feat: iframe embeds, demo completed

Hyteq · Hyteq · commit 39836a17077e · 2025-06-17T18:08:36.000+03:00
diff --git a/apps/api/src/middleware/auth.ts b/apps/api/src/middleware/auth.ts
@@ -59,6 +59,11 @@ export const authMiddleware = createMiddleware(async (c, next) => {
     //     code: 'RATE_LIMIT_EXCEEDED'
     //   }, 429);
     // }
+    
+    const websiteId = c.req.query('website_id');
+    if (path.includes('OXmNQsViBT-FOS_wZCTHc') || websiteId === 'OXmNQsViBT-FOS_wZCTHc') {
+      return next();
+    }
 
     // Get session
     const session = await auth.api.getSession({ 
@@ -76,7 +81,6 @@ export const authMiddleware = createMiddleware(async (c, next) => {
     c.set('user', session.user);
     c.set('session', session);
 
-      // Check website access for analytics routes
       if (path.startsWith('/analytics/') && session) {
         const websiteId = c.req.query('website_id');
         if (websiteId) {
diff --git a/apps/api/src/middleware/website.ts b/apps/api/src/middleware/website.ts
@@ -36,6 +36,12 @@ export const websiteAuthHook = createMiddleware(async (c, next) => {
     }, 401);
   }
 
+  if (websiteId === 'OXmNQsViBT-FOS_wZCTHc') {
+    const website = await getWebsiteById(websiteId);
+    c.set('website', website);
+    return next();
+  }
+
   if (!user) {
     return c.json({
       success: false,
diff --git a/apps/api/src/routes/v1/websites.ts b/apps/api/src/routes/v1/websites.ts
@@ -333,6 +333,33 @@ websitesRouter.get('/:id', async (c) => {
   const user = c.get('user');
   const id = c.req.param('id');
 
+  // Handle demo website access
+  if (id === 'OXmNQsViBT-FOS_wZCTHc') {
+    try {
+      const website = await db.query.websites.findFirst({
+        where: eq(websites.id, id)
+      });
+      
+      if (!website) {
+        return c.json({ 
+          success: false, 
+          error: "Website not found" 
+        }, 404);
+      }
+      
+      return c.json({
+        success: true,
+        data: website
+      });
+    } catch (error) {
+      logger.error('[Website API] Error fetching demo website:', { error });
+      return c.json({ 
+        success: false, 
+        error: "Failed to fetch website" 
+      }, 500);
+    }
+  }
+
   if (!user) {
     return c.json({ success: false, error: "Unauthorized" }, 401);
   }
diff --git a/apps/dashboard/next.config.ts b/apps/dashboard/next.config.ts
@@ -35,7 +35,8 @@ const nextConfig: NextConfig = {
               "img-src 'self' data: https: blob:",
               "font-src 'self' data:",
               "connect-src 'self' https://basket.databuddy.cc https://api.databuddy.cc https://app.databuddy.cc http://localhost:4000",
-              "frame-ancestors 'none'",
+              "frame-src 'self' https:",
+              "frame-ancestors *",
               "base-uri 'self'",
               "form-action 'self'",
             ].join('; '),
