attempt to fix uploads + move some more stuff to hono (#358)

* attempt to fix uploads + move some more stuff to hono

* move all /api/desktop to hono

* bruh

* allow preview urls as main domains

* specify md5Sum beforehand

* all working :)

Author: Brendonovich

.env.example

@@ -8,10 +8,14 @@
 ### @cap/desktop
 VITE_ENVIRONMENT=${NODE_ENV}
 
-# @cap/web + @cap/desktop
-VITE_SERVER_URL=${NEXT_PUBLIC_WEB_URL}
 # only @cap/desktop
 # VITE_SERVER_URL=https://cap.so
+# @cap/web + @cap/desktop
+VITE_SERVER_URL=${NEXT_PUBLIC_WEB_URL}
+
+# Ignore if you're not a Cap team member
+# Needed if VITE_SERVER_URL is a protected Vercel deployment
+# VITE_VERCEL_AUTOMATION_BYPASS_SECRET=
 
 CAP_DESKTOP_SENTRY_URL=
 RUST_BACKTRACE=full

apps/desktop/package.json

@@ -2,7 +2,7 @@
   "name": "@cap/desktop",
   "type": "module",
   "scripts": {
-    "dev": "pnpm -w cap-setup && dotenv -e ../../.env -- pnpm run preparescript && pnpm tauri dev",
+    "dev": "pnpm -w cap-setup && dotenv -e ../../.env -- pnpm run preparescript && dotenv -e ../../.env -- pnpm tauri dev",
     "build:tauri": "dotenv -e ../../.env -- pnpm run preparescript && dotenv -e ../../.env -- pnpm tauri build",
     "preparescript": "node scripts/prepare.js",
     "localdev": "dotenv -e ../../.env -- vinxi dev --port 3001",

apps/desktop/src-tauri/capabilities/default.json

@@ -55,9 +55,9 @@
     {
       "identifier": "http:default",
       "allow": [
-        { "url": "https://cap.so" },
-        { "url": "https://l.cap.so" },
-        { "url": "http://localhost:3000/*" }
+        { "url": "http://*" },
+        { "url": "https://*" },
+        { "url": "http://localhost:*" }
       ]
     },
     "clipboard-manager:allow-write-text"

apps/desktop/src-tauri/src/lib.rs

@@ -2006,7 +2006,6 @@ pub async fn run(recording_logging_handle: LoggingHandle) {
             reset_microphone_permissions,
             is_camera_window_open,
             seek_to,
-            send_feedback_request,
             windows::position_traffic_lights,
             windows::set_theme,
             global_message_dialog,
@@ -2383,53 +2382,6 @@ fn screenshot_path(app: &AppHandle, screenshot_id: &str) -> PathBuf {
     screenshots_path(app).join(format!("{}.cap", screenshot_id))
 }
 
-#[tauri::command]
-#[specta::specta]
-async fn send_feedback_request(app: AppHandle, feedback: String) -> Result<(), String> {
-    let auth = AuthStore::get(&app)
-        .map_err(|e| e.to_string())?
-        .ok_or("Not authenticated")?;
-
-    let feedback_url = web_api::make_url("/api/desktop/feedback");
-
-    // Create a proper multipart form
-    let form = reqwest::multipart::Form::new().text("feedback", feedback);
-
-    let client = reqwest::Client::new();
-    let response = client
-        .post(feedback_url)
-        .header("Authorization", format!("Bearer {}", auth.token))
-        .multipart(form)
-        .send()
-        .await
-        .map_err(|e| format!("Failed to send feedback: {}", e))?;
-
-    if !response.status().is_success() {
-        println!("Feedback request failed with status: {}", response.status());
-
-        let error_text = response
-            .text()
-            .await
-            .map_err(|_| "Failed to read error response")?;
-
-        println!("Error response: {}", error_text);
-
-        // Parse the error response and convert to owned String immediately
-        let error = match serde_json::from_str::<serde_json::Value>(&error_text) {
-            Ok(v) => v
-                .get("error")
-                .and_then(|e| e.as_str())
-                .map(ToString::to_string)
-                .unwrap_or_else(|| "Failed to submit feedback".to_string()),
-            Err(_) => "Failed to submit feedback".to_string(),
-        };
-
-        return Err(error);
-    }
-
-    Ok(())
-}
-
 #[tauri::command]
 #[specta::specta]
 fn global_message_dialog(app: AppHandle, message: String) {

