diff --git a/kittyurl-frontend/src/context/AuthProvider.tsx b/kittyurl-frontend/src/context/AuthProvider.tsx index f6b14c2..739b72c 100644 --- a/kittyurl-frontend/src/context/AuthProvider.tsx +++ b/kittyurl-frontend/src/context/AuthProvider.tsx @@ -2,98 +2,72 @@ import Cookies from 'js-cookie'; import { AuthContext } from './AuthContext'; import { sha512 } from '../utils/crypto'; -import type { AuthResponse } from '../types/auth'; const TOKEN_KEY = 'ktty_shared_token'; -/** - * Konfiguracja ciasteczek dla SSO. - * Na localhost ciasteczka domenowe nie działają, więc używamy undefined. - * Na produkcji używamy '.ktty.is', co pozwala współdzielić sesję między subdomenami. - */ const getCookieConfig = () => { const hostname = window.location.hostname; const isLocal = hostname === 'localhost' || hostname === '127.0.0.1'; - return { domain: isLocal ? undefined : '.ktty.is', - secure: !isLocal, // Wymagane HTTPS na produkcji + secure: !isLocal, sameSite: 'Lax' as const, - expires: 7 // Token ważny przez 7 dni + path: '/', + expires: 7 }; }; -const getSubdomain = (): string | null => { - const hostname = window.location.hostname; - const parts = hostname.split('.'); - if (parts.length <= 2) return null; - return parts[0]; -}; - export function AuthProvider({ children }: { children: ReactNode }) { - const config = getCookieConfig(); - const subdomain = getSubdomain(); - - // Inicjalizacja stanu: sprawdzamy ciasteczko natychmiast przy ładowaniu strony. - // Dzięki temu SSO działa bez opóźnień. const [token, setToken] = useState(() => Cookies.get(TOKEN_KEY) || null); const [loading, setLoading] = useState(false); - const [error, setError] = useState(null); + const [error, setError] = useState(null); // DODANE - const authRequest = useCallback(async (endpoint: 'signUp' | 'signIn', name: string, pass: string) => { + const authRequest = useCallback(async (endpoint: 'signIn' | 'signUp', name: string, pass: string) => { setLoading(true); setError(null); try { const hashedPassword = await sha512(pass); - // Vite Proxy przekaże to na https://www.ktty.is/api/... - const fullUrl = `/api/v1/user/${endpoint}`; - - const response = await fetch(fullUrl, { + const response = await fetch(`/api/v1/user/${endpoint}`, { method: 'POST', - headers: { - 'accept': 'application/json', - 'Content-Type': 'application/json', - 'X-Subdomain': subdomain || '', - }, - body: JSON.stringify({ name, password: hashedPassword, ttl: 86400 }), + headers: { 'Content-Type': 'application/json' }, + credentials: 'include', + body: JSON.stringify({ name, password: hashedPassword }), }); - const data: AuthResponse = await response.json(); + const data = await response.json(); if (!response.ok) { - throw new Error(data?.error || data?.message || 'Błąd autoryzacji'); + throw new Error(data?.message || 'Błąd autoryzacji'); } if (data?.token) { - // Zapisujemy token z flagą domain: '.ktty.is' - Cookies.set(TOKEN_KEY, data.token, config); + Cookies.set(TOKEN_KEY, data.token, getCookieConfig()); setToken(data.token); } return data; } catch (err: unknown) { - const msg = err instanceof Error ? err.message : 'Wystąpił nieoczekiwany błąd'; + const msg = err instanceof Error ? err.message : 'Wystąpił błąd'; setError(msg); return null; } finally { setLoading(false); } - }, [subdomain, config]); + }, []); const logout = useCallback(() => { - // Usuwamy ciasteczko z tej samej domeny, na której zostało zapisane - Cookies.remove(TOKEN_KEY, { domain: config.domain }); + Cookies.remove(TOKEN_KEY, { domain: getCookieConfig().domain, path: '/' }); setToken(null); - }, [config]); + }, []); return ( authRequest('signIn', n, p), - signUp: (n, p) => authRequest('signUp', n, p), + signUp: (n, p) => authRequest('signUp', n, p), // TERAZ OBECNE logout }}> {children} diff --git a/kittyurl-frontend/vite.config.ts b/kittyurl-frontend/vite.config.ts index fbc457e..1aa6e31 100644 --- a/kittyurl-frontend/vite.config.ts +++ b/kittyurl-frontend/vite.config.ts @@ -14,26 +14,41 @@ export default defineConfig(({ mode }) => { const backendTarget = env.VITE_API_TARGET; return { - envDir: envDirectory, + envDir: envDirectory, plugins: [ react() as PluginOption, tailwindcss() as PluginOption, ], server: { port: 6568, - host: true, + host: true, // Pozwala na dostęp przez IP w sieci lokalnej + // Jeśli testujesz subdomeny lokalnie (np. app.local.ktty.is), dodaj to: + allowedHosts: [ + '.ktty.is', + 'localhost', + '127.0.0.1', + + ], + // vite.config.ts proxy: { '/api': { target: backendTarget, changeOrigin: true, secure: false, - + cookieDomainRewrite: { + "*": "" + }, }, }, }, preview: { - port: 6568, + port: 6568, allowedHosts: true, }, + resolve: { + alias: { + '@': path.resolve(__dirname, './src'), + }, + }, } }) \ No newline at end of file