Fix: Preserve /api/v1 prefix in frontend proxy (Fixes #7974)#8004
Fix: Preserve /api/v1 prefix in frontend proxy (Fixes #7974)#8004srijantrpth wants to merge 3 commits into
Conversation
|
@srijantrpth is attempting to deploy a commit to the Flagsmith Team on Vercel. A member of the Team first needs to authorize it. |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Plus Run ID: 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughThe optional API proxy in the development routes now passes the Estimated code review effort: 1 (Trivial) | ~3 minutes Comment |
There was a problem hiding this comment.
Pull request overview
This PR aims to fix a regression where the frontend API proxy strips the required /api/v1 prefix after upgrading to http-proxy-middleware v3, which breaks proxied API calls (notably SAML SSO endpoints).
Changes:
- Adjusts the dev-server Express proxy wiring to avoid mounting the proxy at
'/api/v1/'. - Adds a
pathFilter: '/api/v1/'filter to proxy only the intended API paths while preserving the prefix.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Actionable comments posted: 1
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro Plus
Run ID: 90f5680b-2088-4c03-b8b3-97c6411f09ac
📒 Files selected for processing (2)
frontend/api/dev-routes.jsfrontend/api/index.js
Thanks for submitting a PR! Please check the boxes below:
docs/if required so people know about the feature.Changes
Closes #7974
Fix frontend API proxy stripping
/api/v1prefixThis PR fixes a bug introduced in v2.246.0 where the frontend API proxy strips the mandatory
/api/v1prefix, causing 404/405 errors on SAML SSO logins and all other proxied API calls.The issue was caused by an upgrade to
http-proxy-middlewarev3, which removed the automaticreq.urlpatching when mounting a proxy to a specific path via Express.To resolve this, the middleware configuration in
frontend/api/dev-routes.jshas been updated to align with the v3 migration guide:app.use('/api/v1/').pathFilter: '/api/v1/'property insidecreateProxyMiddlewareto ensure the prefix is preserved and forwarded correctly to the backend.How did you test this code?
I tested this manually by replicating the proxy environment and verifying the routed paths in the backend logs:
make serve(listening on port 8000).FLAGSMITH_PROXY_API_URL=http://localhost:8000 npm run devcurl -X POST http://localhost:8080/api/v1/auth/saml/login/[django.request] ... request=<WSGIRequest: POST '/api/v1/auth/saml/login/'>instead of the stripped/auth/saml/login/path.