ping for Token/Connectivity Verification ──────────────────────
+    fastify.get('/v1/internal/ping', {
+        config: { requireAuth: true } as any
+    }, async () => {
+        return { ok: true, message: 'Pong! Railway Internal API is reachable and authorized.', timestamp: new Date().toISOString() };
+    });
 }
 

apps/api/src/routes/whatsapp.ts

@@ -113,26 +113,37 @@ export async function whatsappRoutes(fastify: FastifyInstance) {
 
         // ── 2. Forward to Railway Internal Worker (if configured as Gateway) ──
         const railwayInternalUrl = process.env.RAILWAY_INTERNAL_URL;
-
-        if (railwayInternalUrl) {
-            request.log.info(`[WEBHOOK] Gateway Mode: Forwarding payload to Railway API (${railwayInternalUrl}).`);
-            try {
-                // Fire and forget (don't await) to ensure fast 200 response to Meta
-                fetch(`${railwayInternalUrl}/v1/internal/whatsapp/inbound`, {
-                    method: 'POST',
-                    headers: {
-                        'Content-Type': 'application/json',
-                        'Authorization': `Bearer ${process.env.ADMIN_API_KEY || ''}`
-                    },
-                    body: request.body ? JSON.stringify(request.body) : ''
-                }).catch(err => {
-                    request.log.error(`[WEBHOOK] Forward to Railway failed: ${err.message}`);
-                });
-
-                return reply.code(200).send('EVENT_RECEIVED');
-            } catch (error: any) {
-                request.log.error(`[WEBHOOK] Forward throwing error: ${error?.message}`);
-                return reply.code(500).send({ error: 'Gateway forwarding failed' });
+        const isGateway = process.env.IS_GATEWAY === 'true' || process.env.HF_SPACE_ID !== undefined;
+
+        if (railwayInternalUrl && isGateway) {
+            // Loop protection: don't forward to yourself
+            const myUrl = process.env.RAILWAY_PUBLIC_URL || '';
+            if (railwayInternalUrl.includes(myUrl) && myUrl !== '') {
+                request.log.warn('[WEBHOOK] Loop detected: RAILWAY_INTERNAL_URL matches self. Skipping forward.');
+            } else {
+                const targetUrl = `${railwayInternalUrl.replace(/\/$/, '')}/v1/internal/whatsapp/inbound`;
+                request.log.info(`[WEBHOOK] Gateway Mode: Forwarding payload to ${targetUrl}`);
+
+                try {
+                    // Fire and forget (don't await) to ensure fast 200 response to Meta
+                    fetch(targetUrl, {
+                        method: 'POST',
+                        headers: {
+                            'Content-Type': 'application/json',
+                            'Authorization': `Bearer ${process.env.ADMIN_API_KEY || ''}`
+                        },
+                        body: request.body ? JSON.stringify(request.body) : ''
+                    }).then(res => {
+                        request.log.info(`[WEBHOOK] Gateway forward result: ${res.status} ${res.statusText}`);
+                    }).catch(err => {
+                        request.log.error(`[WEBHOOK] Forward to Railway failed: ${err.message}`);
+                    });
+
+                    return reply.code(200).send('EVENT_RECEIVED');
+                } catch (error: any) {
+                    request.log.error(`[WEBHOOK] Forward throwing error: ${error?.message}`);
+                    return reply.code(500).send({ error: 'Gateway forwarding failed' });
+                }
             }
         }
 

apps/api/src/services/whatsapp.ts

@@ -29,7 +29,10 @@ export class WhatsAppService {
         let user = await prisma.user.findUnique({ where: { phone } });
 
         if (!user) {
-            if (normalizedText === 'INSCRIPTION') {
+            const isInscription = normalizedText === 'INSCRIPTION' || normalizedText.includes('INSCRI');
+
+            if (isInscription) {
+                console.log(`${traceId} New user registration triggered for ${phone}`);
                 user = await prisma.user.create({ data: { phone } });
                 await scheduleInteractiveButtons(user.id,
                     "Dalal jàmm! Xamle ngay tàmbali. ⏳ 30s.\n(FR) Ton cours se prépare (30s).",
@@ -40,7 +43,13 @@ export class WhatsAppService {
                 );
                 return;
             } else {
-                console.log(`Unregistered user ${phone} sent a message. Need INSCRIPTION.`);
+                console.log(`${traceId} Unregistered user ${phone} sent: "${normalizedText}". Sending instructions.`);
+                // Anti-silence: Nudge them to register
+                const { whatsappQueue } = await import('./queue');
+                await whatsappQueue.add('send-message-direct', {
+                    phone,
+                    text: "🎓 Bienvenue chez XAMLÉ !\nPour commencer ta formation gratuite, envoie le mot : *INSCRIPTION*\n\n(WO) Dalal jàmm ! Ngir tàmbali sa njàng mburu, bindal : *INSCRIPTION*"
+                });
                 return;
             }
         }