Fixed Remote Access Login Issues to Borealis WebUI

2025-10-27 03:21:57 -06:00 · 2025-09-24 14:46:45 -06:00
parent 930a897e0b
commit 0ef4ada84e
3 changed files with 112 additions and 16 deletions
--- a/Data/Server/WebUI/src/Login.jsx
+++ b/Data/Server/WebUI/src/Login.jsx
@@ -7,25 +7,43 @@ export default function Login({ onLogin }) {
  const [error, setError] = useState("");

  const sha512 = async (text) => {
-    const encoder = new TextEncoder();
-    const data = encoder.encode(text);
-    const hashBuffer = await crypto.subtle.digest("SHA-512", data);
-    const hashArray = Array.from(new Uint8Array(hashBuffer));
-    return hashArray.map((b) => b.toString(16).padStart(2, "0")).join("");
+    try {
+      if (window.crypto && window.crypto.subtle && window.isSecureContext) {
+        const encoder = new TextEncoder();
+        const data = encoder.encode(text);
+        const hashBuffer = await window.crypto.subtle.digest("SHA-512", data);
+        const hashArray = Array.from(new Uint8Array(hashBuffer));
+        return hashArray.map((b) => b.toString(16).padStart(2, "0")).join("");
+      }
+    } catch (_) {
+      // fall through to return null
+    }
+    // Not a secure context or subtle crypto unavailable
+    return null;
  };

  const handleSubmit = async (e) => {
    e.preventDefault();
    try {
      const hash = await sha512(password);
+      const body = hash
+        ? { username, password_sha512: hash }
+        : { username, password };
      const resp = await fetch("/api/auth/login", {
        method: "POST",
        headers: { "Content-Type": "application/json" },
        credentials: "include",
-        body: JSON.stringify({ username, password_sha512: hash })
+        body: JSON.stringify(body)
      });
      const data = await resp.json();
      if (!resp.ok) throw new Error(data?.error || `HTTP ${resp.status}`);
+      // Persist token via cookie as a proxy-friendly fallback
+      if (data?.token) {
+        try {
+          // Set cookie for current host; SameSite=Lax for dev
+          document.cookie = `borealis_auth=${data.token}; Path=/; SameSite=Lax`;
+        } catch (_) {}
+      }
      setError("");
      onLogin({ username: data.username, role: data.role });
    } catch (err) {
--- a/Data/Server/WebUI/vite.config.mts
+++ b/Data/Server/WebUI/vite.config.mts
@@ -9,10 +9,16 @@ export default defineConfig({
    open: true,
    host: true,
    strictPort: true,
-    allowedHosts: ['localhost','127.0.0.1','borealis.bunny-lab.io'],
+    // Allow LAN/IP access during dev (so other devices can reach Vite)
+    // If you want to restrict, replace `true` with an explicit allowlist.
+    allowedHosts: true,
    proxy: {
-      '/api': 'http://localhost:5000',
-      '/socket.io': { target:'ws://localhost:5000', ws:true }
+      // Ensure cookies/headers are forwarded correctly to Flask
+      '/api': {
+        target: 'http://127.0.0.1:5000',
+        changeOrigin: true,
+      },
+      '/socket.io': { target:'ws://127.0.0.1:5000', ws:true, changeOrigin: true }
    }
  },
  build: {