From 4d684a9d745cd87b7a3339e2ca7c468f5c0b1eb4 Mon Sep 17 00:00:00 2001
From: Hammer <hammer7839283@gmail.com>
Date: Fri, 30 Jan 2026 04:10:56 +0000
Subject: [PATCH] fix: proxy API through nginx to fix cross-domain cookie
 issues

Brave and other privacy-focused browsers block third-party cookies.
Instead of cross-domain requests from app.thenetwork to api.thenetwork,
nginx now proxies /api/* to the backend, making everything same-origin.
---
 nginx.conf     | 10 ++++++++++
 src/lib/api.ts | 10 ++++------
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index c5afa8f..9c6a21d 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -4,6 +4,16 @@ server {
     root /usr/share/nginx/html;
     index index.html;
 
+    # Proxy API requests to backend (same-origin = no cookie issues in Brave etc.)
+    location /api/ {
+        proxy_pass https://api.thenetwork.donovankelly.xyz/api/;
+        proxy_set_header Host api.thenetwork.donovankelly.xyz;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_ssl_server_name on;
+    }
+
     location / {
         try_files $uri $uri/ /index.html;
     }
diff --git a/src/lib/api.ts b/src/lib/api.ts
index a38ab75..f1b02e9 100644
--- a/src/lib/api.ts
+++ b/src/lib/api.ts
@@ -1,12 +1,10 @@
 import type { Profile, Client, ClientCreate, ClientNote, Event, EventCreate, Email, EmailGenerate, User, Invite, ActivityItem, InsightsData, ImportPreview, ImportResult, NetworkMatch, NetworkStats, Notification, Interaction, BulkEmailResult, EmailTemplate, EmailTemplateCreate, ClientSegment, SegmentFilters, FilterOptions, AuditLogsResponse, MeetingPrep, CommunicationStyle } from '@/types';
 
-const API_BASE = import.meta.env.PROD
-  ? 'https://api.thenetwork.donovankelly.xyz/api'
-  : '/api';
+// Always use same-origin paths — nginx proxies /api/* to the backend
+// This avoids cross-domain cookie issues in Brave and other privacy browsers
+const API_BASE = '/api';
 
-const AUTH_BASE = import.meta.env.PROD
-  ? 'https://api.thenetwork.donovankelly.xyz'
-  : '';
+const AUTH_BASE = '';
 
 const TOKEN_KEY = 'network-auth-token';