Fixed hardcoded nonsense in api config

2025-11-23 23:39:10 -05:00
parent b8bf809c14
commit 0d9e7c3e3b
2 changed files with 5 additions and 3 deletions
--- a/api/.env.example
+++ b/api/.env.example
@@ -12,8 +12,10 @@ AUTH_CLIENT_ID=
 AUTH_CLIENT_SECRET=
 AUTH_REDIRECT_URI=
 AUTH_REVOCATION_URI=
+AUTH_END_SESSION_URI=
 # AUTH_MODE=mock #uncomment this to bypass authentik

 # SERVER SETTINGS
 SERVER_PORT=3000
-CLIENT_URL= # This is whatever URL the client web app is served on
+CLIENT_URL= # This is whatever URL the client web app is served on
+CLIENT_DOMAIN= #whatever.com
--- a/api/src/index.js
+++ b/api/src/index.js
@@ -8,7 +8,7 @@ const app = express()
 app.use(morgan('dev'))

 app.use(cors({
-  origin: ['https://aj17thdev.nexuszone.net', 'http://localhost:5173'], // your SPA origins
+  origin: [process.env.CLIENT_URL], // your SPA origins
  credentials: true
 }));

@@ -32,7 +32,7 @@ app.use(session({
  cookie: {
    httpOnly: true,
    sameSite: 'lax',
-    domain: 'nexuszone.net'
+    domain: process.env.CLIENT_DOMAIN
  }
 }));
 app.use(passport.authenticate('session'));