underpost 2.85.1 → 2.85.7

package/src/cli/run.js

@@ -5,7 +5,14 @@
  */
 
 import { daemonProcess, getTerminalPid, openTerminal, pbcopy, shellCd, shellExec } from '../server/process.js';
-import { getNpmRootPath, getUnderpostRootPath, isDeployRunnerContext } from '../server/conf.js';
+import {
+  awaitDeployMonitor,
+  Config,
+  getNpmRootPath,
+  getUnderpostRootPath,
+  isDeployRunnerContext,
+  writeEnv,
+} from '../server/conf.js';
 import { actionInitLog, loggerFactory } from '../server/logger.js';
 import UnderpostTest from './test.js';
 import fs from 'fs-extra';
@@ -15,6 +22,7 @@ import UnderpostRootEnv from './env.js';
 import UnderpostRepository from './repository.js';
 import os from 'os';
 import Underpost from '../index.js';
+import dotenv from 'dotenv';
 
 const logger = loggerFactory(import.meta);
 
@@ -44,6 +52,12 @@ class UnderpostRun {
    * @property {boolean} k3s - Whether to run in k3s mode.
    * @property {boolean} kubeadm - Whether to run in kubeadm mode.
    * @property {boolean} force - Whether to force the operation.
+   * @property {boolean} reset - Whether to reset the operation.
+   * @property {boolean} tls - Whether to use TLS.
+   * @property {string} tty - The TTY option for the container.
+   * @property {string} stdin - The stdin option for the container.
+   * @property {string} restartPolicy - The restart policy for the container.
+   * @property {boolean} terminal - Whether to open a terminal.
    * @memberof UnderpostRun
    */
   static DEFAULT_OPTION = {
@@ -59,6 +73,13 @@ class UnderpostRun {
     k3s: false,
     kubeadm: false,
     force: false,
+    reset: false,
+    tls: false,
+    tty: '',
+    stdin: '',
+    restartPolicy: '',
+    terminal: false,
+    devProxyPortOffset: 0,
   };
   /**
    * @static
@@ -106,13 +127,21 @@ class UnderpostRun {
     },
     /**
      * @method kill
-     * @description Kills the process running on the specified port by finding its PID using `lsof -t -i:${path}`.
+     * @description Kills processes listening on the specified port(s). If the `path` contains a `+`, it treats it as a range of ports to kill.
      * @param {string} path - The input value, identifier, or path for the operation (used as the port number).
      * @param {Object} options - The default underpost runner options for customizing workflow
      * @memberof UnderpostRun
      */
-    kill: (path, options = UnderpostRun.DEFAULT_OPTION) => {
-      shellExec(`sudo kill -9 $(lsof -t -i:${path})`);
+    kill: (path = '', options = UnderpostRun.DEFAULT_OPTION) => {
+      for (const _path of path.split(',')) {
+        if (_path.split('+')[1]) {
+          let [port, sumPortOffSet] = _path.split('+');
+          port = parseInt(port);
+          sumPortOffSet = parseInt(sumPortOffSet);
+          for (const sumPort of range(0, sumPortOffSet))
+            shellExec(`sudo kill -9 $(lsof -t -i:${parseInt(port) + parseInt(sumPort)})`);
+        } else shellExec(`sudo kill -9 $(lsof -t -i:${_path})`);
+      }
     },
     /**
      * @method secret
@@ -330,7 +359,9 @@ class UnderpostRun {
       if (!fs.existsSync(`/home/dd/engine/engine-private`))
         shellExec(`cd /home/dd/engine && underpost clone ${process.env.GITHUB_USERNAME}/engine-private`);
       else
-        shellExec(`cd /home/dd/engine/engine-private underpost pull . ${process.env.GITHUB_USERNAME}/engine-private`);
+        shellExec(
+          `cd /home/dd/engine/engine-private && underpost pull . ${process.env.GITHUB_USERNAME}/engine-private`,
+        );
     },
     /**
      * @method release-deploy
@@ -440,6 +471,16 @@ class UnderpostRun {
     'ls-deployments': async (path, options = UnderpostRun.DEFAULT_OPTION) => {
       console.table(await UnderpostDeploy.API.get(path, 'deployments'));
     },
+    /**
+     * @method ls-images
+     * @description Retrieves and logs a table of currently loaded Docker images in the 'kind-worker' node using `UnderpostDeploy.API.getCurrentLoadedImages`.
+     * @param {string} path - The input value, identifier, or path for the operation.
+     * @param {Object} options - The default underpost runner options for customizing workflow
+     * @memberof UnderpostRun
+     */
+    'ls-images': async (path, options = UnderpostRun.DEFAULT_OPTION) => {
+      console.table(UnderpostDeploy.API.getCurrentLoadedImages('kind-worker', false));
+    },
 
