Fix local network authentication

dashboard-server/auth-server/index.js

@@ -38,7 +38,13 @@ const corsOptions = {
     
     console.log('CORS check for origin:', origin);
     
-    // Check if origin is allowed
+    // Allow local network IPs (192.168.1.xxx)
+    if (origin && origin.match(/^http:\/\/192\.168\.1\.\d{1,3}(:\d+)?$/)) {
+      callback(null, true);
+      return;
+    }
+    
+    // Check if origin is in allowed list
     if (!origin || allowedOrigins.indexOf(origin) !== -1) {
       callback(null, true);
     } else {
@@ -96,19 +102,19 @@ app.post('/login', (req, res) => {
       expiresIn: '24h'
     });
 
-    // Determine if request is from localhost
-    const isLocalhost = req.headers.origin?.includes('localhost');
+    // Determine if request is from local network
+    const isLocalNetwork = req.headers.origin?.includes('192.168.1.') || req.headers.origin?.includes('localhost');
     
     const cookieOptions = {
       httpOnly: true,
-      secure: !isLocalhost,
-      sameSite: isLocalhost ? 'lax' : 'none',
+      secure: !isLocalNetwork, // Only use secure for non-local requests
+      sameSite: isLocalNetwork ? 'lax' : 'none',
       path: '/',
       maxAge: 24 * 60 * 60 * 1000 // 24 hours
     };
 
-    // Add domain only for production
-    if (!isLocalhost) {
+    // Only set domain for production
+    if (!isLocalNetwork) {
       cookieOptions.domain = '.kent.pw';
     }
 
@@ -163,13 +169,13 @@ app.get('/check', (req, res) => {
 });
 
 app.post('/logout', (req, res) => {
-  const isLocalhost = req.headers.origin?.includes('localhost');
+  const isLocalNetwork = req.headers.origin?.includes('192.168.1.') || req.headers.origin?.includes('localhost');
   const cookieOptions = {
     httpOnly: true,
-    secure: !isLocalhost,
-    sameSite: isLocalhost ? 'lax' : 'none',
+    secure: !isLocalNetwork,
+    sameSite: isLocalNetwork ? 'lax' : 'none',
     path: '/',
-    domain: isLocalhost ? undefined : '.kent.pw'
+    domain: isLocalNetwork ? undefined : '.kent.pw'
   };
   
   console.log('Clearing cookie with options:', cookieOptions);

dashboard/vite.config.js

@@ -72,8 +72,10 @@ export default defineConfig(({ mode }) => {
           changeOrigin: true,
           secure: true,
           cookieDomainRewrite: {
-            "dashboard.kent.pw": "localhost",
+            "dashboard.kent.pw": "",
           },
+          hostRewrite: true,
+          autoRewrite: true,
           configure: (proxy, _options) => {
             proxy.on("error", (err, req, res) => {
               console.log("Auth proxy error:", err);
@@ -85,13 +87,29 @@ export default defineConfig(({ mode }) => {
               );
             });
             proxy.on("proxyReq", (proxyReq, req, _res) => {
+              proxyReq.setHeader('X-Forwarded-Host', req.headers.host);
+              proxyReq.setHeader('X-Forwarded-Proto', 'http');
+              
+              const origin = req.headers.origin || `http://${req.headers.host}`;
+              proxyReq.setHeader('origin', origin);
+
               console.log("Outgoing auth request:", {
                 method: req.method,
                 url: req.url,
-                headers: req.headers,
+                headers: proxyReq.getHeaders(),
               });
             });
-            proxy.on("proxyRes", (proxyRes, req, _res) => {
+            proxy.on("proxyRes", (proxyRes, req, res) => {
+              const cookies = proxyRes.headers['set-cookie'];
+              if (cookies) {
+                proxyRes.headers['set-cookie'] = cookies.map(cookie =>
+                  cookie
+                    .replace(/Domain=[^;]+;/g, '')
+                    .replace(/Secure;/g, '')
+                    .replace(/SameSite=None/g, 'SameSite=Lax')
+                );
+              }
+
               console.log("Auth proxy response:", {
                 statusCode: proxyRes.statusCode,
                 url: req.url,