diff --git a/README.md b/README.md index 5907d50..76ec1cf 100644 --- a/README.md +++ b/README.md @@ -45,9 +45,11 @@ OKTA_DOMAIN= # For example, "mydomain.oktapreview.com" OKTA_API_TOKEN= DATABASE_URI="sqlite:///access.db" CLIENT_ORIGIN_URL=http://localhost:3000 -VITE_API_SERVER_URL=http://localhost:6060 +VITE_API_SERVER_URL= ``` +> **Note:** `VITE_API_SERVER_URL` is left empty so the frontend uses relative URLs. The Vite dev server proxies `/api` requests to the Flask backend on port 6060. + Next, run the following commands to set up your python virtual environment. Access can run on Python 3.11 and above: ``` @@ -231,7 +233,7 @@ The `.env.production` file is where you configure the application. - `OKTA_DOMAIN`: Specifies the [Okta](https://okta.com) domain to use. - `OKTA_API_TOKEN`: Specifies the [Okta](https://okta.com) [API Token](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApiToken/) to use. - `DATABASE_URI`: Specifies the Database connection URI. **Example:** `postgresql+pg8000://:@postgres:5432/`. -- `CLIENT_ORIGIN_URL`: Specifies the origin URL which is used by CORS. +- `CLIENT_ORIGIN_URL`: Specifies the origin URL used by plugins (e.g. for building notification URLs). - `VITE_API_SERVER_URL`: Specifies the API base URL which is used by the frontend. Set to an empty string "" to use the same URL as the frontend. - `FLASK_SENTRY_DSN`: See the [Sentry documentation](https://docs.sentry.io/product/sentry-basics/concepts/dsn-explainer/). **[OPTIONAL] You can safely remove this from your env file** - `REACT_SENTRY_DSN`: See the [Sentry documentation](https://docs.sentry.io/product/sentry-basics/concepts/dsn-explainer/). **[OPTIONAL] You can safely remove this from your env file** diff --git a/api/app.py b/api/app.py index 9bd4736..851b465 100644 --- a/api/app.py +++ b/api/app.py @@ -11,7 +11,6 @@ from flask import Flask, Response, request from flask.typing import ResponseReturnValue -from flask_cors import CORS from flask_talisman import Talisman from marshmallow import ValidationError from werkzeug.exceptions import HTTPException @@ -158,21 +157,6 @@ def add_headers(response: Response) -> ResponseReturnValue: response.headers["Content-Type"] = "application/json; charset=utf-8" return response - ########################################## - # CORS - ########################################## - - if app.config["ENV"] == "development": - # Only necessary in development because the React - # frontend is served from a different port - CORS( - app, - resources={r"/api/*": {"origins": app.config["CLIENT_ORIGIN_URL"]}}, - allow_headers=["Authorization", "Content-Type", "baggage", "sentry-trace"], - methods=["GET", "POST", "PUT", "DELETE"], - max_age=86400, - ) - ########################################## # Configure CloudSQL Database Connection ########################################## diff --git a/requirements.txt b/requirements.txt index 10ad9be..e884021 100644 --- a/requirements.txt +++ b/requirements.txt @@ -23,7 +23,6 @@ flask-marshmallow==1.2.1 flask-apispec==0.11.4 # Security -Flask-Cors==6.0.0 flask-talisman==1.1.0 PyJWT==2.10.1 flask-oidc==2.2.2 @@ -47,7 +46,6 @@ ruff==0.8.0 # Typing mypy==1.13.0 types-google-cloud-ndb==2.3.0.20250317 -types-Flask-Cors==5.0.0.20240902 types-Flask-Migrate==4.0.0.20240311 types-python-dateutil==2.9.0.20250822 types-requests==2.32.0.20241016 diff --git a/vite.config.ts b/vite.config.ts index 12fd284..6ab3b79 100644 --- a/vite.config.ts +++ b/vite.config.ts @@ -44,6 +44,12 @@ export default defineConfig(({mode}) => { }, server: { port: 3000, + proxy: { + '/api': { + target: 'http://localhost:6060', + changeOrigin: true, + }, + }, }, build: { outDir: 'build',