     /**
      * @method host-update
@@ -608,10 +649,16 @@ class UnderpostRun {
      * @memberof UnderpostRun
      */
     'git-conf': (path = '', options = UnderpostRun.DEFAULT_OPTION) => {
-      const defaultUsername = UnderpostRootEnv.API.get('GITHUB_USERNAME', '', { disableLog: true });
-      const defaultEmail = UnderpostRootEnv.API.get('GITHUB_EMAIL', '', { disableLog: true });
-      const [username, email] = path && path.split(',').length > 0 ? path.split(',') : [defaultUsername, defaultEmail];
-
+      const defaultUsername = UnderpostRootEnv.API.get('GITHUB_USERNAME');
+      const defaultEmail = UnderpostRootEnv.API.get('GITHUB_EMAIL');
+      const validPath = path && path.split(',').length;
+      const [username, email] = validPath ? path.split(',') : [defaultUsername, defaultEmail];
+      if (validPath) {
+        UnderpostRootEnv.API.set('GITHUB_USERNAME', username);
+        UnderpostRootEnv.API.set('GITHUB_EMAIL', email);
+        UnderpostRootEnv.API.get('GITHUB_USERNAME');
+        UnderpostRootEnv.API.get('GITHUB_EMAIL');
+      }
       shellExec(
         `git config --global credential.helper "" && ` +
           `git config credential.helper "" && ` +
@@ -750,6 +797,47 @@ class UnderpostRun {
       UnderpostDeploy.API.switchTraffic(deployId, env, targetTraffic);
     },
 
+    /**
+     * @method dev
+     * @description Starts development servers for client, API, and proxy based on provided parameters (deployId, host, path, clientHostPort).
+     * @param {string} path - The input value, identifier, or path for the operation (formatted as `deployId,subConf,host,path,clientHostPort`).
+     * @param {Object} options - The default underpost runner options for customizing workflow
+     * @memberof UnderpostRun
+     */
+    dev: async (path = '', options = UnderpostRun.DEFAULT_OPTION) => {
+      let [deployId, subConf, host, _path, clientHostPort] = path.split(',');
+      if (!deployId) deployId = 'dd-default';
+      if (!host) host = 'default.net';
+      if (!_path) _path = '/';
+      if (!clientHostPort) clientHostPort = 'localhost:4004';
+      if (!subConf) subConf = 'local';
+      if (options.reset && fs.existsSync(`./engine-private/conf/${deployId}`))
+        fs.removeSync(`./engine-private/conf/${deployId}`);
+      if (!fs.existsSync(`./engine-private/conf/${deployId}`)) Config.deployIdFactory(deployId, { subConf });
+      if (options.devProxyPortOffset) {
+        const envPath = `./engine-private/conf/${deployId}/.env.development`;
+        const envObj = dotenv.parse(fs.readFileSync(envPath, 'utf8'));
+        envObj.DEV_PROXY_PORT_OFFSET = options.devProxyPortOffset;
+        writeEnv(envPath, envObj);
+      }
+      shellExec(`node bin run dev-cluster expose`);
+      {
+        const cmd = `npm run dev-api ${deployId} ${subConf} ${host} ${_path} ${clientHostPort}${options.tls ? ' tls' : ''}`;
+        options.terminal ? openTerminal(cmd) : shellExec(cmd, { async: true });
+      }
+      await awaitDeployMonitor(true);
+      {
+        const cmd = `npm run dev-client ${deployId} ${subConf} ${host} ${_path} proxy${options.tls ? ' tls' : ''}`;
+        options.terminal
+          ? openTerminal(cmd)
+          : shellExec(cmd, {
+              async: true,
+            });
+      }
+      await awaitDeployMonitor(true);
+      shellExec(`npm run dev-proxy ${deployId} ${subConf} ${host} ${_path}${options.tls ? ' tls' : ''}`);
+    },
+
     /**
      * @method service
      * @description Deploys and exposes specific services (like `mongo-express-service`) on the cluster, updating deployment configurations and monitoring status.
@@ -808,6 +896,21 @@ class UnderpostRun {
       }
     },
 
