feat: replace hardcoded urls

Author: VictoriaTskhondia

backend/src/auth/auth0_api.py

@@ -19,7 +19,8 @@
 
 
 @router.get("/login", name="auth0_login")
-async def login(request: Request):
+async def login(request: Request, redirect_to: str = "/collections"):
+    request.session["redirect_to"] = redirect_to
     redirect_uri = request.url_for("auth0_callback")
     return await oauth.auth0.authorize_redirect(
         request, redirect_uri, prompt="select_account", connection="google-oauth2"
@@ -29,10 +30,8 @@ async def login(request: Request):
 @router.get("/callback", name="auth0_callback")
 async def auth0_callback(request: Request):
     token = await oauth.auth0.authorize_access_token(request)
-
     user = token.get("userinfo") or await oauth.auth0.userinfo(token=token)
 
-    # Create or get the user from database
     db = next(get_db())
     db_user = get_or_create_user_by_email(
         session=db,
@@ -45,7 +44,6 @@ async def auth0_callback(request: Request):
         },
     )
 
-    # Store in session
     request.session["user"] = {
         "email": user["email"],
         "name": user.get("name"),
@@ -54,7 +52,11 @@ async def auth0_callback(request: Request):
     }
     request.session["user_id"] = str(db_user.id)
 
-    return RedirectResponse(url="http://localhost:5173/collections")
+    frontend_url = settings.FRONTEND_URL
+    redirect_to = request.session.pop("redirect_to", "/collections")
+    redirect_url = f"{frontend_url}{redirect_to}"
+
+    return RedirectResponse(url=redirect_url)
 
 
 @router.get("/logout", name="auth0_logout")

backend/src/core/config.py

@@ -34,6 +34,8 @@ class Settings(BaseSettings):
     DOMAIN: str = "localhost"
     ENVIRONMENT: Literal["local", "staging", "production"] = "local"
 
+    FRONTEND_URL: str
+
     BACKEND_CORS_ORIGINS: Annotated[
         list[AnyUrl] | str, BeforeValidator(parse_cors)
     ] = []
@@ -51,6 +53,10 @@ class Settings(BaseSettings):
     AUTH0_CLIENT_SECRET: str
     AUTH0_DOMAIN: str
 
+    ALLOWED_REDIRECT_ORIGINS: Annotated[
+        list[str] | str, BeforeValidator(parse_cors)
+    ] = []
+
     @computed_field  # type: ignore[misc]
     @property
     def SQLALCHEMY_DATABASE_URI(self) -> PostgresDsn:

backend/tests/flashcards/card/test_api.py

@@ -133,6 +133,7 @@ def test_different_user_access(
 ):
     collection_id = test_collection["id"]
     card_id = test_card["id"]
+    client.cookies.clear()
 
     rsp = client.get(
         f"{settings.API_V1_STR}/collections/{collection_id}/cards/{card_id}",

backend/tests/flashcards/collection/test_api.py

@@ -170,6 +170,7 @@ def test_different_user_access(
     normal_user_token_headers: dict[str, str],
     superuser_token_headers: dict[str, str],
 ):
+    client.cookies.clear()
     collection_data = CollectionCreate(name="User Restricted Collection")
     rsp = client.post(
         f"{settings.API_V1_STR}/collections/",
@@ -271,6 +272,7 @@ def test_different_user_update(
     superuser_token_headers: dict[str, str],
     test_collection: dict[str, Any],
 ):
+    client.cookies.clear()
     collection_id = test_collection["id"]
     update_data = CollectionUpdate(name="Cross User Collection Update")
     rsp = client.put(
@@ -338,13 +340,14 @@ def test_different_user_delete(
     test_collection: dict[str, Any],
 ):
     collection_id = test_collection["id"]
+    client.cookies.clear()
+
     rsp = client.delete(
         f"{settings.API_V1_STR}/collections/{collection_id}",
         headers=superuser_token_headers,
     )
 
     assert rsp.status_code == 404
-
     # Verity the data still exists
     verify_rsp = client.get(
         f"{settings.API_V1_STR}/collections/{collection_id}",

frontend/src/hooks/useAuthContext.tsx

@@ -31,9 +31,8 @@ function AuthProvider({ children }: { children: React.ReactNode }) {
 
       try {
         const user = await UsersService.readUserMe()
-        if (user) {
-          setIsLoggedIn(true)
-        }
+        setIsLoggedIn(Boolean(user))
+  
       } catch (error) {
         console.error('Error fetching user:', error)
       }
@@ -69,7 +68,7 @@ function AuthProvider({ children }: { children: React.ReactNode }) {
 
   const logout = async () => {
     try {
-      await fetch('http://localhost:8000/api/v1/auth0/logout', {
+      await fetch(`${import.meta.env.VITE_API_URL}/auth0/logout`, {
         method: 'GET',
         credentials: 'include',
       })

frontend/src/routes/_publicLayout/login.tsx

@@ -53,7 +53,8 @@ function Login() {
   }
 
   const handleGoogleLogin = () => {
-    window.location.href = 'http://localhost:8000/api/v1/auth0/login'
+    window.location.href = `${import.meta.env.VITE_API_URL}/api/v1/auth0/login?redirect_to=/collections`
+
   }
 
   return (

frontend/src/routes/_publicLayout/signup.tsx

@@ -64,9 +64,7 @@ function SignUp() {
   }
 
   const handleGoogleSignup = () => {
-    // This function will be implemented later when we add Auth0 integration
-    console.log('Google signup clicked')
-    window.location.href = 'http://localhost:8000/api/v1/auth0/login'
+    window.location.href = `${import.meta.env.VITE_API_URL}/api/v1/auth0/login?redirect_to=/collections`
   }
 
   return (