henry
5db020132e
- Multi-stage Dockerfile: Node builds static assets, nginx serves them - nginx proxies /api/* to football-data.org and injects X-Auth-Token server-side via FOOTBALL_API_KEY env var (key never in browser bundle) - docker-compose.yml exposes the app on port 3000 - Extract apiFetch() helper: sends key in dev (Vite proxy), skips in prod - .env.example updated with both dev and production key vars Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
12 lines
464 B
JavaScript
12 lines
464 B
JavaScript
// In dev, Vite proxies /api/* but doesn't inject the key, so we send it
|
|
// from the browser. In production the nginx proxy injects it server-side.
|
|
const DEV_KEY = import.meta.env.VITE_FOOTBALL_API_KEY
|
|
|
|
export function apiFetch(path) {
|
|
const headers = DEV_KEY ? { 'X-Auth-Token': DEV_KEY } : {}
|
|
return fetch(`/api${path}`, { headers }).then((res) => {
|
|
if (!res.ok) throw new Error(`API error: ${res.status} ${res.statusText}`)
|
|
return res.json()
|
|
})
|
|
}
|