+    /**
+     * @method release-cmt
+     * @description Commits and pushes a new release for the `engine` repository with a message indicating the new version.
+     * @param {string} path - The input value, identifier, or path for the operation.
+     * @param {Object} options - The default underpost runner options for customizing workflow
+     * @memberof UnderpostRun
+     */
+    'release-cmt': async (path, options = UnderpostRun.DEFAULT_OPTION) => {
+      shellExec(`underpost run pull`);
+      shellExec(`underpost run secret`);
+      shellCd(`/home/dd/engine`);
+      shellExec(`underpost cmt --empty . ci engine ' New engine release $(underpost --version)'`);
+      shellExec(`underpost push . ${process.env.GITHUB_USERNAME}/engine`);
+    },
+
     /**
      * @method sync-replica
      * @description Syncs a replica for the dd.router
@@ -896,6 +999,9 @@ class UnderpostRun {
       const volumeMountPath = options.volumeMountPath || path;
       const volumeHostPath = options.volumeHostPath || path;
       const enableVolumeMount = volumeHostPath && volumeMountPath;
+      const tty = options.tty ? 'true' : 'false';
+      const stdin = options.stdin ? 'true' : 'false';
+      const restartPolicy = options.restartPolicy || 'Never';
 
       if (options.volumeType === 'dev') options.volumeType = 'FileOrCreate';
       const volumeType =
@@ -909,15 +1015,17 @@ kind: Pod
 metadata:
   name: ${podName}
   namespace: ${namespace}
+  labels:
+    app: ${podName}
 spec:
-  restartPolicy: Never
+  restartPolicy: ${restartPolicy}
 ${runtimeClassName ? `  runtimeClassName: ${runtimeClassName}` : ''}
   containers:
     - name: ${containerName}
       image: ${imageName}
       imagePullPolicy: IfNotPresent
-      tty: true
-      stdin: true
+      tty: ${tty}
+      stdin: ${stdin}
       command: ${JSON.stringify(options.command ? options.command : ['/bin/bash', '-c'])}
 ${
   args.length > 0
@@ -953,7 +1061,7 @@ ${
     : ''
 }
 EOF`;
-      shellExec(`kubectl delete pod ${podName}`);
+      shellExec(`kubectl delete pod ${podName} --ignore-not-found`);
       console.log(cmd);
       shellExec(cmd, { disableLog: true });
       const successInstance = await UnderpostTest.API.statusMonitor(podName);

package/src/client/components/core/CommonJs.js

@@ -101,6 +101,7 @@ const cap = (str) =>
 
 const capFirst = (str) => str.charAt(0).toUpperCase() + str.slice(1);
 
+// Other option: Array.from(new Set(arr))
 const uniqueArray = (arr) => arr.filter((item, pos) => arr.indexOf(item) == pos);
 
 const orderArrayFromAttrInt = (arr, attr, type) =>

package/src/client/components/core/SocketIo.js

@@ -35,8 +35,12 @@ const SocketIo = {
       // forceNew: true,
       // reconnectionAttempts: 'Infinity',
       // timeout: 10000,
-      // withCredentials: true,
       // autoConnect: 5000,
+      // Custom auth socket io credentials:
+      withCredentials: true,
+      extraHeaders: {
+        //   "my-custom-header": "abcd"
+      },
       transports: ['websocket', 'polling', 'flashsocket'],
     };
     // logger.error(`connect options:`, JSON.stringify(connectOptions, null, 4));

