feat: update NGINX configuration for improved proxy handling and enable social account login on GET requests

2025-07-23 14:59:36 +02:00 · 2025-01-07 09:58:39 -05:00 · 2025-01-07 09:58:39 -05:00 · 548702890d
commit 548702890d
parent a5aa09ed7b
3 changed files with 22 additions and 27 deletions
--- a/backend/nginx.conf
+++ b/backend/nginx.conf
@ -17,24 +17,24 @@ http {
    }

    server {
-        listen 80;
+        listen 80;  # NGINX always listens on port 80 inside the container
        server_name localhost;

        location / {
-            proxy_pass http://server:8000;  # Forward to internal Gunicorn server
-            proxy_set_header Host $host;  # Forward Host header from the request
-            proxy_set_header X-Real-IP $remote_addr;  # Forward real IP
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  # Forward original IP
-            proxy_set_header X-Forwarded-Proto $scheme;  # Forward the protocol
-            proxy_set_header X-Forwarded-Host $host;  # Forward the Host header
+            proxy_pass http://server:8000;  # Explicitly forward to Django service
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
        }

+
        location /static/ {
-            alias /code/staticfiles/;
+            alias /code/staticfiles/;  # Serve static files directly
        }

        location /media/ {
-            alias /code/media/;
+            alias /code/media/;   # Serve media files directly
        }
    }
 }
--- a/backend/server/main/settings.py
+++ b/backend/server/main/settings.py
@ -186,6 +186,8 @@ FRONTEND_URL = getenv('FRONTEND_URL', 'http://localhost:3000')
 # Set login redirect URL to the frontend
 LOGIN_REDIRECT_URL = FRONTEND_URL

+SOCIALACCOUNT_LOGIN_ON_GET = True
+
 HEADLESS_FRONTEND_URLS = {
    "account_confirm_email": f"{FRONTEND_URL}/user/verify-email/{{key}}",
    "account_reset_password": f"{FRONTEND_URL}/user/reset-password",
--- a/frontend/src/routes/_allauth/[...path]/+server.ts
+++ b/frontend/src/routes/_allauth/[...path]/+server.ts
@ -12,23 +12,23 @@ export async function GET(event) {

 /** @type {import('./$types').RequestHandler} */
 export async function POST({ url, params, request, fetch, cookies }) {
-	const searchParam = url.search ? `${url.search}&format=json` : '?format=json';
-	return handleRequest(url, params, request, fetch, cookies, searchParam, true);
+	const searchParam = url.search ? `${url.search}` : '';
+	return handleRequest(url, params, request, fetch, cookies, searchParam, false);
 }

 export async function PATCH({ url, params, request, fetch, cookies }) {
-	const searchParam = url.search ? `${url.search}&format=json` : '?format=json';
-	return handleRequest(url, params, request, fetch, cookies, searchParam, true);
+	const searchParam = url.search ? `${url.search}` : '';
+	return handleRequest(url, params, request, fetch, cookies, searchParam, false);
 }

 export async function PUT({ url, params, request, fetch, cookies }) {
-	const searchParam = url.search ? `${url.search}&format=json` : '?format=json';
-	return handleRequest(url, params, request, fetch, cookies, searchParam, true);
+	const searchParam = url.search ? `${url.search}` : '';
+	return handleRequest(url, params, request, fetch, cookies, searchParam, false);
 }

 export async function DELETE({ url, params, request, fetch, cookies }) {
-	const searchParam = url.search ? `${url.search}&format=json` : '?format=json';
-	return handleRequest(url, params, request, fetch, cookies, searchParam, true);
+	const searchParam = url.search ? `${url.search}` : '';
+	return handleRequest(url, params, request, fetch, cookies, searchParam, false);
 }

 async function handleRequest(
@ -53,25 +53,18 @@ async function handleRequest(

 	const headers = new Headers(request.headers);

-	// Delete existing csrf cookie by setting an expired date
-	cookies.delete('csrftoken', { path: '/' });
-
-	// Generate a new csrf token (using your existing fetchCSRFToken function)
 	const csrfToken = await fetchCSRFToken();
 	if (!csrfToken) {
 		return json({ error: 'CSRF token is missing or invalid' }, { status: 400 });
 	}

-	// Set the new csrf token in both headers and cookies
-	const cookieHeader = `csrftoken=${csrfToken}; Path=/; HttpOnly; SameSite=Lax`;
-
 	try {
 		const response = await fetch(targetUrl, {
 			method: request.method,
 			headers: {
 				...Object.fromEntries(headers),
 				'X-CSRFToken': csrfToken,
-				Cookie: cookieHeader
+				Cookie: `csrftoken=${csrfToken}`
 			},
 			body:
 				request.method !== 'GET' && request.method !== 'HEAD' ? await request.text() : undefined,