UniqAI/hexabot
1
0
Fork 0
mirror of https://github.com/hexastack/hexabot synced 2025-04-24 08:14:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: update frontend environment variables and fix CORS origin handling issue

Browse Source
This commit is contained in:
Mohamed Chedli 2024-12-16 13:09:58 +01:00
parent b8d8bfeaa6
commit d59d245466
3 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
api/src/config/index.ts
View File

@ -16,9 +16,9 @@ export const config: Config = {
}, },
appPath: process.cwd(), appPath: process.cwd(),
apiBaseUrl: process.env.API_ORIGIN || 'http://localhost:4000', apiBaseUrl: process.env.API_ORIGIN || 'http://localhost:4000',
uiBaseUrl: process.env.FRONTEND_ORIGIN uiBaseUrl: process.env.FRONTEND_BASE_URL
? process.env.FRONTEND_ORIGIN.split(',')[0] ? process.env.FRONTEND_BASE_URL
: 'http://localhost:8080', : 'http://localhost:8080', // default to local dev
security: { security: {
httpsEnabled: process.env.HTTPS_ENABLED === 'true', httpsEnabled: process.env.HTTPS_ENABLED === 'true',
trustProxy: process.env.HTTPS_ENABLED === 'true', // Nginx in use ? trustProxy: process.env.HTTPS_ENABLED === 'true', // Nginx in use ?
@ -27,7 +27,7 @@ export const config: Config = {
headers: 'content-type,x-xsrf-token,x-csrf-token', headers: 'content-type,x-xsrf-token,x-csrf-token',
methods: ['GET', 'PATCH', 'POST', 'DELETE', 'OPTIONS', 'HEAD'], methods: ['GET', 'PATCH', 'POST', 'DELETE', 'OPTIONS', 'HEAD'],
allowOrigins: process.env.FRONTEND_ORIGIN allowOrigins: process.env.FRONTEND_ORIGIN
? process.env.FRONTEND_ORIGIN.split(',') ? process.env.FRONTEND_ORIGIN.split(',').map((origin) => origin.trim())
: ['*'], : ['*'],
allowCredentials: true, allowCredentials: true,
}, },
@ -72,7 +72,7 @@ export const config: Config = {
// to get access to a 3rd party cookie and to enable sessions). // to get access to a 3rd party cookie and to enable sessions).
grant3rdPartyCookie: true, grant3rdPartyCookie: true,
onlyAllowOrigins: process.env.FRONTEND_ORIGIN onlyAllowOrigins: process.env.FRONTEND_ORIGIN
? process.env.FRONTEND_ORIGIN.split(',') ? process.env.FRONTEND_ORIGIN.split(',').map((origin) => origin.trim())
: [undefined], // ['http://example.com', 'https://example.com'], : [undefined], // ['http://example.com', 'https://example.com'],
}, },
session: { session: {

2
api/src/extensions/channels/console/settings.ts
View File

@ -20,7 +20,7 @@ export default [
{ {
group: CONSOLE_CHANNEL_NAMESPACE, group: CONSOLE_CHANNEL_NAMESPACE,
label: Web.SettingLabel.allowed_domains, label: Web.SettingLabel.allowed_domains,
value: config.uiBaseUrl, value: config.security.cors.allowOrigins.join(','),
type: SettingType.text, type: SettingType.text,
}, },
{ {

5
docker/.env.example
View File

@ -3,9 +3,11 @@ NODE_ENV=dev
APP_DOMAIN=localhost APP_DOMAIN=localhost
SSL_EMAIL=hello@hexabot.ai SSL_EMAIL=hello@hexabot.ai
API_PORT=4000 API_PORT=4000
APP_FRONTEND_PORT=8080
APP_SCRIPT_COMPODOC_PORT=9003 APP_SCRIPT_COMPODOC_PORT=9003
API_ORIGIN=http://${APP_DOMAIN}:${API_PORT} API_ORIGIN=http://${APP_DOMAIN}:${API_PORT}
FRONTEND_ORIGIN=http://${APP_DOMAIN},http://${APP_DOMAIN}:8080,http://${APP_DOMAIN}:8081,http://${APP_DOMAIN}:5173,http://${APP_DOMAIN},http://${APP_DOMAIN}/*,* FRONTEND_BASE_URL=http://${APP_DOMAIN}:${APP_FRONTEND_PORT}
FRONTEND_ORIGIN=http://${FRONTEND_BASE_URL},http://${APP_DOMAIN}:8081,http://${APP_DOMAIN}:5173,http://${APP_DOMAIN},https://${APP_DOMAIN}
JWT_SECRET=dev_only JWT_SECRET=dev_only
JWT_EXPIRES_IN=60 JWT_EXPIRES_IN=60
SALT_LENGTH=12 SALT_LENGTH=12
@ -56,7 +58,6 @@ BERT_MODEL_BY_LANGUAGE_JSON='{
HF_AUTH_TOKEN= HF_AUTH_TOKEN=
# Frontend (Next.js) # Frontend (Next.js)
APP_FRONTEND_PORT=8080
NEXT_PUBLIC_API_ORIGIN=http://${APP_DOMAIN}:${API_PORT}/ NEXT_PUBLIC_API_ORIGIN=http://${APP_DOMAIN}:${API_PORT}/
NEXT_PUBLIC_SSO_ENABLED=false NEXT_PUBLIC_SSO_ENABLED=false