package/src/client/sw/default.sw.js

@@ -1,108 +1,204 @@
-const PRE_CACHED_RESOURCES = self.renderPayload?.PRE_CACHED_RESOURCES ? self.renderPayload.PRE_CACHED_RESOURCES : [];
-const CACHE_NAME = self.renderPayload?.CACHE_NAME ? self.renderPayload.CACHE_NAME : 'app-cache';
-const PROXY_PATH = self.renderPayload?.PROXY_PATH ? self.renderPayload.PROXY_PATH : '/';
-self.addEventListener('install', (event) => {
-  // Activate right away
-  self.skipWaiting();
-
-  event.waitUntil(
-    (async () => {
-      // Open the app's cache.
-      const cache = await caches.open(CACHE_NAME);
-      // Cache all static resources.
-      try {
-        await cache.addAll(PRE_CACHED_RESOURCES);
-      } catch (error) {
-        console.error(error);
-      }
-      // for (const cacheKey of PRE_CACHED_RESOURCES) {
-      //   try {
-      //     await cache.add(cacheKey);
-      //   } catch (error) {
-      //     console.error(error, cacheKey);
-      //   }
-      // }
-    })(),
-  );
-});
-
-self.addEventListener('activate', (event) => {
-  event.waitUntil(
-    (async () => {
-      // Enable navigation preload if it's supported.
-      // See https://developers.google.com/web/updates/2017/02/navigation-preload
-      if ('navigationPreload' in self.registration) {
-        await self.registration.navigationPreload.enable();
-      }
-    })(),
-  );
-  // Tell the active service worker to take control of the page immediately.
-  self.clients.claim();
-});
-
-self.addEventListener('fetch', (event) => {
-  // Cache-First Strategy
-  event.respondWith(
-    (async () => {
-      // First, try to use the navigation preload response if it's supported.
-      try {
-        const preloadResponse = await event.preloadResponse;
-        if (preloadResponse) return preloadResponse;
-        return await fetch(event.request);
-      } catch (error) {
-        console.error('Fetch failed; returning offline page instead.', event.request.url, error);
-        // Fallback to the offline page.
-        const path = PRE_CACHED_RESOURCES.find((path) => event.request.url.match(path.replaceAll('/index.html', '')));
+/**
+ * This module provides a configurable Progressive Web App (PWA) service worker and caching strategies.
+ * It supports precaching assets, runtime caching with stale-while-revalidate strategy,
+ * and offline fallback handling.
+ * @module src/client/sw/default.sw.js
+ * @namespace PwaServiceWorker
+ */
+
+/**
+ * Class representing a Progressive Web App (PWA) Service Worker with caching strategies.
+ * @class
+ * @memberof PwaServiceWorker
+ */
+class PwaServiceWorker {
+  /**
+   * Initializes the service worker configuration by reading from self.renderPayload.
+   * If properties are not found, defaults are used.
+   * @constructor
+   * @property {Array<string>} PRE_CACHED_RESOURCES - List of resources to precache.
+   * @property {string} CACHE_NAME - Name of the cache storage.
+   * @property {string} PROXY_PATH - Base path for proxying requests.
+   */
+  constructor() {
+    // Configuration properties equivalent to the original global constants
+    this.PRE_CACHED_RESOURCES = self.renderPayload?.PRE_CACHED_RESOURCES ?? [];
+    this.CACHE_NAME = self.renderPayload?.CACHE_NAME ?? 'app-cache';
+    this.PROXY_PATH = self.renderPayload?.PROXY_PATH ?? '/';
+
+    console.log(`Service Worker Initialized. Cache: ${this.CACHE_NAME}, Proxy: ${this.PROXY_PATH}`);
+  }
 
