Setup Redis passwords to be used in Vm installation or via Docker

Setup so that CORS_ORIGIN error appears on the frontend to help new installations

frontend/src/components/FirstTimeAdminSetup.jsx

@@ -2,6 +2,7 @@ import { AlertCircle, CheckCircle, Shield, UserPlus } from "lucide-react";
 import { useId, useState } from "react";
 import { useNavigate } from "react-router-dom";
 import { useAuth } from "../contexts/AuthContext";
+import { isCorsError } from "../utils/api";
 
 const FirstTimeAdminSetup = () => {
 	const { login, setAuthState } = useAuth();
@@ -121,11 +122,39 @@ const FirstTimeAdminSetup = () => {
 					}, 2000);
 				}
 			} else {
-				setError(data.error || "Failed to create admin user");
+				// Handle HTTP error responses (like 500 CORS errors)
+				console.log("HTTP error response:", response.status, data);
+
+				// Check if this is a CORS error based on the response data
+				if (
+					data.message?.includes("Not allowed by CORS") ||
+					data.message?.includes("CORS") ||
+					data.error?.includes("CORS")
+				) {
+					setError(
+						"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+					);
+				} else {
+					setError(data.error || "Failed to create admin user");
+				}
 			}
 		} catch (error) {
 			console.error("Setup error:", error);
-			setError("Network error. Please try again.");
+			// Check for CORS/network errors first
+			if (isCorsError(error)) {
+				setError(
+					"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				);
+			} else if (
+				error.name === "TypeError" &&
+				error.message?.includes("Failed to fetch")
+			) {
+				setError(
+					"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				);
+			} else {
+				setError("Network error. Please try again.");
+			}
 		} finally {
 			setIsLoading(false);
 		}

frontend/src/contexts/AuthContext.jsx

@@ -7,6 +7,7 @@ import {
 } from "react";
 import { flushSync } from "react-dom";
 import { AUTH_PHASES, isAuthPhase } from "../constants/authPhases";
+import { isCorsError } from "../utils/api";
 
 const AuthContext = createContext();
 
@@ -120,9 +121,50 @@ export const AuthProvider = ({ children }) => {
 
 				return { success: true };
 			} else {
+				// Handle HTTP error responses (like 500 CORS errors)
+				console.log("HTTP error response:", response.status, data);
+
+				// Check if this is a CORS error based on the response data
+				if (
+					data.message?.includes("Not allowed by CORS") ||
+					data.message?.includes("CORS") ||
+					data.error?.includes("CORS")
+				) {
+					return {
+						success: false,
+						error:
+							"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+					};
+				}
+
 				return { success: false, error: data.error || "Login failed" };
 			}
-		} catch {
+		} catch (error) {
+			console.log("Login error:", error);
+			console.log("Error response:", error.response);
+			console.log("Error message:", error.message);
+
+			// Check for CORS/network errors first
+			if (isCorsError(error)) {
+				return {
+					success: false,
+					error:
+						"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				};
+			}
+
+			// Check for other network errors
+			if (
+				error.name === "TypeError" &&
+				error.message?.includes("Failed to fetch")
+			) {
+				return {
+					success: false,
+					error:
+						"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				};
+			}
+
 			return { success: false, error: "Network error occurred" };
 		}
 	};
@@ -167,9 +209,46 @@ export const AuthProvider = ({ children }) => {
 				localStorage.setItem("user", JSON.stringify(data.user));
 				return { success: true, user: data.user };
 			} else {
+				// Handle HTTP error responses (like 500 CORS errors)
+				console.log("HTTP error response:", response.status, data);
+
+				// Check if this is a CORS error based on the response data
+				if (
+					data.message?.includes("Not allowed by CORS") ||
+					data.message?.includes("CORS") ||
+					data.error?.includes("CORS")
+				) {
+					return {
+						success: false,
+						error:
+							"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+					};
+				}
+
 				return { success: false, error: data.error || "Update failed" };
 			}
-		} catch {
+		} catch (error) {
+			// Check for CORS/network errors first
+			if (isCorsError(error)) {
+				return {
+					success: false,
+					error:
+						"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				};
+			}
+
+			// Check for other network errors
+			if (
+				error.name === "TypeError" &&
+				error.message?.includes("Failed to fetch")
+			) {
+				return {
+					success: false,
+					error:
+						"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				};
+			}
+
 			return { success: false, error: "Network error occurred" };
 		}
 	};
@@ -190,12 +269,49 @@ export const AuthProvider = ({ children }) => {
 			if (response.ok) {
 				return { success: true };
 			} else {
+				// Handle HTTP error responses (like 500 CORS errors)
+				console.log("HTTP error response:", response.status, data);
+
+				// Check if this is a CORS error based on the response data
+				if (
+					data.message?.includes("Not allowed by CORS") ||
+					data.message?.includes("CORS") ||
+					data.error?.includes("CORS")
+				) {
+					return {
+						success: false,
+						error:
+							"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+					};
+				}
+
 				return {
 					success: false,
 					error: data.error || "Password change failed",
 				};
 			}
-		} catch {
+		} catch (error) {
+			// Check for CORS/network errors first
+			if (isCorsError(error)) {
+				return {
+					success: false,
+					error:
+						"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				};
+			}
+
+			// Check for other network errors
+			if (
+				error.name === "TypeError" &&
+				error.message?.includes("Failed to fetch")
+			) {
+				return {
+					success: false,
+					error:
+						"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				};
+			}
+
 			return { success: false, error: "Network error occurred" };
 		}
 	};

