jiaolongzhen/soft
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: extract secrets to .env, remove hardcoded credentials

Browse Source 
- Backend: .env file for DB/JWT/Redis/MinIO config, appsettings.json cleared
- Backend: Program.cs loads .env at startup (no extra NuGet packages)
- Frontend: .env files for VITE_API_URL, api-clients use import.meta.env
- Added vite-env.d.ts type declarations for both frontends
- All hardcoded localhost:5000 replaced with env variable
- Added .env.example template for onboarding
This commit is contained in:
MingNian
2026-05-22 22:02:08 +08:00
parent 722ee76d93
commit d6a432aec4
27 changed files with 1616 additions and 472 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend-patient/src/pages/services/ChatPage.tsx
View File

@@ -62,7 +62,7 @@ export function ChatPage() {
// Set up SignalR connection
const conn = new HubConnectionBuilder()
.withUrl('http://localhost:5000/hubs/chat', {
.withUrl(`${import.meta.env.VITE_API_URL}/hubs/chat`, {
accessTokenFactory: () => getToken(),
})
.withAutomaticReconnect()

2
frontend-patient/src/pages/services/ReportDetailPage.tsx
View File

@@ -53,7 +53,7 @@ export function ReportDetailPage() {
<div style={{ fontSize: 13, fontWeight: 500, marginBottom: 8 }}></div>
<div style={{ display: 'flex', gap: 8, flexWrap: 'wrap' }}>
{report.imageUrls.map((url, i) => (
<img key={i} src={`http://localhost:5000${url}`} alt="report"
<img key={i} src={`${import.meta.env.VITE_API_URL}${url}`} alt="report"
style={{ width: 80, height: 80, borderRadius: 8, objectFit: 'cover', border: '1px solid #eee' }} />
))}
</div>

2
frontend-patient/src/pages/services/ReportUploadPage.tsx
View File

@@ -38,7 +38,7 @@ export function ReportUploadPage() {
const formData = new FormData();
formData.append('file', file);
const token = JSON.parse(localStorage.getItem('hrt_auth') || '{}')?.state?.token;
const res = await fetch('http://localhost:5000/api/files/upload', {
const res = await fetch(`${import.meta.env.VITE_API_URL}/api/files/upload`, {
method: 'POST',
headers: token ? { 'Authorization': `Bearer ${token}` } : {},
body: formData,

2
frontend-patient/src/services/api-client.ts
View File

@@ -9,7 +9,7 @@ interface ApiResponse<T> {
message: string;
}
const BASE_URL = 'http://localhost:5000';
const BASE_URL = import.meta.env.VITE_API_URL;
// Endpoints that should NEVER include auth token
const PUBLIC_ENDPOINTS = ['/api/auth/login', '/api/auth/register', '/api/auth/send-sms', '/api/auth/refresh'];

9
frontend-patient/src/vite-env.d.ts vendored Normal file
View File

@@ -0,0 +1,9 @@
/// <reference types="vite/client" />
interface ImportMetaEnv {
readonly VITE_API_URL: string;
}
interface ImportMeta {
readonly env: ImportMetaEnv;
}