apps/desktop/src-tauri/src/upload.rs

@@ -454,26 +454,14 @@ pub async fn get_s3_config(
     is_screenshot: bool,
     video_id: Option<String>,
 ) -> Result<S3UploadMeta, String> {
-    let origin = "http://tauri.localhost";
     let config_url = web_api::make_url(if let Some(id) = video_id {
-        format!(
-            "/api/desktop/video/create?origin={}&recordingMode=desktopMP4&videoId={}",
-            origin, id
-        )
+        format!("/api/desktop/video/create?recordingMode=desktopMP4&videoId={id}")
     } else if is_screenshot {
-        format!(
-            "/api/desktop/video/create?origin={}&recordingMode=desktopMP4&isScreenshot=true",
-            origin
-        )
+        "/api/desktop/video/create?recordingMode=desktopMP4&isScreenshot=true".to_string()
     } else {
-        format!(
-            "/api/desktop/video/create?origin={}&recordingMode=desktopMP4",
-            origin
-        )
+        "/api/desktop/video/create?recordingMode=desktopMP4".to_string()
     });
 
-    dbg!(&config_url);
-
     let response = app
         .authed_api_request(|client| client.get(config_url))
         .await
@@ -1311,7 +1299,8 @@ impl ProgressiveUploadTask {
                     .json(&serde_json::json!({
                         "fileKey": file_key,
                         "uploadId": upload_id,
-                        "partNumber": *part_number
+                        "partNumber": *part_number,
+                        "md5Sum": &md5_sum
                     }))
             })
             .await
@@ -1368,8 +1357,6 @@ impl ProgressiveUploadTask {
 
             match client
                 .put(&presigned_url)
-                .header("Content-Length", total_read.to_string())
-                .header("Connection", "keep-alive")
                 .header("Content-MD5", &md5_sum)
                 .timeout(Duration::from_secs(120))
                 .body(chunk.clone())

apps/desktop/src-tauri/src/web_api.rs

@@ -15,10 +15,13 @@ async fn do_authed_request(
 ) -> Result<reqwest::Response, reqwest::Error> {
     let client = reqwest::Client::new();
 
-    build(client)
-        .header("Authorization", format!("Bearer {}", auth.token))
-        .send()
-        .await
+    let mut req = build(client).header("Authorization", format!("Bearer {}", auth.token));
+
+    if let Some(s) = std::option_env!("VITE_VERCEL_AUTOMATION_BYPASS_SECRET") {
+        req = req.header("x-vercel-protection-bypass", s);
+    }
+
+    req.send().await
 }
 
 pub trait ManagerExt<R: Runtime>: Manager<R> {

apps/desktop/src/routes/(window-chrome)/signin.tsx

@@ -75,7 +75,8 @@ function createSessionRequestUrl(
   platform: "web" | "desktop"
 ) {
   const callbackUrl = new URL(
-    `${clientEnv.VITE_SERVER_URL}/api/desktop/session/request`
+    `/api/desktop/session/request`,
+    clientEnv.VITE_SERVER_URL
   );
 
   if (port !== null) callbackUrl.searchParams.set("port", port);

apps/desktop/src/routes/(window-chrome)/upgrade.tsx

@@ -75,7 +75,8 @@ const signInAction = action(async (planType: "yearly" | "monthly") => {
     console.log("Platform:", platform);
 
     const callbackUrl = new URL(
-      `${clientEnv.VITE_SERVER_URL}/api/desktop/session/request`
+      `/api/desktop/session/request`,
+      clientEnv.VITE_SERVER_URL
     );
     callbackUrl.searchParams.set("port", port);
     callbackUrl.searchParams.set("platform", platform);

apps/desktop/src/utils/tauri.ts

@@ -140,9 +140,6 @@ async isCameraWindowOpen() : Promise<boolean> {
 async seekTo(frameNumber: number) : Promise<null> {
     return await TAURI_INVOKE("seek_to", { frameNumber });
 },
-async sendFeedbackRequest(feedback: string) : Promise<null> {
-    return await TAURI_INVOKE("send_feedback_request", { feedback });
-},
 async positionTrafficLights(controlsInset: [number, number] | null) : Promise<void> {
     await TAURI_INVOKE("position_traffic_lights", { controlsInset });
 },

apps/desktop/src/utils/web-api.ts

@@ -6,6 +6,9 @@ import { clientEnv } from "./env";
 import { authStore } from "~/store";
 
 const api: ApiFetcher = async (args) => {
+  const bypassSecret = import.meta.env.VITE_VERCEL_AUTOMATION_BYPASS_SECRET;
+  if (bypassSecret) args.headers["x-vercel-protection-bypass"] = bypassSecret;
+
   const resp = await fetch(args.path, args);
 
   let body;
@@ -17,6 +20,8 @@ const api: ApiFetcher = async (args) => {
     body = await resp.text();
   }
 
+  console.log({ body });
+
   return {
     body,
     status: resp.status,