fix(auth): add trustedOrigins to BetterAuth for cross-origin web dashboard (#111)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>
This commit was merged in pull request #111.
This commit is contained in:
@@ -39,6 +39,9 @@ export function createAuth(config: AuthConfig) {
|
|||||||
]
|
]
|
||||||
: undefined;
|
: undefined;
|
||||||
|
|
||||||
|
const corsOrigin = process.env['GATEWAY_CORS_ORIGIN'] ?? 'http://localhost:3000';
|
||||||
|
const trustedOrigins = corsOrigin.split(',').map((o) => o.trim());
|
||||||
|
|
||||||
return betterAuth({
|
return betterAuth({
|
||||||
database: drizzleAdapter(db, {
|
database: drizzleAdapter(db, {
|
||||||
provider: 'pg',
|
provider: 'pg',
|
||||||
@@ -47,6 +50,7 @@ export function createAuth(config: AuthConfig) {
|
|||||||
baseURL: baseURL ?? process.env['BETTER_AUTH_URL'] ?? 'http://localhost:4000',
|
baseURL: baseURL ?? process.env['BETTER_AUTH_URL'] ?? 'http://localhost:4000',
|
||||||
secret: secret ?? process.env['BETTER_AUTH_SECRET'],
|
secret: secret ?? process.env['BETTER_AUTH_SECRET'],
|
||||||
basePath: '/api/auth',
|
basePath: '/api/auth',
|
||||||
|
trustedOrigins,
|
||||||
emailAndPassword: {
|
emailAndPassword: {
|
||||||
enabled: true,
|
enabled: true,
|
||||||
},
|
},
|
||||||
|
|||||||
Reference in New Issue
Block a user