From 9392d31c6b3f1e8bcc9150b7741574dd85055496 Mon Sep 17 00:00:00 2001
From: totallynotmanas <108781322+totallynotmanas@users.noreply.github.com>
Date: Wed, 11 Mar 2026 00:40:21 +0530
Subject: [PATCH 1/2] CORS bug fix

---
 .env.example                                     | 16 +++++++++++++---
 .../backend/config/SecurityConfig.java           | 11 ++++++++---
 .../securehealth/backend/config/WebConfig.java   |  3 ++-
 frontend/app/src/services/api.js                 |  8 ++++----
 frontend/app/src/services/supabaseAuth.js        | 16 ++++++++--------
 5 files changed, 35 insertions(+), 19 deletions(-)

diff --git a/.env.example b/.env.example
index 475b3044..7025ca73 100644
--- a/.env.example
+++ b/.env.example
@@ -1,10 +1,13 @@
 # Copy this file to .env and fill in values locally (DO NOT COMMIT .env)
-# Database
-DB_USER=postgres
-DB_PASSWORD=changeme
+# -------------------------
+# DATABASE CONFIGURATION
+# -------------------------
+DB_USER=admin_user
+DB_PASSWORD=secureBen10
 DB_NAME=healthcare_auth_db
 
 # Spring datasource (optional override)
+# FOR DEPLOYMENT: Use your production database URL
 SPRING_DATASOURCE_URL=jdbc:postgresql://localhost:5432/healthcare_auth_db
 SPRING_DATASOURCE_USERNAME=${DB_USER}
 SPRING_DATASOURCE_PASSWORD=${DB_PASSWORD}
@@ -15,6 +18,13 @@ REDIS_PORT=6379
 
 
 # Frontend API URL
+# -------------------------
+# CORS & FRONTEND CONFIGURATION
+# -------------------------
+# FOR DEPLOYMENT: Set this to your frontend URL (e.g., https://yourdomain.com)
+CORS_ALLOWED_ORIGINS=http://localhost:3000,http://127.0.0.1:3000
+
+# FOR DEPLOYMENT: Set this to your backend API URL (e.g., https://api.yourdomain.com/api)
 REACT_APP_API_URL=http://localhost:8081/api
 
 MAIL_HOST=smtp.gmail.com
diff --git a/backend/Backend/src/main/java/com/securehealth/backend/config/SecurityConfig.java b/backend/Backend/src/main/java/com/securehealth/backend/config/SecurityConfig.java
index 8045df8f..6962c7d9 100644
--- a/backend/Backend/src/main/java/com/securehealth/backend/config/SecurityConfig.java
+++ b/backend/Backend/src/main/java/com/securehealth/backend/config/SecurityConfig.java
@@ -108,10 +108,15 @@ private void saveSecurityLog(String action, HttpServletRequest request) {
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(Arrays.asList(allowedOrigins.split(",")));
-        configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
-        configuration.setAllowedHeaders(List.of("Authorization", "Content-Type"));
+        
+        // Split by comma and trim whitespace
+        String[] origins = allowedOrigins.split(",");
+        configuration.setAllowedOrigins(Arrays.stream(origins).map(String::trim).toList());
+        
+        configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"));
+        configuration.setAllowedHeaders(List.of("Authorization", "Content-Type", "X-Requested-With", "Accept", "Origin"));
         configuration.setAllowCredentials(true);
+        configuration.setMaxAge(3600L);
 
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
         source.registerCorsConfiguration("/**", configuration);
diff --git a/backend/Backend/src/main/java/com/securehealth/backend/config/WebConfig.java b/backend/Backend/src/main/java/com/securehealth/backend/config/WebConfig.java
index 9e38cb25..39033825 100644
--- a/backend/Backend/src/main/java/com/securehealth/backend/config/WebConfig.java
+++ b/backend/Backend/src/main/java/com/securehealth/backend/config/WebConfig.java
@@ -13,8 +13,9 @@ public class WebConfig implements WebMvcConfigurer {
 
