mirror of
https://github.com/dreamhunter2333/cloudflare_temp_email.git
synced 2026-07-12 16:02:10 +08:00
chore: upgrade dependencies (#881)
* chore: upgrade dependencies - dompurify 3.3.1 → 3.3.2 - naive-ui 2.43.2 → 2.44.0 - vue-i18n 11.2.8 → 11.3.0 - @cloudflare/workers-types 4.20260305.1 → 4.20260307.1 - @types/node 25.3.3 → 25.3.5 - wrangler 4.70.0 → 4.71.0 (all subprojects) * feat: upgrade @simplewebauthn packages from v10 to v13 Breaking changes addressed: - [v11] startRegistration/startAuthentication now take object param - [v11] registrationInfo.credential replaces flat destructuring - [v11] authenticator param renamed to credential in verifyAuthenticationResponse - [v13] @simplewebauthn/types removed, types imported from @simplewebauthn/server Packages: - @simplewebauthn/server: 10.0.1 → 13.2.3 - @simplewebauthn/browser: 10.0.0 → 13.2.2 - @simplewebauthn/types: removed (deprecated) * test: add passkey API E2E tests - User registration and login flow - register_request/authenticate_request return valid WebAuthn options - authenticate_response with invalid credential returns 404 - register_response with invalid credential returns error - Passkey list empty for new user - Rename/delete operations with validation * fix: use UI login instead of localStorage injection in browser passkey test The localStorage approach doesn't work with VueUse's useStorage because it doesn't detect external changes during page navigation. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: hash password before registration to match frontend login behavior The frontend hashes passwords with SHA-256 before sending to the API. Registration via API must use the same hashed password so that UI login matches the stored value. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: allow crypto.subtle in Docker browser tests The frontend uses crypto.subtle for password hashing, which requires a secure context (HTTPS or localhost). In Docker, the frontend runs at http://frontend:5173 which is not a secure context. Add Chromium flag to treat this origin as secure. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: serve frontend over HTTPS in Docker for WebAuthn secure context WebAuthn (navigator.credentials) and crypto.subtle both require a secure context (HTTPS or localhost). The Docker frontend was serving over HTTP, making passkey operations impossible. Changes: - Generate self-signed cert in Dockerfile.frontend - Configure Vite to serve over HTTPS - Update FRONTEND_URL to https:// - Add ignoreHTTPSErrors to Playwright browser config - Use localStorage injection for passkey test login Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: add Vite proxy to avoid mixed-content blocking in HTTPS Docker frontend HTTPS pages cannot make HTTP API requests (mixed content). Add a Vite proxy for all API paths so the browser makes same-origin HTTPS requests, which Vite proxies to the HTTP worker server-to-server. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: store userJwt without JSON.stringify in localStorage VueUse's useStorage with a string default uses raw string serialization (no JSON wrapping). Using JSON.stringify added double quotes around the JWT token, causing 401 Unauthorized from the worker. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * refactor: clean up passkey API test per review feedback Remove unused variables and rename test to match actual behavior. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -1,5 +1,6 @@
|
||||
FROM node:20-slim
|
||||
|
||||
RUN apt-get update && apt-get install -y openssl && rm -rf /var/lib/apt/lists/*
|
||||
RUN corepack enable && corepack prepare pnpm@10.10.0 --activate
|
||||
|
||||
WORKDIR /app/frontend
|
||||
@@ -9,14 +10,37 @@ RUN pnpm install --frozen-lockfile || (echo "WARN: frozen-lockfile failed, falli
|
||||
|
||||
COPY frontend/ .
|
||||
|
||||
# Generate self-signed cert for HTTPS (required for WebAuthn/crypto.subtle)
|
||||
RUN openssl req -x509 -newkey rsa:2048 -keyout /tmp/key.pem -out /tmp/cert.pem \
|
||||
-days 365 -nodes -subj '/CN=frontend'
|
||||
|
||||
# Allow Docker internal hostnames (e.g. "frontend") to pass Vite's host check.
|
||||
# Wrap the original config instead of sed-patching it — survives reformats.
|
||||
# Configure HTTPS with self-signed cert for secure context (WebAuthn/crypto.subtle).
|
||||
# Proxy API paths to the worker to avoid mixed-content (HTTPS->HTTP) blocking.
|
||||
RUN mv vite.config.js vite.config.original.js && \
|
||||
echo 'import config from "./vite.config.original.js";\
|
||||
config.server = { ...config.server, allowedHosts: true };\
|
||||
import fs from "fs";\
|
||||
const workerTarget = process.env.VITE_WORKER_URL || "http://worker:8787";\
|
||||
config.server = {\
|
||||
...config.server,\
|
||||
allowedHosts: true,\
|
||||
https: {\
|
||||
key: fs.readFileSync("/tmp/key.pem"),\
|
||||
cert: fs.readFileSync("/tmp/cert.pem"),\
|
||||
},\
|
||||
proxy: {\
|
||||
"/api": { target: workerTarget, changeOrigin: true },\
|
||||
"/admin": { target: workerTarget, changeOrigin: true },\
|
||||
"/user_api": { target: workerTarget, changeOrigin: true },\
|
||||
"/open_api": { target: workerTarget, changeOrigin: true },\
|
||||
"/external": { target: workerTarget, changeOrigin: true },\
|
||||
"/health_check": { target: workerTarget, changeOrigin: true },\
|
||||
},\
|
||||
};\
|
||||
export default config;' > vite.config.js
|
||||
|
||||
ENV VITE_API_BASE=http://worker:8787
|
||||
# Empty VITE_API_BASE so frontend uses same-origin (proxied through Vite)
|
||||
ENV VITE_API_BASE=
|
||||
|
||||
EXPOSE 5173
|
||||
|
||||
|
||||
Reference in New Issue
Block a user