Fixed hardcoded nonsense in api config

api/.env.example

@@ -12,8 +12,10 @@ AUTH_CLIENT_ID=
 AUTH_CLIENT_SECRET=
 AUTH_REDIRECT_URI=
 AUTH_REVOCATION_URI=
+AUTH_END_SESSION_URI=
 # AUTH_MODE=mock #uncomment this to bypass authentik
 
 # SERVER SETTINGS
 SERVER_PORT=3000
 CLIENT_URL= # This is whatever URL the client web app is served on
+CLIENT_DOMAIN= #whatever.com

api/src/index.js

@@ -8,7 +8,7 @@ const app = express()
 app.use(morgan('dev'))
 
 app.use(cors({
-  origin: ['https://aj17thdev.nexuszone.net', 'http://localhost:5173'], // your SPA origins
+  origin: [process.env.CLIENT_URL], // your SPA origins
   credentials: true
 }));
 
@@ -32,7 +32,7 @@ app.use(session({
   cookie: {
     httpOnly: true,
     sameSite: 'lax',
-    domain: 'nexuszone.net'
+    domain: process.env.CLIENT_DOMAIN
   }
 }));
 app.use(passport.authenticate('session'));