Update error handling and enhance NGINX configuration

Benji918 · Benji918 · commit fa2223919dc9 · 2025-08-06T17:06:02.000+01:00
Improved login error reporting in `auth.py` to include exception details for better debugging. Updated `nginx.conf` to clean up server directives, enforce HTTPS redirect, and enhance security and flexibility with revised headers, buffer size, and timeout settings.
diff --git a/app/api/v1/endpoints/auth.py b/app/api/v1/endpoints/auth.py
@@ -83,7 +83,7 @@ def login(
         logger.error("Login failed", error=str(e), email=email)
         raise HTTPException(
             status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Login failed"
+            detail=f"Login failed {str(e)}"
         )
 
 
diff --git a/nginx.conf b/nginx.conf
@@ -1,32 +1,37 @@
+
 server {
     listen 80;
-    server_name intellibank.duckdns.org 24.144.109.220;
-    return 301 https://intellibank.duckdns.org$request_uri;
+    server_name intellibank.duckdns.org;
+    return 301 https://$host$request_uri;
 }
 
+# Main HTTPS server
 server {
-    listen 443 ssl;
-    server_name intellibank.duckdns.org 24.144.109.220;
+    listen 443 ssl http2;
+    server_name intellibank.duckdns.org;
 
-    # SSL configuration (replace paths with your certs)
-    ssl_certificate /etc/letsencrypt/live/intellibank.duckdns.org/fullchain.pem;
+    # SSL certs created by Certbot / Let’s Encrypt
+    ssl_certificate     /etc/letsencrypt/live/intellibank.duckdns.org/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/intellibank.duckdns.org/privkey.pem;
     ssl_trusted_certificate /etc/letsencrypt/live/intellibank.duckdns.org/chain.pem;
 
-    # Security headers
+    # Security headers (optional but recommended)
     add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
     add_header X-Content-Type-Options "nosniff";
     add_header X-Frame-Options "SAMEORIGIN";
 
-    # Proxy to your backend
+    # Increase buffer sizes if you have large JSON payloads
+    client_max_body_size 10M;
+
     location / {
-        proxy_pass http://127.0.0.1:8000;
+        proxy_pass         http://127.0.0.1:8000;   # your FastAPI/Uvicorn
         proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header   Upgrade $http_upgrade;
+        proxy_set_header   Connection "upgrade";
+        proxy_set_header   Host $host;
+        proxy_set_header   X-Real-IP $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Forwarded-Proto $scheme;
+        proxy_read_timeout 90;
     }
-}
+}

Original file line number	Diff line number	Diff line change
`@@ -83,7 +83,7 @@ def login(`
`83`	`83`	`logger.error("Login failed", error=str(e), email=email)`
`84`	`84`	`raise HTTPException(`
`85`	`85`	`status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,`
`86`		`- detail="Login failed"`
	`86`	`+ detail=f"Login failed {str(e)}"`
`87`	`87`	`)`
`88`	`88`
`89`	`89`