Skip to content

fix(setup): derive signin URL from api_url for self-hosted instances#131

Open
manumishra12 wants to merge 1 commit into
HexmosTech:mainfrom
manumishra12:fix/self-hosted-signin-url
Open

fix(setup): derive signin URL from api_url for self-hosted instances#131
manumishra12 wants to merge 1 commit into
HexmosTech:mainfrom
manumishra12:fix/self-hosted-signin-url

Conversation

@manumishra12

Copy link
Copy Markdown

Summary

Fixes #28 — when git-lrc is configured against a self-hosted LiveReview instance, the signin / "Re-authenticate" flow always redirected to the cloud hexmos.com domain instead of the self-hosted server. Self-hosted users saw not authenticated, and clicking Re-authenticate bounced them to hexmos.com even though review-on-commit requests were correctly going to their local instance.

Root cause

runHexmosLoginFlow already had the configured apiURL in scope (self-hosted-aware), but BuildSigninURL(callbackURL) ignored it and always parsed the hardcoded cloud constant HexmosSigninBase = "https://hexmos.com/signin". Both initial setup and the UI re-authenticate button share this code path, so both were affected.

Fix

Thread apiURL into BuildSigninURL and resolve the signin base via a new ResolveSigninBase(apiURL) with this precedence:

  1. LRC_SIGNIN_URL env override, if set;
  2. cloud default (hexmos.com/signin) when api_url is empty or the cloud URL — cloud behavior is unchanged;
  3. otherwise <api_url>/signin, so a self-hosted instance signs in against itself.

Also relaxed the signin base validation to allow http (local self-hosted instances), still requiring a valid scheme and a non-empty host. The <api_url>/signin derivation mirrors the existing network/endpoints.go convention (strings.TrimSuffix(apiURL, "/") + path).

⚠️ Note for maintainers

The <api_url>/signin path is a reasonable assumption — I couldn't find a documented convention in the repo for where a self-hosted LiveReview serves its signin page. If that path is wrong, the LRC_SIGNIN_URL override means self-hosters aren't blocked, but please confirm the correct path so the derived default can be corrected if needed.

Testing

  • go build ./..., go vet, gofmt -l all clean
  • setup and internal/appui packages pass, including new BuildSigninURL tests covering: cloud default, empty api_url, self-hosted derivation, trailing-slash api_url, and the LRC_SIGNIN_URL override.

The signin/re-authenticate flow always redirected to the cloud
hexmos.com domain, even when git-lrc was configured against a
self-hosted LiveReview instance. BuildSigninURL ignored the api_url
and always parsed the hardcoded HexmosSigninBase constant, so
self-hosted users saw 'not authenticated' and re-auth bounced them
to hexmos.com instead of their own server.

Thread api_url into BuildSigninURL and resolve the signin base via
ResolveSigninBase:
  1. LRC_SIGNIN_URL override, if set;
  2. cloud default (hexmos.com/signin) when api_url is empty or the
     cloud URL -- cloud behavior is unchanged;
  3. otherwise <api_url>/signin, so a self-hosted instance signs in
     against itself.

Also relax the signin base to allow http (local self-hosted
instances), still requiring a valid scheme and host. Covers both
initial setup and the UI re-authenticate button, which share this
code path.

Fixes HexmosTech#28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

git-lrc ui issues with self-hosted LiveReview

1 participant