From 12b527e145d9be78c402e7da7e00cbae0eff1efe Mon Sep 17 00:00:00 2001
From: Cipher Vance <hello@ciphervance.com>
Date: Sat, 22 Nov 2025 22:19:16 -0600
Subject: [PATCH] fix: fixing the CORS issues

---
 src/services/api.js | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/src/services/api.js b/src/services/api.js
index ebc0b28..0a631c9 100644
--- a/src/services/api.js
+++ b/src/services/api.js
@@ -1,6 +1,10 @@
 import axios from 'axios'
 
-const API_BASE_URL = process.env.VUE_APP_API_URL || 'http://127.0.0.1:5000'
+// In production, use relative path to hit the proxy
+// In development, use the env variable for dev server proxy
+const API_BASE_URL = process.env.NODE_ENV === 'production' 
+  ? '/api' 
+  : process.env.VUE_APP_API_URL || 'http://127.0.0.1:5000'
 
 const api = axios.create({
   baseURL: API_BASE_URL,
@@ -36,11 +40,14 @@ api.interceptors.response.use(
           throw new Error('No refresh token')
         }
 
-        // Note: You'll need to implement this endpoint on the backend
-        const { data } = await axios.post(
-          `${API_BASE_URL}/api/refresh-token`,
-          { refresh_token: refreshToken }
-        )
+        // Use relative path in production, full URL in development
+        const refreshUrl = process.env.NODE_ENV === 'production'
+          ? '/api/refresh-token'
+          : `${API_BASE_URL}/api/refresh-token`
+
+        const { data } = await axios.post(refreshUrl, {
+          refresh_token: refreshToken
+        })
 
         localStorage.setItem('access_token', data.access_token)
         originalRequest.headers.Authorization = `Bearer ${data.access_token}`