From 0b8fab8e12e4e2175ee9ce5965d3920a11d96c88 Mon Sep 17 00:00:00 2001 From: Aaron Ashby <101434393+aaronashby@users.noreply.github.com> Date: Tue, 2 Jun 2026 14:11:22 -0400 Subject: [PATCH 1/3] fix: reset sync property to false and update cors origins --- apps/backend/src/data-source.ts | 6 ++---- apps/backend/src/main.ts | 6 +++++- docker-compose.dev.yml | 2 ++ example.env | 4 ++++ 4 files changed, 13 insertions(+), 5 deletions(-) diff --git a/apps/backend/src/data-source.ts b/apps/backend/src/data-source.ts index 7e2a5d2..c99d374 100644 --- a/apps/backend/src/data-source.ts +++ b/apps/backend/src/data-source.ts @@ -16,10 +16,8 @@ const AppDataSource = new DataSource({ password: process.env.NX_DB_PASSWORD, database: process.env.NX_DB_DATABASE, entities: [User, Donation, Goal, EmailTemplate, EmailSubscriber], - migrations: [], - // Setting synchronize: true shouldn't be used in production - otherwise you can lose production data - synchronize: true, - // Removed PluralNamingStrategy - use explicit @Entity('table_name') instead + migrations: ['apps/backend/src/migrations/*.ts'], + synchronize: false, }); export default AppDataSource; diff --git a/apps/backend/src/main.ts b/apps/backend/src/main.ts index a0e60b8..2f95353 100644 --- a/apps/backend/src/main.ts +++ b/apps/backend/src/main.ts @@ -13,8 +13,12 @@ async function bootstrap() { const app = await NestFactory.create(AppModule, { rawBody: true, }); + const origins = (process.env.CORS_ORIGINS ?? 'http://localhost:4200') + .split(',') + .map((s) => s.trim()) + .filter(Boolean); app.enableCors({ - origin: 'http://localhost:4200', + origin: origins, credentials: true, }); diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 0e7e6bc..75ea6d0 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -51,6 +51,8 @@ services: NX_AWS_ACCESS_KEY: ${NX_AWS_ACCESS_KEY} NX_AWS_SECRET_ACCESS_KEY: ${NX_AWS_SECRET_ACCESS_KEY} + STRIPE_SECRET_KEY: ${STRIPE_SECRET_KEY} + VITE_API_BASE_URL: http://localhost:3000 ports: diff --git a/example.env b/example.env index dfe8cb4..7ec005b 100644 --- a/example.env +++ b/example.env @@ -8,6 +8,10 @@ # ------------------------------------------------------------------------------ VITE_API_BASE_URL= +# Comma-separated list of allowed CORS origins (defaults to http://localhost:4200 when unset). +# In prod set to e.g. https://your-wp-site.com,https://your-amplify-domain.amplifyapp.com +CORS_ORIGINS= + # DATABASE NX_DB_HOST=localhost NX_DB_USERNAME=postgres From f55e8392b82915c6e5a382e563f13cc1c3a15250 Mon Sep 17 00:00:00 2001 From: Aaron Ashby <101434393+aaronashby@users.noreply.github.com> Date: Wed, 3 Jun 2026 01:26:23 -0400 Subject: [PATCH 2/3] fix: add SSL configuration to database connection --- apps/backend/src/data-source.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/backend/src/data-source.ts b/apps/backend/src/data-source.ts index c99d374..8ec1955 100644 --- a/apps/backend/src/data-source.ts +++ b/apps/backend/src/data-source.ts @@ -18,6 +18,7 @@ const AppDataSource = new DataSource({ entities: [User, Donation, Goal, EmailTemplate, EmailSubscriber], migrations: ['apps/backend/src/migrations/*.ts'], synchronize: false, + ssl: process.env.NX_DB_SSL === 'true' ? { rejectUnauthorized: false } : false, }); export default AppDataSource; From 48b7aeca06bdd133bb1eb0042804033842b2d4b1 Mon Sep 17 00:00:00 2001 From: Aaron Ashby <101434393+aaronashby@users.noreply.github.com> Date: Wed, 3 Jun 2026 15:27:29 -0400 Subject: [PATCH 3/3] fix: add dotenv to package.json --- package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/package.json b/package.json index 7ca86fb..75ee52b 100644 --- a/package.json +++ b/package.json @@ -67,6 +67,7 @@ "class-validator": "^0.14.0", "class-variance-authority": "^0.7.1", "clsx": "^2.1.1", + "dotenv": "^16.4.5", "global": "^4.4.0", "jwks-rsa": "^3.1.0", "lucide-react": "^0.563.0",