fix: use relative API URLs and allow any LAN IP for CORS

2026-04-21 23:16:36 -04:00
parent d8180ca0ed
commit 5e7f0ceb07
3 changed files with 37 additions and 8 deletions
--- a/apps/Backend/src/app.ts
+++ b/apps/Backend/src/app.ts
@@ -39,19 +39,16 @@ function isOriginAllowed(origin?: string | null) {
  if (!origin) return true; // allow non-browser clients (curl/postman)

  if (NODE_ENV !== "production") {
-    // Dev mode: allow localhost origins automatically
+    // Dev mode: allow localhost and any private LAN range
    if (
      origin.startsWith("http://localhost") ||
      origin.startsWith("http://127.0.0.1") ||
-      origin.startsWith("http://192.168.0.240")
+      /^https?:\/\/10\.\d+\.\d+\.\d+/.test(origin) ||
+      /^https?:\/\/172\.(1[6-9]|2\d|3[01])\.\d+\.\d+/.test(origin) ||
+      /^https?:\/\/192\.168\.\d+\.\d+/.test(origin)
    )
      return true;
-    // allow explicit FRONTEND_URLS if provided
    if (FRONTEND_URLS.includes(origin)) return true;
-    // optionally allow the server's LAN IP if FRONTEND_LAN_IP is provided
-    const lanIp = process.env.FRONTEND_LAN_IP;
-    if (lanIp && origin.startsWith(`http://${lanIp}`)) return true;
-    // fallback: deny if not matched
    return false;
  }

--- a/apps/Frontend/.env
+++ b/apps/Frontend/.env
@@ -1,4 +1,4 @@
 NODE_ENV=development
 HOST=0.0.0.0
 PORT=3000
-VITE_API_BASE_URL_BACKEND=http://localhost:5000
+VITE_API_BASE_URL_BACKEND=
--- a/nginx.conf
+++ b/nginx.conf
@@ -0,0 +1,32 @@
+server {
+    listen 80;
+    server_name _;
+
+    # API requests → backend
+    location /api/ {
+        proxy_pass http://localhost:5000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    # Socket.IO → backend (WebSocket upgrade)
+    location /socket.io/ {
+        proxy_pass http://localhost:5000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+
+    # Everything else → Vite dev server
+    location / {
+        proxy_pass http://localhost:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+    }
+}