frontend/src/pages/Login.jsx

@@ -13,7 +13,7 @@ import { useEffect, useId, useState } from "react";
 
 import { useNavigate } from "react-router-dom";
 import { useAuth } from "../contexts/AuthContext";
-import { authAPI } from "../utils/api";
+import { authAPI, isCorsError } from "../utils/api";
 
 const Login = () => {
 	const usernameId = useId();
@@ -82,7 +82,21 @@ const Login = () => {
 				setError(result.error || "Login failed");
 			}
 		} catch (err) {
-			setError(err.response?.data?.error || "Login failed");
+			// Check for CORS/network errors first
+			if (isCorsError(err)) {
+				setError(
+					"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				);
+			} else if (
+				err.name === "TypeError" &&
+				err.message?.includes("Failed to fetch")
+			) {
+				setError(
+					"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				);
+			} else {
+				setError(err.response?.data?.error || "Login failed");
+			}
 		} finally {
 			setIsLoading(false);
 		}
@@ -112,12 +126,25 @@ const Login = () => {
 			}
 		} catch (err) {
 			console.error("Signup error:", err);
-			const errorMessage =
-				err.response?.data?.error ||
-				(err.response?.data?.errors && err.response.data.errors.length > 0
-					? err.response.data.errors.map((e) => e.msg).join(", ")
-					: err.message || "Signup failed");
-			setError(errorMessage);
+			if (isCorsError(err)) {
+				setError(
+					"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				);
+			} else if (
+				err.name === "TypeError" &&
+				err.message?.includes("Failed to fetch")
+			) {
+				setError(
+					"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				);
+			} else {
+				const errorMessage =
+					err.response?.data?.error ||
+					(err.response?.data?.errors && err.response.data.errors.length > 0
+						? err.response.data.errors.map((e) => e.msg).join(", ")
+						: err.message || "Signup failed");
+				setError(errorMessage);
+			}
 		} finally {
 			setIsLoading(false);
 		}
@@ -146,9 +173,22 @@ const Login = () => {
 			}
 		} catch (err) {
 			console.error("TFA verification error:", err);
-			const errorMessage =
-				err.response?.data?.error || err.message || "TFA verification failed";
-			setError(errorMessage);
+			if (isCorsError(err)) {
+				setError(
+					"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				);
+			} else if (
+				err.name === "TypeError" &&
+				err.message?.includes("Failed to fetch")
+			) {
+				setError(
+					"CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				);
+			} else {
+				const errorMessage =
+					err.response?.data?.error || err.message || "TFA verification failed";
+				setError(errorMessage);
+			}
 			// Clear the token input for security
 			setTfaData({ token: "" });
 		} finally {

frontend/src/pages/Profile.jsx

@@ -26,7 +26,7 @@ import { useEffect, useId, useState } from "react";
 
 import { useAuth } from "../contexts/AuthContext";
 import { useTheme } from "../contexts/ThemeContext";
-import { tfaAPI } from "../utils/api";
+import { isCorsError, tfaAPI } from "../utils/api";
 
