Skip to content

Commit d52a7f3

Browse files
human-dot-bot[bot]claude
human-dot-bot[bot]
and
claude
authored
fix(infra): add staking app domains to SIWE allowlists (#926)
The ID Staking App (stake.passport.xyz) uses /ceramic-cache/authenticate and /account/nonce endpoints which require SIWE domain validation added in #923. Add stake.{domain} to both SIWE_ALLOWED_DOMAINS_CERAMIC_CACHE and SIWE_ALLOWED_DOMAINS_ACCOUNT in both infra configs (main API and app_api lambdas). Co-authored-by: Claude Code <noreply@anthropic.com>
1 parent 2f9410c commit d52a7f3

File tree

2 files changed

+12
-8
lines changed

2 files changed

+12
-8
lines changed

infra/aws/app_api/index.ts

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -49,19 +49,21 @@ export function createAppApiLambdaFunctions(config: {
4949
{
5050
name: "SIWE_ALLOWED_DOMAINS_CERAMIC_CACHE",
5151
value: config.passportXyzDomainName.apply((d) => {
52-
const domains = [`app.${d}`];
52+
const domains = [`app.${d}`, `stake.${d}`];
5353
if (d.startsWith("production.")) {
54-
domains.push(`app.${d.replace("production.", "")}`);
54+
const envLess = d.replace("production.", "");
55+
domains.push(`app.${envLess}`, `stake.${envLess}`);
5556
}
5657
return JSON.stringify(domains);
5758
}),
5859
},
5960
{
6061
name: "SIWE_ALLOWED_DOMAINS_ACCOUNT",
6162
value: config.passportXyzDomainName.apply((d) => {
62-
const domains = [`developer.${d}`];
63+
const domains = [`developer.${d}`, `stake.${d}`];
6364
if (d.startsWith("production.")) {
64-
domains.push(`developer.${d.replace("production.", "")}`);
65+
const envLess = d.replace("production.", "");
66+
domains.push(`developer.${envLess}`, `stake.${envLess}`);
6567
}
6668
return JSON.stringify(domains);
6769
}),

infra/aws/index.ts

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -816,20 +816,22 @@ const apiEnvironment = [
816816
{
817817
name: "SIWE_ALLOWED_DOMAINS_CERAMIC_CACHE",
818818
value: passportXyzDomainName.apply((d) => {
819-
const domains = [`app.${d}`];
819+
const domains = [`app.${d}`, `stake.${d}`];
820820
// Production users visit app.passport.xyz (no "production" subdomain)
821821
if (d.startsWith("production.")) {
822-
domains.push(`app.${d.replace("production.", "")}`);
822+
const envLess = d.replace("production.", "");
823+
domains.push(`app.${envLess}`, `stake.${envLess}`);
823824
}
824825
return JSON.stringify(domains);
825826
}),
826827
},
827828
{
828829
name: "SIWE_ALLOWED_DOMAINS_ACCOUNT",
829830
value: passportXyzDomainName.apply((d) => {
830-
const domains = [`developer.${d}`];
831+
const domains = [`developer.${d}`, `stake.${d}`];
831832
if (d.startsWith("production.")) {
832-
domains.push(`developer.${d.replace("production.", "")}`);
833+
const envLess = d.replace("production.", "");
834+
domains.push(`developer.${envLess}`, `stake.${envLess}`);
833835
}
834836
return JSON.stringify(domains);
835837
}),

0 commit comments

Comments
 (0)