feat(custom-domain): allow to use custom domain #9106
Draft
+1,416
−989
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Refactor subdomain generation logic to a dedicated utility while adding comprehensive tests for subdomain handling. Introduce Cloudflare-based custom domain management functions and exceptions for better domain lifecycle management. Simplify workspace domain updates and enhance overall validation processes.
Update terminology across services, entities, and exceptions from 'domain' to 'hostname' for consistency and clarity. Adjust related methods, fields, and exception codes accordingly. Ensure backward compatibility is maintained while implementing the new naming convention.
Refactor subdomain generation logic to a dedicated utility while adding comprehensive tests for subdomain handling. Introduce Cloudflare-based custom domain management functions and exceptions for better domain lifecycle management. Simplify workspace domain updates and enhance overall validation processes.
Update terminology across services, entities, and exceptions from 'domain' to 'hostname' for consistency and clarity. Adjust related methods, fields, and exception codes accordingly. Ensure backward compatibility is maintained while implementing the new naming convention.
… into feat/allow-to-use-custom-domain
…tom-domain # Conflicts: # packages/twenty-front/src/generated/graphql.tsx # packages/twenty-server/src/engine/core-modules/domain-manager/domain-manager.exception.ts # packages/twenty-server/src/engine/core-modules/domain-manager/service/domain-manager.service.ts # packages/twenty-server/src/engine/core-modules/workspace/services/workspace.service.ts # packages/twenty-server/src/engine/core-modules/workspace/workspace.resolver.ts
…tom-domain # Conflicts: # packages/twenty-server/src/engine/core-modules/auth/controllers/google-auth.controller.ts # packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.ts # packages/twenty-server/src/engine/core-modules/auth/strategies/google.auth.strategy.ts # packages/twenty-server/src/engine/core-modules/auth/strategies/microsoft.auth.strategy.ts
Refactored the auth flow to streamline invitation handling by replacing token-specific fields with a unified `invitation` object. Updated SSO logic to centralize logic for workspace determination, adjust redirect URI handling, and improve maintainability. Removed redundant dependencies and optimized multi-workspace support.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -1,3 +1,5 @@ | |||
| process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; | |||
Check failure
Code scanning / CodeQL
Disabling certificate validation High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 1 day ago
To fix the problem, we need to ensure that TLS certificate validation is not disabled. This involves removing or modifying the line that sets process.env.NODE_TLS_REJECT_UNAUTHORIZED to '0'. If this setting is required for development or testing purposes, it should be conditionally applied based on the environment, ensuring it is never used in production.
The best way to fix this without changing existing functionality is to conditionally set process.env.NODE_TLS_REJECT_UNAUTHORIZED based on an environment variable that explicitly indicates a development or testing environment. This way, we can maintain security in production while allowing flexibility in non-production environments.
Suggested changeset
1
packages/twenty-front/codegen.cjs
| @@ -1,2 +1,4 @@ | ||
| process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; | ||
| if (process.env.NODE_ENV !== 'production') { | ||
| process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; | ||
| } | ||
|
|
Copilot is powered by AI and may make mistakes. Always verify output.
Eliminated the redundant "switch workspace" functionality from both server and front-end implementations. Updated related components and services to utilize hostname-based workspace handling instead. Ensured compatibility with existing workspace management flows.
Refactored domain settings to separate subdomain functionality into its own component for better modularity. Replaced inline logic with `SettingsSubdomain` to streamline `SettingsDomain` structure. Improved readability and maintainability of domain configuration flow.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Features:
Resources:
Notion:
https://mulberry-crowley-a94.notion.site/12106d668cc9803383b3e0d8ac752605?v=12106d668cc980e193cb000c06d256d7
Figma:
https://www.figma.com/design/xt8O9mFeLl46C5InWwoMrN/Twenty?node-id=43118-109927&t=ss0P7BqLKs4RCyXq-0
Fix #9060