From 6fcb9656aef57a23550df7718d9788ea93623553 Mon Sep 17 00:00:00 2001 From: itsmo-ks Date: Sun, 15 Mar 2026 22:32:02 +0000 Subject: [PATCH] Enhance Docker and environment variable handling for authentication features --- Dockerfile | 8 +++++ docker-compose.yml | 14 ++++----- js/accounts/pocketbase.js | 2 +- vite-plugin-auth-gate.js | 62 ++++++++++++++++++++++----------------- 4 files changed, 51 insertions(+), 35 deletions(-) diff --git a/Dockerfile b/Dockerfile index 508dd58..b1af63d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,6 +7,14 @@ WORKDIR /app RUN apk add --no-cache wget curl bash RUN apk add --no-cache python3 make g++ && ln -sf python3 /usr/bin/python +# Accept build arguments for environment variables +ARG AUTH_ENABLED +ARG AUTH_SECRET +ARG APPWRITE_ENDPOINT +ARG APPWRITE_PROJECT_ID +ARG POCKETBASE_URL +ARG SESSION_MAX_AGE + # Copy package files first for caching COPY package.json package-lock.json ./ diff --git a/docker-compose.yml b/docker-compose.yml index bdf5a2c..7bb5cdd 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,16 +4,16 @@ services: build: context: . dockerfile: Dockerfile + args: + - AUTH_ENABLED=${AUTH_ENABLED} + - AUTH_SECRET=${AUTH_SECRET} + - APPWRITE_ENDPOINT=${APPWRITE_ENDPOINT} + - APPWRITE_PROJECT_ID=${APPWRITE_PROJECT_ID} + - POCKETBASE_URL=${POCKETBASE_URL} + - SESSION_MAX_AGE=${SESSION_MAX_AGE} container_name: monochrome ports: - '${MONOCHROME_PORT:-3000}:4173' - environment: - AUTH_ENABLED: ${AUTH_ENABLED:-false} - AUTH_SECRET: ${AUTH_SECRET:-} - APPWRITE_ENDPOINT: ${APPWRITE_ENDPOINT:-https://auth.yourdomain.com/v1} - APPWRITE_PROJECT_ID: ${APPWRITE_PROJECT_ID:-auth-for-monochrome} - POCKETBASE_URL: ${POCKETBASE_URL:-} - SESSION_MAX_AGE: ${SESSION_MAX_AGE:-604800000} restart: unless-stopped networks: - monochrome-network diff --git a/js/accounts/pocketbase.js b/js/accounts/pocketbase.js index d9d4671..3867f9a 100644 --- a/js/accounts/pocketbase.js +++ b/js/accounts/pocketbase.js @@ -5,7 +5,7 @@ import { authManager } from './auth.js'; const PUBLIC_COLLECTION = 'public_playlists'; const DEFAULT_POCKETBASE_URL = 'https://data.samidy.xyz'; -const POCKETBASE_URL = localStorage.getItem('monochrome-pocketbase-url') || DEFAULT_POCKETBASE_URL; +const POCKETBASE_URL = window.__POCKETBASE_URL__ || localStorage.getItem('monochrome-pocketbase-url') || DEFAULT_POCKETBASE_URL; console.log('[PocketBase] Using URL:', POCKETBASE_URL); diff --git a/vite-plugin-auth-gate.js b/vite-plugin-auth-gate.js index a83b58c..a9e9f06 100644 --- a/vite-plugin-auth-gate.js +++ b/vite-plugin-auth-gate.js @@ -19,6 +19,33 @@ function parseBody(req) { }); } +function buildInjectionScript(env) { + const AUTH_ENABLED = (env.AUTH_ENABLED ?? 'false') !== 'false'; + const APPWRITE_ENDPOINT = env.APPWRITE_ENDPOINT; + const APPWRITE_PROJECT_ID = env.APPWRITE_PROJECT_ID; + const POCKETBASE_URL = env.POCKETBASE_URL; + const AUTH_GOOGLE_ENABLED = env.AUTH_GOOGLE_ENABLED; + const AUTH_EMAIL_ENABLED = env.AUTH_EMAIL_ENABLED; + + const flags = []; + if (AUTH_ENABLED) flags.push('window.