consultoria-as/Autoparts-DB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(pos): fix proxy Content-Type forwarding and SW auth caching

Browse Source 
Proxy was using resp.raw.headers (urllib3) which could miss Content-Type;
switched to resp.headers. SW now skips /pos/api/auth/ to prevent stale
token caching, scopes fetch to /pos/ only, and bumps cache to v2.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
consultoria-as
2026-04-04 02:13:36 +00:00
parent 8539720645
commit 29174c9108
2 changed files with 29 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
dashboard/server.py
View File

@@ -185,25 +185,31 @@ def index():
# ── POS Proxy — forward /pos/* to POS server on port 5001 ── # ── POS Proxy — forward /pos/* to POS server on port 5001 ──
@app.route('/pos/', defaults={'path': ''}) @app.route('/pos/', defaults={'path': ''})
@app.route('/pos/<path:path>', methods=['GET', 'POST', 'PUT', 'DELETE']) @app.route('/pos/<path:path>', methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'])
def pos_proxy(path): def pos_proxy(path):
import requests as req import requests as req
target = f'http://127.0.0.1:5001/pos/{path}' target = f'http://127.0.0.1:5001/pos/{path}'
# Forward the request # Forward the request
try: try:
headers = {k: v for k, v in request.headers if k.lower() not in ('host', 'content-length')} # Forward all headers except hop-by-hop ones
excluded_req = {'host', 'content-length'}
headers = {k: v for k, v in request.headers if k.lower() not in excluded_req}
resp = req.request( resp = req.request(
method=request.method, method=request.method,
url=target, url=target,
headers=headers, headers=headers,
params=request.args, params=request.args,
data=request.get_data(), data=request.get_data(),
timeout=30 timeout=30,
allow_redirects=False
) )
# Build response # Build response — use resp.headers (not resp.raw.headers) for correct Content-Type
from flask import Response from flask import Response
excluded = {'content-encoding', 'transfer-encoding', 'connection'} excluded_resp = {'content-encoding', 'transfer-encoding', 'connection',
resp_headers = [(k, v) for k, v in resp.raw.headers.items() if k.lower() not in excluded] 'keep-alive', 'proxy-authenticate', 'proxy-authorization',
'te', 'trailers', 'upgrade'}
resp_headers = [(k, v) for k, v in resp.headers.items()
if k.lower() not in excluded_resp]
return Response(resp.content, status=resp.status_code, headers=resp_headers) return Response(resp.content, status=resp.status_code, headers=resp_headers)
except Exception as e: except Exception as e:
return jsonify({'error': f'POS server unavailable: {str(e)}'}), 502 return jsonify({'error': f'POS server unavailable: {str(e)}'}), 502

18
pos/static/pwa/sw.js
View File

@@ -1,7 +1,7 @@
// /home/Autopartes/pos/static/pwa/sw.js // /home/Autopartes/pos/static/pwa/sw.js
// Nexus POS — Service Worker v1 // Nexus POS — Service Worker v1
const CACHE_NAME = 'nexus-pos-v1'; const CACHE_NAME = 'nexus-pos-v2';
const APP_SHELL = [ const APP_SHELL = [
'/pos/login', '/pos/login',
@@ -64,6 +64,22 @@ self.addEventListener('activate', function (event) {
self.addEventListener('fetch', function (event) { self.addEventListener('fetch', function (event) {
var url = new URL(event.request.url); var url = new URL(event.request.url);
// Only handle requests within /pos/ scope
if (url.pathname.indexOf('/pos/') === -1) {
return;
}
// Never cache auth endpoints — tokens must always come from the server
if (url.pathname.indexOf('/pos/api/auth/') !== -1) {
return;
}
// Don't cache login page — always fetch fresh to avoid stale redirects
if (url.pathname === '/pos/login' || url.pathname === '/pos/login/') {
event.respondWith(networkFirst(event.request));
return;
}
// API calls → network-first // API calls → network-first
if (url.pathname.indexOf('/pos/api/') !== -1) { if (url.pathname.indexOf('/pos/api/') !== -1) {
event.respondWith(networkFirst(event.request)); event.respondWith(networkFirst(event.request));