feat(frontend-plus-api): inter-app service discovery + server-side proxy#15
Open
jona62 wants to merge 2 commits into
Open
feat(frontend-plus-api): inter-app service discovery + server-side proxy#15jona62 wants to merge 2 commits into
jona62 wants to merge 2 commits into
Conversation
…e proxy frontend-web now proxies /api to its sibling over loopback using the RIGBOX_FRONTEND_API_URL the platform injects from `dependsOn: [frontend-api]` (localhost fallback for local dev). The browser stays same-origin, so the API needs no CORS and frontend-api stays private — only frontend-web is shared public. Replaces the old cross-origin browser fetch that failed with "CORS request did not succeed" against the private API.
The page now toggles how server.js reaches the backend:
- Private (default): proxy /api over the VM loopback (no creds, unmetered).
- Internet: proxy /api to frontend-api's PUBLIC subdomain, authenticated
server-side with X-Rigbox-Key from an optional RIGBOX_API_KEY deploy
secret — exercising the public/metered path while the API stays private.
The key is an optional secret (`secrets: [{ name: RIGBOX_API_KEY, optional:
true }]`), so deploy succeeds with or without it; when unset the toggle shows
a toast with instructions and the app stays on the loopback route. The key
never reaches the browser. README documents the toggle, the owner-key
requirement, the workspace-scoped-key recommendation, and the
`rig app share --public` keyless alternative. Requires CLI >= 0.12.33.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Reworks the example to use the new platform inter-app networking:
frontend-webproxies/apito its sibling over loopback usingRIGBOX_FRONTEND_API_URL, which the platform injects fromdependsOn: [frontend-api](localhost fallback keepsnode server.jsworking in local dev).frontend-apistays private (the default). Onlyfrontend-webis shared public.fetchthat failed withCORS request did not succeedagainst the private API.Verified live end-to-end:
frontend-web/api/todos→ 200 (proxied over loopback) whilefrontend-apidirect subdomain → 302 (private).Note: full platform injection requires CLI ≥ 0.12.33 (sends
run.dependsOn); on older CLIs theserver.jslocalhost fallback keeps the demo working.