 const Profile = () => {
 	const usernameId = useId();
@@ -88,8 +88,15 @@ const Profile = () => {
 					text: result.error || "Failed to update profile",
 				});
 			}
-		} catch {
-			setMessage({ type: "error", text: "Network error occurred" });
+		} catch (error) {
+			if (isCorsError(error)) {
+				setMessage({
+					type: "error",
+					text: "CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				});
+			} else {
+				setMessage({ type: "error", text: "Network error occurred" });
+			}
 		} finally {
 			setIsLoading(false);
 		}
@@ -133,8 +140,15 @@ const Profile = () => {
 					text: result.error || "Failed to change password",
 				});
 			}
-		} catch {
-			setMessage({ type: "error", text: "Network error occurred" });
+		} catch (error) {
+			if (isCorsError(error)) {
+				setMessage({
+					type: "error",
+					text: "CORS_ORIGIN mismatch - please set your URL in your environment variable",
+				});
+			} else {
+				setMessage({ type: "error", text: "Network error occurred" });
+			}
 		} finally {
 			setIsLoading(false);
 		}

frontend/src/pages/Settings.jsx

@@ -144,7 +144,7 @@ const Settings = () => {
 				defaultUserRole: settings.default_user_role || "user",
 				githubRepoUrl:
 					settings.github_repo_url ||
-					"git@github.com:9technologygroup/patchmon.net.git",
+					"https://github.com/PatchMon/PatchMon.git",
 				repositoryType: settings.repository_type || "public",
 				sshKeyPath: settings.ssh_key_path || "",
 				useCustomSshKey: !!settings.ssh_key_path,

frontend/src/utils/api.js

@@ -221,7 +221,82 @@ export const packagesAPI = {
 };
 
 // Utility functions
+export const isCorsError = (error) => {
+	// Check for browser-level CORS errors (when request is blocked before reaching server)
+	if (error.message?.includes("Failed to fetch") && !error.response) {
+		return true;
+	}
+
+	// Check for TypeError with Failed to fetch (common CORS error pattern)
+	if (
+		error.name === "TypeError" &&
+		error.message?.includes("Failed to fetch")
+	) {
+		return true;
+	}
+
+	// Check for backend CORS errors that get converted to 500 by proxy
+	if (error.response?.status === 500) {
+		// Check if the error message contains CORS-related text
+		if (
+			error.message?.includes("Not allowed by CORS") ||
+			error.message?.includes("CORS") ||
+			error.message?.includes("cors")
+		) {
+			return true;
+		}
+
+		// Check if the response data contains CORS error information
+		if (
+			error.response?.data?.error?.includes("CORS") ||
+			error.response?.data?.error?.includes("cors") ||
+			error.response?.data?.message?.includes("CORS") ||
+			error.response?.data?.message?.includes("cors") ||
+			error.response?.data?.message?.includes("Not allowed by CORS")
+		) {
+			return true;
+		}
+
+		// Check for specific CORS error patterns from backend logs
+		if (
+			error.message?.includes("origin") &&
+			error.message?.includes("callback")
+		) {
+			return true;
+		}
+
+		// Check if this is likely a CORS error based on context
+		// If we're accessing from localhost but CORS_ORIGIN is set to fabio, this is likely CORS
+		const currentOrigin = window.location.origin;
+		if (
+			currentOrigin === "http://localhost:3000" &&
+			error.config?.url?.includes("/api/")
+		) {
+			// This is likely a CORS error when accessing from localhost
+			return true;
+		}
+	}
+
+	// Check for CORS-related errors
+	return (
+		error.message?.includes("CORS") ||
+		error.message?.includes("cors") ||
+		error.message?.includes("Access to fetch") ||
+		error.message?.includes("blocked by CORS policy") ||
+		error.message?.includes("Cross-Origin Request Blocked") ||
+		error.message?.includes("NetworkError when attempting to fetch resource") ||
+		error.message?.includes("ERR_BLOCKED_BY_CLIENT") ||
+		error.message?.includes("ERR_NETWORK") ||
+		error.message?.includes("ERR_CONNECTION_REFUSED")
+	);
+};
+
 export const formatError = (error) => {
+	// Check for CORS-related errors
+	if (isCorsError(error)) {
+		return "CORS_ORIGIN mismatch - please set your URL in your environment variable";
+	}
+
 	if (error.response?.data?.message) {
 		return error.response.data.message;
 	}