Skip to content

Corrects CORS setup to allow login cookie to be set#11

Open
StuTheWebGuy wants to merge 75 commits into
mainfrom
fix-login-cookies
Open

Corrects CORS setup to allow login cookie to be set#11
StuTheWebGuy wants to merge 75 commits into
mainfrom
fix-login-cookies

Conversation

@StuTheWebGuy
Copy link
Copy Markdown
Collaborator

@StuTheWebGuy StuTheWebGuy commented Nov 24, 2025

The PHPSESSID cookie on login wasn't being set, in part because the CORS setup was incorrect. This PR amends the CORS config on the API to fix this.

The other fix that needs doing (outside the scope of this PR) is to ensure all fetch() calls in the frontend use a base URL that matches the CORS origin, and that the fetch options include credentials: 'include'.

Casjb added 30 commits November 4, 2025 13:59
@Casjb
adding strict function typing and class::
ea83346
@Casjb
setup react routes
479cfa8
@Casjb
adding count controllers and loosening pagination rules for species c…
89bcc35 
…ontroller
@Casjb
adding package-lock.json to gitignore, removed pasted comment, added …
935e2bb 
…notnull to user_id in categories
@Casjb
added userid foreign keys to teams and boxes
703f75c
@Casjb
added a healthcheck and pokemon dropdown to test page for now
5b1c457
@Casjb
installed react-router-dom and react-select
8639119
@Casjb
added blank homepage
374557b
@Casjb
set controller serializer to return arrays
e4249c0
@Casjb
added count endpoints to boxes and categories
78c0750
@Casjb
added page used to create categories
7e4fbea
@Casjb
re-adding package-lock.json to git
d2f6136
@Casjb
added json parser to api/config/web.php
59efb6c
@Casjb
custom rest controllers now use ArrayHelper to merge cors behaviours
c5ede65
@Casjb
WIP
3f29353
@Casjb
re implemented cors behaviors to rest/
ae6d50e
@Casjb
wip: page to create new category
8fcee56
@Casjb
Merge branch 'main' into setting-up-frontend-wireframe
336e9d0 
# Conflicts:
#	api/config/web.php
#	api/controllers/BoxesController.php
#	api/controllers/CategoriesController.php
#	api/controllers/PokemonSpeciesController.php
#	api/controllers/SiteController.php
#	api/controllers/TeamsController.php
#	api/models/Category.php
#	api/rest/ActiveController.php
#	api/rest/Controller.php
@Casjb
Delete SiteController.php
9ec6629
@Casjb
added auth to users table
d7b4bae
@Casjb
started work on user model
9c36642
@Casjb
added login form model
7be3b01
@Casjb
added auth controller with empty login and logout methods
195727b
@Casjb
removed 'enableAutoLogin' => true
7038f05 
added 'loginUrl' => null
to web.php
@Casjb
progress on categories page
94cb468
@Casjb
adding full error logging and cookie validation to web config
4b217c3
@Casjb
eslint: '@typescript-eslint/no-explicit-any': 'off',
c9d6bd7
@Casjb
added inital routing for categories and teams
1070a56
@Casjb
added category list to Categories page
2e192ce
@Casjb
embedded teams page inside category page
97785d5
Casjb and others added 27 commits November 17, 2025 11:09
@Casjb
set cors origin to localhost.
243bc95 
todo: add to .env
@Casjb
'@typescript-eslint/no-unused-expressions': 'off',
8de90ab
@Casjb
removed images_collections in favour of just storing images per table
9453f53
@Casjb
updated to match controller
0532c19
@Casjb
fixed login - however still doesn't store cookies
175ddf8
@Casjb
removed pokemon dropdown - just healthcheck now
f4e8999
@Casjb
added createNewTeam button
9363ba7
@Casjb
moved pokemon dropdown here and added rendering for pokemon image url…
e544596 
…s from the db
@Casjb
added a pokemon-index action
644d8e6
@Casjb
added safe rules for resource creation
fcf26e6
@Casjb
removed 'images_collection' in favour for local 'image'
28ee5eb
@Casjb
fixed create new category button and category rendering
1a87fdb
@Casjb
added teams index and teams count action
0347b56
@Casjb
updated pokemon import script to add image urls
de46e5d
@Casjb
added safe rules for resource creation
d55c1f1
@Casjb
switched to using custom activeController extension for cors handling
cbde8a9
@Casjb
extended active record's base implementation
cfe6562
@Casjb
adding created_at and updated_at to all migrations
bdacc26
@Casjb
removed ImagesCollection.php
a8023b9
@Casjb
added portal-root for rendering react portals
db9d58d
@Casjb
added inheritdoc blocks and tableNameSingular to models
a64fb3d
@Casjb
updated rules for some models
41a506d
@Casjb
removed extra api calls for creating unnamed items
f1c7ca1
@Casjb
adding CategoryMenu.tsx portal as a right-click context menu for edit…
bdbf535 
…ing categories
@Casjb
added frontend todo list inside app.tsx
ad4efdb
@Casjb
added validator to give default names to items
f04325d
@StuTheWebGuy
Corrects CORS setup to allow login cookie to be set
4efa6b9
@StuTheWebGuy StuTheWebGuy requested a review from Casjb November 24, 2025 10:12
@StuTheWebGuy StuTheWebGuy self-assigned this Nov 24, 2025
Base automatically changed from setting-up-frontend-wireframe to main March 26, 2026 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Casjb Casjb Awaiting requested review from Casjb

At least 1 approving review is required to merge this pull request.

Assignees

@StuTheWebGuy StuTheWebGuy

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@StuTheWebGuy @Casjb