+  /**
+   * Registers event listeners for the service worker lifecycle and requests.
+   * @method
+   * @memberof PwaServiceWorker
+   */
+  run() {
+    // Bind methods to 'this' (the instance) before attaching to self
+    self.addEventListener('install', this._onInstall.bind(this));
+    self.addEventListener('activate', this._onActivate.bind(this));
+    self.addEventListener('fetch', this._onFetch.bind(this));
+  }
+
+  /**
+   * Handles the 'install' event. Skips waiting and precaches static assets.
+   * @param {ExtendableEvent} event
+   * @memberof PwaServiceWorker
+   */
+  _onInstall(event) {
+    // Activate right away
+    self.skipWaiting();
+
+    event.waitUntil(
+      (async () => {
+        // Open the app's cache using the configured name.
+        const cache = await caches.open(this.CACHE_NAME);
+        // Cache all static resources.
         try {
-          const cachedResponse = await caches.match(event.request);
-          if (cachedResponse) return cachedResponse;
-          const cache = await caches.open(CACHE_NAME);
-          const preCachedResponse = await cache.match(path);
-          if (!preCachedResponse) throw new Error(error.message);
-          return preCachedResponse;
+          console.log(`Precaching ${this.PRE_CACHED_RESOURCES.length} resources...`);
+          await cache.addAll(this.PRE_CACHED_RESOURCES);
         } catch (error) {
-          console.error('Error opening cache for pre cached page', {
-            url: event.request.url,
-            error,
-            onLine: navigator.onLine,
-          });
-          try {
-            if (!navigator.onLine) {
-              if (event.request.method.toUpperCase() === 'GET') {
-                const cache = await caches.open(CACHE_NAME);
-                const preCachedResponse = await cache.match(
-                  `${PROXY_PATH === '/' ? '' : PROXY_PATH}/offline/index.html`,
-                );
-                if (!preCachedResponse) throw new Error(error.message);
-                return preCachedResponse;
-              }
-              const response = new Response(JSON.stringify({ status: 'error', message: 'offline test response' }));
-              // response.status = 200;
-              response.headers.set('Content-Type', 'application/json');
-              return response;
-            }
+          console.error('Error during precaching resources:', error);
+        }
+      })(),
+    );
+  }
+
+  /**
+   * Handles the 'activate' event. Enables navigation preload and takes control
+   * of uncontrolled clients immediately.
+   * @param {ExtendableEvent} event
+   * @memberof PwaServiceWorker
+   */
+  _onActivate(event) {
+    event.waitUntil(
+      (async () => {
+        // Enable navigation preload if it's supported.
+        if ('navigationPreload' in self.registration) {
+          await self.registration.navigationPreload.enable();
+          console.log('Navigation Preload enabled.');
+        }
+      })(),
+    );
+    // Tell the active service worker to take control of the page immediately.
+    self.clients.claim();
+  }
+
+  /**
+   * Handles the 'fetch' event, implementing the Cache-First strategy with
+   * complex offline and maintenance fallbacks.
+   * @param {FetchEvent} event
+   * @memberof PwaServiceWorker
+   */
+  _onFetch(event) {
+    // Only handle HTTP/HTTPS requests that are not cross-origin (optional, but robust)
+    if (event.request.url.startsWith('http')) {
+      event.respondWith(this._handleFetchRequest(event));
+    }
+  }
+
+  /**
+   * Core logic to handle fetching, caching, and fallbacks.
+   * @param {FetchEvent} event
+   * @returns {Promise<Response>}
+   * @memberof PwaServiceWorker
+   */
+  async _handleFetchRequest(event) {
+    // 1. Try Navigation Preload (if available) or network first
+    try {
+      const preloadResponse = await event.preloadResponse;
+      if (preloadResponse) return preloadResponse;
+
+      // Fall through to network request if no preload response
+      const networkResponse = await fetch(event.request);
+
+      // OPTIONAL: If the network request is successful, cache it for future use (stale-while-revalidate logic)
+      // Omitted for strict equivalence, as original only had complex fallback, not runtime caching.
+
+      return networkResponse;
+    } catch (error) {
+      console.error('Network request failed. Attempting cache/fallback logic.', event.request.url, error);
+
+      // 2. Try to match the request in the cache
+      try {
+        const cachedResponse = await caches.match(event.request);
+        if (cachedResponse) {
+          console.log(`Cache hit for: ${event.request.url}`);
+          return cachedResponse;
+        }
+
+        // 3. Try to match a precached resource path (e.g., if requesting /page, match /page/index.html)
+        const path = this.PRE_CACHED_RESOURCES.find((p) => event.request.url.match(p.replaceAll('/index.html', '')));
+
+        if (path) {
+          const cache = await caches.open(this.CACHE_NAME);
+          const preCachedResponse = await cache.match(path);
+          if (preCachedResponse) {
+            console.log(`Matched precached resource for: ${event.request.url} via path: ${path}`);
+            return preCachedResponse;
+          }
+        }
+
+        // If neither cache match nor precache path match worked, fall through to complex fallback
+        throw new Error('Cache miss and no precache match.');
+      } catch (cacheError) {
+        console.error('Error in primary cache lookup. Falling back to offline/maintenance pages.', {
+          url: event.request.url,
+          cacheError,
+          onLine: navigator.onLine,
+        });
+
+        // 4. Complex Fallback Logic (Offline or Maintenance)
+        try {
+          const cache = await caches.open(this.CACHE_NAME);
+
+          if (!navigator.onLine) {
+            // A. OFFLINE FALLBACK
             if (event.request.method.toUpperCase() === 'GET') {
-              const cache = await caches.open(CACHE_NAME);
-              const preCachedResponse = await cache.match(
-                `${PROXY_PATH === '/' ? '' : PROXY_PATH}/maintenance/index.html`,
-              );
-              if (!preCachedResponse) throw new Error(error.message);
+              const offlinePath = `${this.PROXY_PATH === '/' ? '' : this.PROXY_PATH}/offline/index.html`;
+              const preCachedResponse = await cache.match(offlinePath);
+
+              if (!preCachedResponse) throw new Error(`Offline page not found in cache: ${offlinePath}`);
+
+              console.log('Serving offline HTML page.');
               return preCachedResponse;
             }
-            const response = new Response(JSON.stringify({ status: 'error', message: 'server in maintenance' }));
-            // response.status = 200;
-            response.headers.set('Content-Type', 'application/json');
-            return response;
-          } catch (error) {
-            console.error('Error opening cache for offline page', event.request.url, error);
-            const response = new Response(JSON.stringify({ status: 'error', message: error.message }));
-            // response.status = 200;
+
+            // B. OFFLINE API FALLBACK (Non-GET requests)
+            console.log('Serving offline JSON response for non-GET request.');
+            const response = new Response(JSON.stringify({ status: 'error', message: 'offline test response' }));
             response.headers.set('Content-Type', 'application/json');
             return response;
           }
+
+          // C. MAINTENANCE FALLBACK (Online, but network failed - interpreted as maintenance)
+          if (event.request.method.toUpperCase() === 'GET') {
+            const maintenancePath = `${this.PROXY_PATH === '/' ? '' : this.PROXY_PATH}/maintenance/index.html`;
+            const preCachedResponse = await cache.match(maintenancePath);
+
+            if (!preCachedResponse) throw new Error(`Maintenance page not found in cache: ${maintenancePath}`);
+
+            console.log('Serving maintenance HTML page.');
+            return preCachedResponse;
+          }
+
+          // D. MAINTENANCE API FALLBACK (Non-GET requests)
+          console.log('Serving maintenance JSON response for non-GET request.');
+          const response = new Response(JSON.stringify({ status: 'error', message: 'server in maintenance' }));
+          response.headers.set('Content-Type', 'application/json');
+          return response;
+        } catch (finalError) {
+          // 5. Final fail-safe response
+          console.error('Final fail-safe execution failed.', event.request.url, finalError);
+          const response = new Response(JSON.stringify({ status: 'error', message: finalError.message }));
+          response.headers.set('Content-Type', 'application/json');
+          return response;
         }
       }
-    })(),
-  );
-});
+    }
+  }
+}
+
+// Instantiate and run the service worker class
+new PwaServiceWorker().run();

