diff --git a/.env.example b/.env.example index 800354d..255d57e 100644 --- a/.env.example +++ b/.env.example @@ -5,5 +5,6 @@ FRONTEND_URL=http://localhost:3000 BACKEND_URL=http://localhost:5000 VITE_API_BASE_URL=http://localhost:5000/api NODE_ENV=development +TRUST_PROXY= ADMIN_EMAILS=corey@blaishome.online RESCUE_STATUS_NOTIFICATION_EMAIL=appadmin@flockpal.app diff --git a/backend/src/app.ts b/backend/src/app.ts index 787316b..94a4e16 100644 --- a/backend/src/app.ts +++ b/backend/src/app.ts @@ -89,6 +89,11 @@ const port = Number(process.env.PORT ?? 5000); const frontendBaseUrl = process.env.FRONTEND_URL ?? 'http://localhost:3000'; const backendBaseUrl = process.env.BACKEND_URL ?? `http://localhost:${port}`; const sessionDays = 30; +const trustProxy = process.env.TRUST_PROXY?.trim() ?? ''; + +if (trustProxy) { + app.set('trust proxy', trustProxy === 'true' ? true : Number(trustProxy) || trustProxy); +} const defaultAllowedOrigins = ['http://localhost:3000', 'http://127.0.0.1:3000', 'http://localhost:5173', 'http://127.0.0.1:5173']; diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 93357b0..dc1b002 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -23,6 +23,7 @@ services: environment: PORT: 5000 NODE_ENV: production + TRUST_PROXY: ${TRUST_PROXY:-1} POSTGRES_HOST: postgres POSTGRES_PORT: 5432 POSTGRES_DB: ${POSTGRES_DB:-flockpal} diff --git a/docker-compose.yml b/docker-compose.yml index 5ddc573..ecd1373 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -22,6 +22,7 @@ services: environment: PORT: 5000 NODE_ENV: development + TRUST_PROXY: ${TRUST_PROXY:-} POSTGRES_HOST: postgres POSTGRES_PORT: 5432 POSTGRES_DB: ${POSTGRES_DB:-flockpal} diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx index 3777fb7..2334382 100644 --- a/frontend/src/App.tsx +++ b/frontend/src/App.tsx @@ -471,7 +471,7 @@ const clearSessionToken = () => { const readStoredSessionToken = () => window.localStorage.getItem(sessionTokenStorageKey) ?? ''; const oauthStartUrl = (providerKey: AuthProvider['providerKey']) => { - const url = new URL(`${apiBaseUrl}/auth/oauth/${providerKey}/start`); + const url = new URL(`${apiBaseUrl}/auth/oauth/${providerKey}/start`, window.location.origin); url.searchParams.set('redirectTo', window.location.href); return url.toString(); };