# Production Migration Guide: gmb-insights.hashtechorange.com This document outlines the exact code and configuration changes required to migrate the GMB Dashboard application from a local development environment to your new production domain: **`gmb-insights.hashtechorange.com`**. As requested, no code changes have been made automatically. Please follow these steps when you are ready to deploy. > [!WARNING] > Ensure you use `https://` for all production URLs to avoid mixed-content errors and secure user data. --- ## 1. Frontend Changes ### Update API Base URL The frontend currently points to the local backend port. This must be updated to point to the production backend route. **File:** `frontend/app.js` **Line:** 10 ```diff - const API = 'http://127.0.0.1:8000/api'; + const API = 'https://gmb-insights.hashtechorange.com/api'; ``` *(Note: This assumes your reverse proxy will route `/api` requests to the Uvicorn backend on the same domain).* --- ## 2. Backend Changes ### A. CORS Configuration FastAPI needs to explicitly trust the new production domain so browsers don't block the frontend requests. **File:** `backend/app/main.py` **Line:** ~33 ```diff app.add_middleware( CORSMiddleware, - allow_origins=["http://127.0.0.1:5500", "http://localhost:5500", "http://127.0.0.1:8000", "http://localhost:8000"], + allow_origins=["https://gmb-insights.hashtechorange.com"], allow_credentials=True, allow_methods=["*"], allow_headers=["*"], ) ``` ### B. Google OAuth Callback If you are using Google Login, the hardcoded `redirect_uri` sent to Google must match the production domain exactly. **File:** `backend/app/auth/google_oauth.py` **Line:** 12 ```diff - return {"redirect_url": f"https://accounts.google.com/o/oauth2/v2/auth?client_id={settings.GOOGLE_CLIENT_ID}&response_type=code&scope=openid+email+profile&redirect_uri=http://localhost:8000/api/auth/google/callback"} + return {"redirect_url": f"https://accounts.google.com/o/oauth2/v2/auth?client_id={settings.GOOGLE_CLIENT_ID}&response_type=code&scope=openid+email+profile&redirect_uri=https://gmb-insights.hashtechorange.com/api/auth/google/callback"} ``` --- ## 3. Environment & Server Configuration ### A. `.env` File Updates (Production Server) When setting up the `.env` file on your production server, ensure the following are securely set: ```env # Change from 127.0.0.1 to your production database host/RDS DB_HOST=your_production_db_host DB_PASSWORD=your_secure_password # CRITICAL: Do not use the default secret in production! JWT_SECRET=your_new_long_random_secure_string # Turn off mock data to start querying the real Google API USE_MOCK_DATA=false ``` ### B. Google Cloud Console (OAuth Settings) To prevent `redirect_uri_mismatch` errors when users try to log in via Google: 1. Go to the [Google Cloud Console](https://console.cloud.google.com/) -> APIs & Services -> Credentials. 2. Edit your OAuth 2.0 Client ID. 3. Under **Authorized JavaScript origins**, add: * `https://gmb-insights.hashtechorange.com` 4. Under **Authorized redirect URIs**, add: * `https://gmb-insights.hashtechorange.com/api/auth/google/callback` ### C. Web Server (Nginx / Apache) Routing Ensure your web server is configured to: 1. Serve the `frontend/` folder contents for requests to the root path (`/`). 2. Reverse proxy all requests starting with `/api/` to your Uvicorn service (e.g., `http://127.0.0.1:8000`).