From abdf086bd81491086d0d0a769bfa9f26adf8e736 Mon Sep 17 00:00:00 2001 From: Hugo Date: Sun, 26 Apr 2026 23:45:34 +0200 Subject: [PATCH] removed staging basic auth --- .env.template | 1 - .github/workflows/deploy-staging.yaml | 3 --- docker-compose.yml | 11 ----------- next.config.ts | 2 +- src/lib/desktop-auth.ts | 5 +---- src/lib/fetcher.ts | 5 ----- src/lib/utils/requests.ts | 5 ----- 7 files changed, 2 insertions(+), 30 deletions(-) diff --git a/.env.template b/.env.template index ea20fd71..cc30051c 100644 --- a/.env.template +++ b/.env.template @@ -18,7 +18,6 @@ DB_NAME=scriptio # Basic Auth (htpasswd format, escape $ as $$ in this file) PROD_AUTH_USERS= -STAGING_AUTH_USERS= MONITORING_AUTH_USERS= # Monitoring diff --git a/.github/workflows/deploy-staging.yaml b/.github/workflows/deploy-staging.yaml index f4323018..ce4c5fef 100644 --- a/.github/workflows/deploy-staging.yaml +++ b/.github/workflows/deploy-staging.yaml @@ -71,7 +71,6 @@ jobs: env: APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} NEXT_PUBLIC_API_URL: https://staging.scriptio.app - NEXT_PUBLIC_STAGING_BASIC_AUTH: ${{ secrets.STAGING_BASIC_AUTH }} NEXT_PUBLIC_APP_VERSION: ${{ needs.prepare.outputs.version }} NEXT_PUBLIC_COMMIT_SHA: ${{ needs.prepare.outputs.commit_sha }} @@ -115,7 +114,6 @@ jobs: run: npm run debug:windows env: NEXT_PUBLIC_API_URL: https://staging.scriptio.app - NEXT_PUBLIC_STAGING_BASIC_AUTH: ${{ secrets.STAGING_BASIC_AUTH }} NEXT_PUBLIC_APP_VERSION: ${{ needs.prepare.outputs.version }} NEXT_PUBLIC_COMMIT_SHA: ${{ needs.prepare.outputs.commit_sha }} @@ -167,7 +165,6 @@ jobs: ${{ env.IMAGE_NAME }}:staging-${{ needs.prepare.outputs.version }} build-args: | NEXT_PUBLIC_API_URL=https://staging.scriptio.app - NEXT_PUBLIC_STAGING_BASIC_AUTH=${{ secrets.STAGING_BASIC_AUTH }} NEXT_PUBLIC_COMMIT_SHA=${{ env.COMMIT_SHA }} NEXT_PUBLIC_APP_VERSION=${{ needs.prepare.outputs.version }} diff --git a/docker-compose.yml b/docker-compose.yml index 0c28095d..4be0fa87 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -59,17 +59,6 @@ services: - traefik.http.routers.scriptio-staging.entrypoints=secure - traefik.http.routers.scriptio-staging.tls=true - traefik.http.routers.scriptio-staging.tls.certresolver=letsencrypt - - traefik.http.routers.scriptio-staging.middlewares=staging-auth - - traefik.http.middlewares.staging-auth.basicauth.users=${STAGING_AUTH_USERS} - - traefik.http.middlewares.staging-auth.basicauth.headerField=X-Staging-Auth - # Allow CORS OPTIONS preflight to bypass basic auth (browsers never send - # custom headers like X-Staging-Auth in a preflight, so the auth check - # would 401 every cross-origin request from the Tauri app) - - traefik.http.routers.scriptio-staging-options.rule=Host(`staging.scriptio.app`) && Method(`OPTIONS`) - - traefik.http.routers.scriptio-staging-options.entrypoints=secure - - traefik.http.routers.scriptio-staging-options.tls=true - - traefik.http.routers.scriptio-staging-options.tls.certresolver=letsencrypt - - traefik.http.routers.scriptio-staging-options.priority=200 # Production Database db-prod: diff --git a/next.config.ts b/next.config.ts index 28775aaf..2dd2e3d8 100644 --- a/next.config.ts +++ b/next.config.ts @@ -28,7 +28,7 @@ const config: NextConfig = { headers: [ { key: "Access-Control-Allow-Origin", value: "*" }, { key: "Access-Control-Allow-Methods", value: "GET, POST, PUT, PATCH, DELETE, OPTIONS" }, - { key: "Access-Control-Allow-Headers", value: "Content-Type, Authorization, x-client-type, X-Staging-Auth" }, + { key: "Access-Control-Allow-Headers", value: "Content-Type, Authorization, x-client-type" }, ], }, ]; diff --git a/src/lib/desktop-auth.ts b/src/lib/desktop-auth.ts index 0a327a10..249b5caa 100644 --- a/src/lib/desktop-auth.ts +++ b/src/lib/desktop-auth.ts @@ -97,10 +97,7 @@ export async function pollBridgeToken( while (Date.now() < deadline) { if (signal?.aborted) return null; try { - const reqHeaders: Record = { "x-client-type": "desktop" }; - const stagingAuth = process.env.NEXT_PUBLIC_STAGING_BASIC_AUTH; - if (stagingAuth) reqHeaders["X-Staging-Auth"] = `Basic ${stagingAuth}`; - const res = await fetch(url, { headers: reqHeaders, signal }); + const res = await fetch(url, { headers: { "x-client-type": "desktop" }, signal }); if (res.ok) { const json = (await res.json()) as { data?: { token?: string | null } }; const token = json.data?.token; diff --git a/src/lib/fetcher.ts b/src/lib/fetcher.ts index 49c391ca..e186ae9f 100644 --- a/src/lib/fetcher.ts +++ b/src/lib/fetcher.ts @@ -35,11 +35,6 @@ async function fetchFromDesktop( Authorization: `Bearer ${token}`, }; - const stagingAuth = process.env.NEXT_PUBLIC_STAGING_BASIC_AUTH; - if (stagingAuth) { - headers["X-Staging-Auth"] = `Basic ${stagingAuth}`; - } - if (init?.headers) { Object.assign(headers, init.headers as Record); } diff --git a/src/lib/utils/requests.ts b/src/lib/utils/requests.ts index 7f219b5c..e1b59b34 100644 --- a/src/lib/utils/requests.ts +++ b/src/lib/utils/requests.ts @@ -31,11 +31,6 @@ const request = async (url: string, method: RESTMethod, body?: object) => { if (token) { headers["Authorization"] = `Bearer ${token}`; } - - const stagingAuth = process.env.NEXT_PUBLIC_STAGING_BASIC_AUTH; - if (stagingAuth) { - headers["X-Staging-Auth"] = `Basic ${stagingAuth}`; - } } return fetch(fullUrl, {