fix(routing): proxy /encryptid/* to encryptid container

The encryptid API routes live on the separate encryptid container, not rspace. Clients on space subdomains (jeff.rspace.online) fetch /encryptid/* relative to the rspace server. Add a catch-all proxy that forwards these requests to the internal encryptid service. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 19:47:39 -07:00 · 2026-03-12 19:47:39 -07:00 · 9343dc13ab
parent 058592f5e3
commit 9343dc13ab
1 changed files with 20 additions and 0 deletions
--- a/server/index.ts
+++ b/server/index.ts
@ -402,6 +402,26 @@ app.route("/api/notifications", notificationRouter);
 app.route("/api/mi", miRoutes);


+// ── EncryptID proxy (forward /encryptid/* to encryptid container) ──
+const ENCRYPTID_INTERNAL = process.env.ENCRYPTID_INTERNAL_URL || "http://encryptid:3000";
+app.all("/encryptid/*", async (c) => {
+	const targetUrl = `${ENCRYPTID_INTERNAL}${c.req.path}${new URL(c.req.url).search}`;
+	const headers = new Headers(c.req.raw.headers);
+	headers.delete("host");
+	try {
+		const res = await fetch(targetUrl, {
+			method: c.req.method,
+			headers,
+			body: c.req.method !== "GET" && c.req.method !== "HEAD" ? c.req.raw.body : undefined,
+			// @ts-ignore duplex needed for streaming request bodies
+			duplex: "half",
+		});
+		return new Response(res.body, { status: res.status, headers: res.headers });
+	} catch (e: any) {
+		return c.json({ error: "EncryptID service unavailable" }, 502);
+	}
+});
+
 // ── Existing /api/communities/* routes (backward compatible) ──

 /** Resolve a community slug to SpaceAuthConfig for the SDK guard */