refactor: move auth token to HttpOnly cookie, fix CORS and artefacts
Backend: - Set JWT as HttpOnly cookie on login, add cookie fallback in auth middleware - Add /auth/logout endpoint to clear cookie - Fix CORS to echo origin with Allow-Credentials for withCredentials requests - Make SPA static serving optional via SERVE_SPA config flag Frontend: - Remove manual token management; rely on HttpOnly cookie + withCredentials - Simplify auth-slice to authenticated boolean flag - Fix Artefact interface to match backend fields (sha256Hash, fileName, fileSize) - Fix artefact upload endpoint and send version in FormData - Use KiB/MiB for file size display - Move Redux hooks from store/hooks to hooks/store
This commit is contained in:
@@ -0,0 +1,17 @@
|
||||
# ─────────────────────────────────────────────────────────
|
||||
# Pipely Web — Environment Variables
|
||||
# ─────────────────────────────────────────────────────────
|
||||
# Copy this file to .env and adjust values for your environment:
|
||||
# cp .env.example .env
|
||||
# ─────────────────────────────────────────────────────────
|
||||
|
||||
# ── API Server ───────────────────────────────────────────
|
||||
|
||||
# Base URL for the OTA Manifest Server API.
|
||||
# Default: https://pipely.onixbyte.com/
|
||||
# Development: http://localhost:8080
|
||||
VITE_API_BASE_URL=http://localhost:5001/api
|
||||
|
||||
# Redux Persistent storage location
|
||||
# Options: `local` (default), `session`
|
||||
VITE_REDUX_STORAGE=local
|
||||
Reference in New Issue
Block a user