import { defineConfig, loadEnv } from 'vite' import react from '@vitejs/plugin-react' import tailwindcss from '@tailwindcss/vite' /** @param {string | undefined} domain */ function jiraOrigin(domain) { if (!domain?.trim()) return null const d = domain.trim().replace(/\/$/, '') if (d.startsWith('http://') || d.startsWith('https://')) return d if (d.includes('atlassian.net')) return `https://${d.replace(/^https?:\/\//, '')}` return `https://${d}.atlassian.net` } export default defineConfig(({ mode }) => { const env = loadEnv(mode, process.cwd(), '') const origin = jiraOrigin(env.JIRA_DOMAIN) return { define: { __JIRA_ORIGIN__: JSON.stringify(origin ?? ''), }, plugins: [react(), tailwindcss()], server: { proxy: origin ? { '/jira-api': { target: origin, changeOrigin: true, secure: true, rewrite: (path) => path.replace(/^\/jira-api/, ''), configure: (proxy) => { proxy.on('proxyReq', (proxyReq) => { // Évite qu’un Authorization invalide (extension, cache) écrase le Basic Jira proxyReq.removeHeader('authorization') proxyReq.removeHeader('cookie') // Jira Cloud : contrôle XSRF — il faut Origin OU X-Requested-With. // Le navigateur → Vite est souvent same-origin sans en-tête Origin ; sans cela, 403. proxyReq.setHeader('X-Requested-With', 'XMLHttpRequest') proxyReq.setHeader('Origin', origin) proxyReq.setHeader('Referer', `${origin}/`) const email = env.JIRA_EMAIL?.trim() const apiKey = env.JIRA_API_KEY?.trim() if (email && apiKey) { const basic = Buffer.from(`${email}:${apiKey}`, 'utf8').toString( 'base64', ) proxyReq.setHeader('Authorization', `Basic ${basic}`) } else { console.warn( '[vite] Proxy Jira : JIRA_EMAIL ou JIRA_API_KEY manquant dans .env — la requête partira sans authentification.', ) } proxyReq.setHeader('Accept', 'application/json') }) }, }, } : {}, }, } })