fix: resolve login network error behind Traefik proxy

2026-02-20 15:20:03 +06:00
parent 8e02b9ad09
commit 4789771836
3 changed files with 23 additions and 10 deletions
--- a/app.py
+++ b/app.py
@@ -16,11 +16,9 @@ def create_app():
    app.secret_key = SECRET_KEY
    app.config['SESSION_COOKIE_HTTPONLY'] = True
    app.config['SESSION_COOKIE_SAMESITE'] = 'Lax'
-    app.config['SESSION_COOKIE_SECURE'] = os.getenv('FLASK_ENV') == 'production'
    app.config['PERMANENT_SESSION_LIFETIME'] = 86400  # 24 hours
-    app.config['PREFERRED_URL_SCHEME'] = 'https'
    
-    # Trust the reverse proxy headers from Coolify/Traefik
+    # Behind Coolify/Traefik: trust proxy headers
    from werkzeug.middleware.proxy_fix import ProxyFix
    app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1, x_host=1, x_prefix=1)
    
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -15,7 +15,6 @@ services:
      - SECRET_KEY=${SECRET_KEY:-}
      - TTS_API_URL=${TTS_API_URL:-http://localhost:5010/api/v1}
      - TTS_API_KEY=${TTS_API_KEY:-}
-      - FLASK_ENV=production
    volumes:
      - type: bind
        source: /opt/apps/Audiobook Maker Pro-v4
--- a/templates/login.html
+++ b/templates/login.html
@@ -260,7 +260,7 @@
            
            <div class="login-footer">
                <i class="bi bi-shield-lock me-1"></i>
-                Audiobook Maker Pro v3.1
+                Audiobook Maker Pro v4
            </div>
        </div>
    </div>
@@ -295,18 +295,33 @@
            // Hide previous error
            errorDiv.classList.remove('visible');
            
+            // Client-side validation
+            if (!username || !password) {
+                errorText.textContent = 'Please enter username and password.';
+                errorDiv.classList.add('visible');
+                return;
+            }
+            
            // Show loading
            loginBtn.disabled = true;
            btnText.textContent = 'Signing in...';
            spinner.style.display = 'inline-block';
            
            try {
-                const response = await fetch('/api/auth/login', {
+                const response = await fetch(window.location.origin + '/api/auth/login', {
                    method: 'POST',
                    headers: { 'Content-Type': 'application/json' },
-                    body: JSON.stringify({ username, password })
+                    body: JSON.stringify({ username, password }),
+                    redirect: 'follow',
+                    credentials: 'same-origin'
                });
                
+                // Handle non-JSON responses (e.g., 500 server error pages)
+                const contentType = response.headers.get('content-type') || '';
+                if (!contentType.includes('application/json')) {
+                    throw new Error('Server returned status ' + response.status);
+                }
+                
                const data = await response.json();
                
                if (data.error) {
@@ -326,7 +341,8 @@
                window.location.href = '/';
                
            } catch (error) {
-                errorText.textContent = 'Network error. Please try again.';
+                console.error('Login fetch error:', error);
+                errorText.textContent = 'Connection error. Please try again.';
                errorDiv.classList.add('visible');
                loginBtn.disabled = false;
                btnText.textContent = 'Sign In';