diff --git a/apps/desktop/src/main.tsx b/apps/desktop/src/main.tsx index 84cff66..5d281d2 100644 --- a/apps/desktop/src/main.tsx +++ b/apps/desktop/src/main.tsx @@ -1218,7 +1218,10 @@ const resolvedAppUrl = useMemo(() => { } catch {} const persona = (data.persona ?? "collaborator").toLowerCase() === "manager" ? "manager" : "collaborator" const redirectTarget = persona === "manager" ? "/dashboard" : "/portal/tickets" - const url = `${resolvedAppUrl}/machines/handshake?token=${encodeURIComponent(data.machineToken)}&redirect=${encodeURIComponent(redirectTarget)}` + // Proteção extra: nunca usar localhost em produção + const safeAppUrl = resolvedAppUrl.includes("localhost") ? "https://tickets.esdrasrenan.com.br" : resolvedAppUrl + const url = `${safeAppUrl}/machines/handshake?token=${encodeURIComponent(data.machineToken)}&redirect=${encodeURIComponent(redirectTarget)}` + logDesktop("register:redirect", { url: url.replace(/token=[^&]+/, "token=***") }) window.location.href = url } catch (err) { setError(err instanceof Error ? err.message : String(err)) @@ -1348,7 +1351,10 @@ const resolvedAppUrl = useMemo(() => { const persona = (config?.accessRole ?? "collaborator") === "manager" ? "manager" : "collaborator" // Envia para a página inicial apropriada após autenticar cookies/sessão const redirectTarget = persona === "manager" ? "/dashboard" : "/portal/tickets" - const url = `${resolvedAppUrl}/machines/handshake?token=${encodeURIComponent(token)}&redirect=${encodeURIComponent(redirectTarget)}` + // Proteção extra: nunca usar localhost em produção + const safeAppUrl = resolvedAppUrl.includes("localhost") ? "https://tickets.esdrasrenan.com.br" : resolvedAppUrl + const url = `${safeAppUrl}/machines/handshake?token=${encodeURIComponent(token)}&redirect=${encodeURIComponent(redirectTarget)}` + logDesktop("openSystem:redirect", { url: url.replace(/token=[^&]+/, "token=***") }) window.location.href = url }, [token, config?.accessRole, config?.machineId, resolvedAppUrl, store])