From b00860679b10d96a2eb34c160afd13b40010d5b3 Mon Sep 17 00:00:00 2001 From: bhavanakarwade Date: Mon, 23 Dec 2024 19:30:18 +0530 Subject: [PATCH] Fix/enhance security for browser elements (#847) * fix: Improve Handling of Sensitive Data in Browser Signed-off-by: bhavanakarwade * improved error handling for layout component Signed-off-by: bhavanakarwade * refactor: improve variables initialization logic Signed-off-by: bhavanakarwade * removed hardcoded variables Signed-off-by: bhavanakarwade * added file path in yml file Signed-off-by: bhavanakarwade * refactor: added variable in constants file Signed-off-by: bhavanakarwade * fix: signin issue Signed-off-by: bhavanakarwade * refactor dev yml file Signed-off-by: bhavanakarwade * fix: yml file Signed-off-by: bhavanakarwade * fix: refactor common constants file Signed-off-by: bhavanakarwade * fix: refactor yml file Signed-off-by: bhavanakarwade * fix: added varibles in yml file Signed-off-by: bhavanakarwade * fix: signin issue Signed-off-by: bhavanakarwade --------- Signed-off-by: bhavanakarwade --- .github/workflows/deploy-dev.yml | 2 +- src/config/CommonConstant.ts | 4 +--- src/config/SocketConfig.ts | 2 +- src/config/ssrApiConfig.ts | 2 +- src/pages/user/[user].astro | 2 +- src/services/axiosIntercepter.ts | 6 +++--- src/utils/check-session.ts | 2 +- 7 files changed, 9 insertions(+), 11 deletions(-) diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index 961831c9e..ff71d7151 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -28,7 +28,7 @@ jobs: echo "PUBLIC_MODE=DEV" > .env - echo "PUBLIC_BASE_URL=https://devapi.credebl.id" >> .env + echo "PUBLIC_BASE_URL=${{ secrets.DEV_PUBLIC_BASE_URL }}" >> .env echo "PUBLIC_SHOW_NAME_AS_LOGO=true" >> .env diff --git a/src/config/CommonConstant.ts b/src/config/CommonConstant.ts index 74faa24e9..e9758fb31 100644 --- a/src/config/CommonConstant.ts +++ b/src/config/CommonConstant.ts @@ -54,8 +54,6 @@ export const storageKeys = { ALL_SCHEMAS:'allSchemaFlag', ECOSYSTEM_ID: "ecosystem_id", ECOSYSTEM_ROLE: "ecosystem_role", - - } export const emailCredDefHeaders = [ @@ -64,7 +62,7 @@ export const emailCredDefHeaders = [ { columnName: 'Revocable' }, ]; -export const excludeKeys = ['PUBLIC_CRYPTO_PRIVATE_KEY', 'PUBLIC_KEYCLOAK_MANAGEMENT_CLIENT_ID', 'PUBLIC_KEYCLOAK_MANAGEMENT_CLIENT_SECRET', 'PUBLIC_ALLOW_DOMAIN']; +export const excludeKeys = ['PUBLIC_BASE_URL', 'PUBLIC_CRYPTO_PRIVATE_KEY', 'PUBLIC_KEYCLOAK_MANAGEMENT_CLIENT_ID', 'PUBLIC_KEYCLOAK_MANAGEMENT_CLIENT_SECRET', 'PUBLIC_ALLOW_DOMAIN']; export const predicatesConditions = [ { value: '', label: 'Select' }, diff --git a/src/config/SocketConfig.ts b/src/config/SocketConfig.ts index 2a5eef880..e83269398 100644 --- a/src/config/SocketConfig.ts +++ b/src/config/SocketConfig.ts @@ -1,7 +1,7 @@ import { envConfig } from "./envConfig" import io from "socket.io-client" -const SOCKET = io(`${envConfig.PUBLIC_BASE_URL}`, { +const SOCKET = io(`${import.meta.env.PUBLIC_BASE_URL}`, { reconnection: true, reconnectionDelay: 500, reconnectionAttempts: Infinity, diff --git a/src/config/ssrApiConfig.ts b/src/config/ssrApiConfig.ts index fba1e96a0..41563b67e 100644 --- a/src/config/ssrApiConfig.ts +++ b/src/config/ssrApiConfig.ts @@ -20,7 +20,7 @@ const API = async ({ token, url, method, payload }: IProps) => { method, body: JSON.stringify(payload), }; - const baseURL = globalThis.baseUrl || envConfig.PUBLIC_BASE_URL || process.env.PUBLIC_BASE_URL; + const baseURL = globalThis.baseUrl || import.meta.env.PUBLIC_BASE_URL || process.env.PUBLIC_BASE_URL; const apiURL = baseURL + url; const res = await fetch(apiURL, { ...config, diff --git a/src/pages/user/[user].astro b/src/pages/user/[user].astro index 2676742c1..8a4ac9738 100644 --- a/src/pages/user/[user].astro +++ b/src/pages/user/[user].astro @@ -5,7 +5,7 @@ import { envConfig } from '../../config/envConfig'; import { pathRoutes } from '../../config/pathRoutes'; const { user } = Astro.params; -const baseUrl = process.env.PUBLIC_BASE_URL || envConfig.PUBLIC_BASE_URL +const baseUrl = process.env.PUBLIC_BASE_URL || import.meta.env.PUBLIC_BASE_URL const response = await fetch(`${baseUrl}/users/public-profiles/${user}`); const data = await response.json(); const userData = data?.data; diff --git a/src/services/axiosIntercepter.ts b/src/services/axiosIntercepter.ts index 32b5a58ba..6e4eba572 100644 --- a/src/services/axiosIntercepter.ts +++ b/src/services/axiosIntercepter.ts @@ -6,7 +6,7 @@ import { getFromLocalStorage, setToLocalStorage } from '../api/Auth'; import { apiStatusCodes, storageKeys } from '../config/CommonConstant'; const instance = axios.create({ - baseURL: envConfig.PUBLIC_BASE_URL, + baseURL: import.meta.env.PUBLIC_BASE_URL, }); const EcosystemInstance = axios.create({ @@ -16,7 +16,7 @@ const EcosystemInstance = axios.create({ const checkAuthentication = async (sessionCookie: string, request: AxiosRequestConfig) => { const isAuthPage = window.location.href.includes('/authentication/sign-in') || window.location.href.includes('/authentication/sign-up') try { - const baseURL = envConfig.PUBLIC_BASE_URL || process.env.PUBLIC_BASE_URL; + const baseURL = import.meta.env.PUBLIC_BASE_URL || process.env.PUBLIC_BASE_URL; const config = { headers: { 'Content-Type': 'application/json', @@ -48,7 +48,7 @@ const checkAuthentication = async (sessionCookie: string, request: AxiosRequestC } } catch (error) { } }; -const { PUBLIC_BASE_URL, PUBLIC_ECOSYSTEM_BASE_URL }: any = globalThis +const { PUBLIC_BASE_URL, PUBLIC_ECOSYSTEM_BASE_URL }: any = import.meta.env instance.interceptors.request.use(async config => { config.baseURL = PUBLIC_BASE_URL; diff --git a/src/utils/check-session.ts b/src/utils/check-session.ts index 1a1a8537a..41a9f4bbc 100755 --- a/src/utils/check-session.ts +++ b/src/utils/check-session.ts @@ -33,7 +33,7 @@ export const checkUserSession = async ({ try { const baseURL = - envConfig.PUBLIC_BASE_URL || + import.meta.env.PUBLIC_BASE_URL || process.env.PUBLIC_BASE_URL; const config = { headers: {