Open
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![baz-reviewer[bot]](https://avatars.githubusercontent.com/in/933528?s=60&v=4){kind=small}
Comment on lines
+3
to
13
| nitro: { | ||
| preset: 'vercel', | ||
| // Ensure you're using a compatible Node version | ||
| }, | ||
| css: [ | ||
| '@fortawesome/fontawesome-free/css/all.min.css' | ||
| ], | ||
| modules: ['@nuxtjs/tailwindcss', '@sidebase/nuxt-auth'], | ||
| auth: { | ||
| origin: process.env.ORIGIN, | ||
| origin: process.env.ORIGIN || 'https://nuxt-sample-app.preview.descope.org', | ||
| enableGlobalAppMiddleware: true |
There was a problem hiding this comment.
auth.origin now defaults to https://nuxt-sample-app.preview.descope.org when process.env.ORIGIN is missing, so any staging/prod deployment without ORIGIN configured will emit all /api/auth/* redirects/callback URLs pointing at the preview domain instead of the actual host, breaking sign-in/sign-out flows; can we drop the hardcoded fallback or make ORIGIN required so deployments keep using their real host?
Finding type: Breaking Changes | Severity: 🔴 High
Want Baz to fix this for you? Activate Fixer
Other fix methods
Prompt for AI Agents:
In nuxt.config.ts around lines 3-13, the auth.origin setting was changed to default to
'https://nuxt-sample-app.preview.descope.org' when process.env.ORIGIN is missing, which
causes staging/production deployments to point auth redirects to the preview domain.
Remove the hardcoded fallback so auth.origin is set only from process.env.ORIGIN (e.g.,
origin: process.env.ORIGIN). Add a build-time/runtime validation that throws a clear
error or logs a fatal message if process.env.ORIGIN is undefined, so deployments must
explicitly configure ORIGIN instead of silently using the preview domain.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Generated description
Below is a concise technical summary of the changes proposed in this PR:
graph LR entry_bundle_("entry_bundle"):::added a_("a"):::added p_("p"):::added w_("w"):::added API_AUTH_ENDPOINTS_("API_AUTH_ENDPOINTS"):::added GLOBAL_FETCH_("GLOBAL_FETCH"):::added nuxt_config_("nuxt.config"):::modified AUTH_ORIGIN_CONFIG_("AUTH_ORIGIN_CONFIG"):::modified entry_bundle_ -- "Adds dynamic import and render for Protected Page." --> a_ entry_bundle_ -- "Adds Index page render for root landing." --> p_ entry_bundle_ -- "Adds API routes component import for auth endpoints." --> w_ w_ -- "Populates table rows with API auth endpoint details." --> API_AUTH_ENDPOINTS_ entry_bundle_ -- "Installs global fetch wrapper for normalized auth requests." --> GLOBAL_FETCH_ nuxt_config_ -- "Sets fallback Descope origin via nuxt config." --> AUTH_ORIGIN_CONFIG_ classDef added stroke:#15AA7A classDef removed stroke:#CD5270 classDef modified stroke:#EDAC4C linkStyle default stroke:#CBD5E1,font-size:13pxThis pull request is reviewed by Baz. Review like a pro on <a href=https://baz.co/changes/descope-sample-apps/nuxt-sample-app/5?tool=ast>(Baz).