Express_developer_docs/vite.config.js

import { defineConfig, loadEnv } from 'vite'
import react from '@vitejs/plugin-react'

// Dev mode: proxy /api/* to api.workolik.com and inject x-hasura-admin-secret
// server-side so the secret never reaches the browser.
export default defineConfig(({ mode }) => {
  const env = loadEnv(mode, process.cwd(), '')
  const secret = (env.HASURA_ADMIN_SECRET || 'nearle-admin-secret').trim()

  if (!secret) {
    console.warn('[xpress-docs] HASURA_ADMIN_SECRET is not set in .env.local; proxied requests will hit the API without auth.')
  }

  const proxyConfig = {
    '/api': {
      target: 'https://api.workolik.com',
      changeOrigin: true,
      secure: true,
      configure: (proxy) => {
        proxy.on('proxyReq', (proxyReq) => {
          if (secret) proxyReq.setHeader('x-hasura-admin-secret', secret)
        })
      }
    },
    '/v1': {
      target: 'https://api.workolik.com',
      changeOrigin: true,
      secure: true,
      configure: (proxy) => {
        proxy.on('proxyReq', (proxyReq) => {
          if (secret) proxyReq.setHeader('x-hasura-admin-secret', secret)
        })
      }
    },
    '/live': {
      target: 'https://jupiter.nearle.app',
      changeOrigin: true,
      secure: true,
    }
  }

  return {
    plugins: [react()],
    server: {
      port: 5173,
      open: true,
      proxy: proxyConfig,
    },
    preview: {
      port: 4173,
      proxy: proxyConfig,
    }
  }
})