From 0b746ed841458e1d8b4d9b32003899bac80af73e Mon Sep 17 00:00:00 2001
From: xxxw1tnessbtwxxx <89967499+xxxw1tnessbtwxxx@users.noreply.github.com>
Date: Sun, 15 Dec 2024 15:58:28 +0700
Subject: [PATCH 1/2] hotfixed .env.example

---
 SpeedSolverBackend/SpeedSolverAPI/.env.example | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/SpeedSolverBackend/SpeedSolverAPI/.env.example b/SpeedSolverBackend/SpeedSolverAPI/.env.example
index 624ba9d4..4a7cfa99 100644
--- a/SpeedSolverBackend/SpeedSolverAPI/.env.example
+++ b/SpeedSolverBackend/SpeedSolverAPI/.env.example
@@ -7,5 +7,6 @@ POSTGRES_DB=
 API_BASE_PORT=
 
 JWT_SECRET_KEY=
-JWT_EXPIRES_AT=
+JWT_ACCESS_TOKEN_LIFETIME_MINUTES=
+JWT_REFRESH_TOKEN_LIFETIME_HOURS=
 JWT_ALGORITHM=
\ No newline at end of file

From 04d745c05a180257c8b2b7f328d111dbbb57dcac Mon Sep 17 00:00:00 2001
From: xxxw1tnessbtwxxx <work.w1tnessbtw@mail.ru>
Date: Sun, 15 Dec 2024 20:36:22 +0700
Subject: [PATCH 2/2] remaked origins in middleware

---
 SpeedSolverBackend/SpeedSolverAPI/main.py                    | 5 ++++-
 .../SpeedSolverFrontend/src/pages/access/AccessPage.tsx      | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/SpeedSolverBackend/SpeedSolverAPI/main.py b/SpeedSolverBackend/SpeedSolverAPI/main.py
index 6fafb824..dfbf932e 100644
--- a/SpeedSolverBackend/SpeedSolverAPI/main.py
+++ b/SpeedSolverBackend/SpeedSolverAPI/main.py
@@ -15,7 +15,10 @@
 
 api.add_middleware (
     CORSMiddleware,
-    allow_origins=["*"],
+    allow_origins=[
+        "https://speedsolver.ru"
+        "http://speedsolver.ru"
+    ],
     allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"]
diff --git a/SpeedSolverMVP/SpeedSolverFrontend/src/pages/access/AccessPage.tsx b/SpeedSolverMVP/SpeedSolverFrontend/src/pages/access/AccessPage.tsx
index 34df9428..21c41499 100644
--- a/SpeedSolverMVP/SpeedSolverFrontend/src/pages/access/AccessPage.tsx
+++ b/SpeedSolverMVP/SpeedSolverFrontend/src/pages/access/AccessPage.tsx
@@ -50,7 +50,7 @@ const AccessPage: React.FC<AuthTypeProp> = ({ action }) => {
         }
 
         try {
-            var response = await axios.post(`${API_URL()}/access/authorize`, data, { headers: headers })
+            var response = await axios.post(`${API_URL()}/access/authorize`, data, { headers: headers, withCredentials: true })
             return response
         }
         catch(error) {