__AUTH_GATE__=true'); + const authProviderOverrides = {}; + if (AUTH_GOOGLE_ENABLED !== undefined) { + authProviderOverrides.google = AUTH_GOOGLE_ENABLED !== 'false'; + } + if (AUTH_EMAIL_ENABLED !== undefined) { + authProviderOverrides.password = AUTH_EMAIL_ENABLED !== 'false'; + } + if (Object.keys(authProviderOverrides).length > 0) { + flags.push(`window.__AUTH_PROVIDERS__=${JSON.stringify(authProviderOverrides)}`); + } + if (APPWRITE_ENDPOINT) flags.push(`window.__APPWRITE_ENDPOINT__=${JSON.stringify(APPWRITE_ENDPOINT)}`); + if (APPWRITE_PROJECT_ID) flags.push(`window.__APPWRITE_PROJECT_ID__=${JSON.stringify(APPWRITE_PROJECT_ID)}`); + if (POCKETBASE_URL) flags.push(`window.__POCKETBASE_URL__=${JSON.stringify(POCKETBASE_URL)}`); + + return flags.length > 0 ? `` : null; +} + export default function authGatePlugin() { let env = {}; @@ -29,33 +56,13 @@ export default function authGatePlugin() { env = loadEnv(mode, process.cwd(), ''); }, + transformIndexHtml(html) { + const scriptTag = buildInjectionScript(env); + return scriptTag ? html.replace('', `${scriptTag}\n`) : html; + }, + configurePreviewServer(server) { - const AUTH_ENABLED = (env.AUTH_ENABLED ?? 'false') !== 'false'; - const APPWRITE_ENDPOINT = env.APPWRITE_ENDPOINT; - const APPWRITE_PROJECT_ID = env.APPWRITE_PROJECT_ID; - const POCKETBASE_URL = env.POCKETBASE_URL; - const AUTH_GOOGLE_ENABLED = env.AUTH_GOOGLE_ENABLED; - const AUTH_EMAIL_ENABLED = env.AUTH_EMAIL_ENABLED; - - // --- Build injection script (always, for both auth gate and env config) --- - - const flags = []; - if (AUTH_ENABLED) flags.push('window.__AUTH_GATE__=true'); - const authProviderOverrides = {}; - if (AUTH_GOOGLE_ENABLED !== undefined) { - authProviderOverrides.google = AUTH_GOOGLE_ENABLED !== 'false'; - } - if (AUTH_EMAIL_ENABLED !== undefined) { - authProviderOverrides.password = AUTH_EMAIL_ENABLED !== 'false'; - } - if (Object.keys(authProviderOverrides).length > 0) { - flags.push(`window.__AUTH_PROVIDERS__=${JSON.stringify(authProviderOverrides)}`); - } - if (APPWRITE_ENDPOINT) flags.push(`window.__APPWRITE_ENDPOINT__=${JSON.stringify(APPWRITE_ENDPOINT)}`); - if (APPWRITE_PROJECT_ID) - flags.push(`window.__APPWRITE_PROJECT_ID__=${JSON.stringify(APPWRITE_PROJECT_ID)}`); - if (POCKETBASE_URL) flags.push(`window.__POCKETBASE_URL__=${JSON.stringify(POCKETBASE_URL)}`); - const configScript = flags.length > 0 ? `` : null; + const configScript = buildInjectionScript(env); // --- Pre-build injected HTML pages --- @@ -69,6 +76,7 @@ export default function authGatePlugin() { } let loginHtml = null; + const AUTH_ENABLED = (env.AUTH_ENABLED ?? 'false') !== 'false'; if (AUTH_ENABLED) { const loginPath = join(distDir, 'login.html'); if (existsSync(loginPath)) { @@ -98,7 +106,7 @@ export default function authGatePlugin() { process.exit(1); } - console.log(`Auth gate enabled (Project: ${APPWRITE_PROJECT_ID})`); + console.log(`Auth gate enabled (Project: ${env.APPWRITE_PROJECT_ID})`); server.middlewares.use( cookieSession({