From 981c2f79f5dec4cb1fc949e3183a9231ddc65c6f Mon Sep 17 00:00:00 2001 From: ethanf Date: Thu, 14 Aug 2025 15:32:46 -0500 Subject: [PATCH] fix: update cors to allow same-origin --- server/server.js | 8 +++++--- src/services/api.ts | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/server/server.js b/server/server.js index a4122bd..ceb5850 100644 --- a/server/server.js +++ b/server/server.js @@ -44,7 +44,7 @@ async function saveVotes(votes) { // Middleware app.use(cors({ origin: process.env.NODE_ENV === 'production' - ? ['https://s22.ethanf.gg'] + ? true // Allow same origin in production since frontend and backend are on same domain : FRONTEND_URL, credentials: true, methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], @@ -63,7 +63,7 @@ app.use(session({ maxAge: 24 * 60 * 60 * 1000, // 24 hours httpOnly: true, sameSite: process.env.NODE_ENV === 'production' ? 'lax' : 'lax', - domain: process.env.NODE_ENV === 'production' ? '.ethanf.gg' : undefined + domain: process.env.NODE_ENV === 'production' ? 'ethanf.gg' : undefined // Remove the dot prefix }, name: 's22poll.sid' })); @@ -112,7 +112,9 @@ app.get('/auth/steam/return', passport.authenticate('steam', { failureRedirect: '/' }), (req, res) => { console.log('User authenticated:', req.user); - res.redirect(FRONTEND_URL); + // In production, redirect to root since frontend and backend are on same domain + const redirectUrl = process.env.NODE_ENV === 'production' ? '/' : FRONTEND_URL; + res.redirect(redirectUrl); } ); diff --git a/src/services/api.ts b/src/services/api.ts index 5151b00..b094e32 100644 --- a/src/services/api.ts +++ b/src/services/api.ts @@ -1,7 +1,7 @@ import type { MapOption } from "../types"; const API_BASE_URL = import.meta.env.PROD - ? 'https://s22.ethanf.gg' + ? '' // Empty string for same-origin requests in production : 'http://localhost:3001'; const apiCall = async (endpoint: string, options: RequestInit = {}) => {