package/src/client.dev.js

@@ -15,7 +15,7 @@ const logger = loggerFactory(import.meta);
 
 await logger.setUpInfo();
 
-await buildClientStaticConf();
+await buildClientStaticConf({ devProxy: process.argv[6] === 'proxy' });
 
 await Config.build();
 

package/src/index.js

@@ -35,7 +35,7 @@ class Underpost {
    * @type {String}
    * @memberof Underpost
    */
-  static version = 'v2.85.1';
+  static version = 'v2.85.7';
   /**
    * Repository cli API
    * @static

package/src/proxy.js

@@ -11,7 +11,7 @@ import { Config } from './server/conf.js';
 
 dotenv.config();
 
-await Config.build();
+await Config.build(process.argv[2], process.argv[3], process.argv[4]);
 
 const logger = loggerFactory(import.meta);
 

package/src/runtime/express/Express.js

@@ -23,6 +23,7 @@ import { applySecurity, authMiddlewareFactory } from '../../server/auth.js';
 import { ssrMiddlewareFactory } from '../../server/ssr.js';
 import { TLS } from '../../server/tls.js';
 import { shellExec } from '../../server/process.js';
+import { devProxyHostFactory, isDevProxyContext, isTlsDevProxy } from '../../server/conf.js';
 
 const logger = loggerFactory(import.meta);
 
@@ -94,7 +95,9 @@ class ExpressService {
 
     const app = express();
 
-    if (process.env.NODE_ENV === 'production') app.set('trust proxy', true);
+    if (origins && isDevProxyContext())
+      origins.push(devProxyHostFactory({ host, includeHttp: true, tls: isTlsDevProxy() }));
+    app.set('trust proxy', true);
 
     app.use((req, res, next) => {
       res.on('finish', () => {

package/src/server/auth.js

@@ -17,6 +17,7 @@ import slowDown from 'express-slow-down';
 import cors from 'cors';
 import cookieParser from 'cookie-parser';
 import { DataBaseProvider } from '../db/DataBaseProvider.js';
+import { isDevProxyContext } from './conf.js';
 
 dotenv.config();
 const logger = loggerFactory(import.meta);
@@ -348,7 +349,7 @@ const cookieOptionsFactory = (req, host) => {
     secure,
     sameSite,
     path: '/',
-    domain: process.env.NODE_ENV === 'production' ? host : 'localhost',
+    domain: process.env.NODE_ENV === 'production' || isDevProxyContext() ? host : 'localhost',
     maxAge,
   };