fix: CORS configuration for both docker-compose and start_server.sh deployments

- Update start_server.sh to auto-detect local IP and export ALLOWED_ORIGINS
- Includes both localhost and detected IP on HTTP/HTTPS proxy ports
- Export JWT_SECRET_KEY with ephemeral key if not set
- Fix Romanian comments in docker-compose.yml to English
- Document two deployment methods in SESSION_STATE.md
This commit is contained in:
Daniel Bedeleanu
2026-04-11 14:44:00 +03:00
parent d9e75368fb
commit 483a747600
3 changed files with 52 additions and 12 deletions

View File

@@ -1,13 +1,52 @@
# CURRENT AI WORKING SESSION — COMPLETED
# CURRENT AI WORKING SESSION — IN PROGRESS
**Active AI:** Claude (Sonnet 4.6)
**Active AI:** Claude (Haiku 4.5)
**Last Updated:** 2026-04-11
**Current Version:** v1.3.5
**Branch:** dev (v1.3.5 release branch created)
**Branch:** dev
---
## 🎯 SESSION COMPLETED — ALL TASKS FINALIZED + ENGLISH COMPLIANCE VERIFIED
## 🔧 CURRENT ISSUE — CORS Configuration Clarification
### Two Deployment Methods
The project supports two distinct deployment approaches:
#### 1. **Docker Compose** (Production / Containerized)
- Uses `docker-compose.yml` with Caddy reverse proxy
- Backend container on internal port 8000 → exposed via Caddy on 3002
- Frontend container on internal port 3000 → exposed via Caddy on 3003
- **Configuration:** `ALLOWED_ORIGINS` environment variable in docker-compose.yml
- **Current setting:** `http://localhost:3000,http://localhost:3002`
- **For remote deployment:** Must update ALLOWED_ORIGINS to include actual domain (e.g., `https://192.168.84.140:3003`)
#### 2. **start_server.sh** (Development / Native)
- Runs Backend (uvicorn) + Frontend (Next.js) + local-ssl-proxy directly
- Backend on port 8000 → SSL proxy on 3002
- Frontend on port 3001 → SSL proxy on 3003
- **Issue Fixed:** Script now automatically detects local IP and exports ALLOWED_ORIGINS
- **Auto-configured for:** localhost + detected IP address on both HTTP and HTTPS
### Fix Applied (Commit Pending)
Updated `start_server.sh` to:
1. Detect local IP address (en0/en1 interface)
2. Export ALLOWED_ORIGINS with all applicable origins:
- HTTP localhost on dev ports (3000/3001)
- HTTPS localhost on proxy ports (3002/3003)
- HTTPS on detected IP address on proxy ports
3. Display CORS configuration when starting backend
4. Export JWT_SECRET_KEY if not already set
**Result:** Frontend at `https://<LOCAL_IP>:3003` can now access backend at `https://<LOCAL_IP>:3002` without CORS blocks.
### English Language Compliance
Fixed Romanian comments in docker-compose.yml:
- `"personalizează pentru producție"``"customize for production"`
- `"GENEREAZĂ O VALOARE SIGURĂ"``"GENERATE A SECURE VALUE"`
---
## 🎯 PREVIOUS SESSION — ALL TASKS FINALIZED + ENGLISH COMPLIANCE VERIFIED
### Final Status