From f45df093e6027526e759f82c0a6d1915da08ae32 Mon Sep 17 00:00:00 2001 From: "Gan, Jimmy" Date: Wed, 8 Apr 2026 10:31:34 +0800 Subject: [PATCH 1/2] test: trigger deploy workflow --- dashboard/README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/dashboard/README.md b/dashboard/README.md index 8b99c1e..5c6b25c 100644 --- a/dashboard/README.md +++ b/dashboard/README.md @@ -1,3 +1 @@ # Dashboard - -CI deploy test after fixing duplicate network issue -- 2.52.0 From 0420b0eb136087643d75a286168604e2a0544a9c Mon Sep 17 00:00:00 2001 From: "Gan, Jimmy" Date: Wed, 8 Apr 2026 11:19:12 +0800 Subject: [PATCH 2/2] fix: allow auth cookies over HTTP for Caddy reverse proxy setup --- dashboard/backend/auth_service.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/dashboard/backend/auth_service.py b/dashboard/backend/auth_service.py index cc9d485..5605f6a 100644 --- a/dashboard/backend/auth_service.py +++ b/dashboard/backend/auth_service.py @@ -17,7 +17,9 @@ oauth2_scheme = OAuth2PasswordBearer(tokenUrl="api/auth/login") ACCESS_COOKIE_NAME = "nas_access_token" REFRESH_COOKIE_NAME = "nas_refresh_token" -COOKIE_SECURE = True +# Allow both HTTP and HTTPS by setting secure=False +# In production, Caddy terminates TLS and forwards to backend over HTTP +COOKIE_SECURE = False COOKIE_SAMESITE = "lax" COOKIE_PATH = "/" -- 2.52.0