     @Override
     public void addCorsMappings(CorsRegistry registry) {
+        String[] origins = allowedOrigins.split(",");
         registry.addMapping("/**")
-                .allowedOrigins(allowedOrigins.split(","))
+                .allowedOrigins(java.util.Arrays.stream(origins).map(String::trim).toArray(String[]::new))
                 .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH")
                 .allowedHeaders("*")
                 .allowCredentials(true)
diff --git a/frontend/app/src/services/api.js b/frontend/app/src/services/api.js
index 58e8ff55..7f5de78d 100644
--- a/frontend/app/src/services/api.js
+++ b/frontend/app/src/services/api.js
@@ -1,5 +1,5 @@
 // API Service - Centralized API calls for the Patient Management System
-const API_BASE_URL = process.env.REACT_APP_API_URL || 'http://localhost:8081/api';
+const API_BASE_URL = process.env.REACT_APP_API_URL || '';
 
 // Helper function for API calls
 const apiCall = async (endpoint, options = {}) => {
@@ -435,9 +435,9 @@ export const nurseAPI = {
       return apiCall('/nurse/handover', { method: 'POST', body: JSON.stringify(payload) });
    },
    recordVitals: async (vitalSignsData) => {
-      return apiCall('/vital-signs', { 
-         method: 'POST', 
-         body: JSON.stringify(vitalSignsData) 
+      return apiCall('/vital-signs', {
+         method: 'POST',
+         body: JSON.stringify(vitalSignsData)
       });
    },
    recordMedicationAdministration: async (medicationData) => {
diff --git a/frontend/app/src/services/supabaseAuth.js b/frontend/app/src/services/supabaseAuth.js
index bdd98a7e..4881b1c8 100644
--- a/frontend/app/src/services/supabaseAuth.js
+++ b/frontend/app/src/services/supabaseAuth.js
@@ -1,6 +1,6 @@
 // Authentication service for backend API
-const API_BASE_URL = 'http://localhost:8081/api';
-const AUTH_URL = `${API_BASE_URL}/auth`;
+const API_BASE_URL = process.env.REACT_APP_API_URL || '';
+const AUTH_URL = API_BASE_URL ? `${API_BASE_URL}/auth` : '/auth';
 const STORAGE_KEY = 'secure_health_user';
 const PROFILE_STORAGE_KEY = 'secure_health_profiles';
 
@@ -301,12 +301,12 @@ export const verifyOtp = async (email, otp) => {
          const resolvedEmail = email;
          const storedName = getProfileName(resolvedEmail);
          const fullName = data.full_name || data.fullName || storedName;
-         const user = { 
-            email: resolvedEmail, 
-            role: data.role || 'PATIENT', 
-            fullName, 
-            accessToken: data.accessToken, 
-            userId: data.userId 
+         const user = {
+            email: resolvedEmail,
+            role: data.role || 'PATIENT',
+            fullName,
+            accessToken: data.accessToken,
+            userId: data.userId
          };
          if (fullName) {
             saveProfileName(resolvedEmail, fullName);

From 5f37ade0d480a23f4a5ecfde6ac862b436a24c94 Mon Sep 17 00:00:00 2001
From: Diya Bhat <deebee101224@gmail.com>
Date: Wed, 11 Mar 2026 00:53:22 +0530
Subject: [PATCH 2/2] cd pipeline

Added cd pipeline for continuous deployment
---
 .github/workflows/deployment.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 .github/workflows/deployment.yml

diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
new file mode 100644
index 00000000..aded31f9
--- /dev/null
+++ b/.github/workflows/deployment.yml
@@ -0,0 +1,22 @@
+name: Deploy Backend
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: SSH into EC2 and deploy
+        uses: appleboy/ssh-action@master
+        with:
+          host: 54.252.217.169
+          username: ubuntu
+          key: ${{ secrets.EC2_SECRETKEY }}
+          script: |
+            cd ~/PatientManagementSystem
+            git pull origin main
+            docker-compose down
+            docker-compose up -d --build
\ No newline at end of file