fix: localhost not loading

We allow the allowInsecure exception in dev too. We also extract node env vars correctly.
2026-06-04 21:04:37 +08:00 · 2026-01-19 12:02:32 -08:00 · 2026-01-19 12:02:32 -08:00 · 3b7701f5a4
commit 3b7701f5a4
parent 2b10fde743
1 changed files with 2 additions and 4 deletions
--- a/packages/stack-shared/src/interface/client-interface.ts
+++ b/packages/stack-shared/src/interface/client-interface.ts
@ -5,7 +5,6 @@ import { KnownError, KnownErrors } from '../known-errors';
 import { inlineProductSchema } from '../schema-fields';
 import { AccessToken, InternalSession, RefreshToken } from '../sessions';
 import { generateSecureRandomString } from '../utils/crypto';
-import { getNodeEnvironment } from '../utils/env';
 import { StackAssertionError, throwErr } from '../utils/errors';
 import { globalVar } from '../utils/globals';
 import { HTTP_METHODS, HttpMethod } from '../utils/http';
@ -166,7 +165,7 @@ export class StackClientInterface {
    };

    const clientAuthentication = oauth.ClientSecretPost(this.options.publishableClientKey);
-    const allowInsecure = getNodeEnvironment() === 'test' && tokenEndpoint.startsWith('http://');
+    const allowInsecure = (process.env.NODE_ENV === 'test' || process.env.NODE_ENV === 'development') && tokenEndpoint.startsWith('http://');

    const response = await this._networkRetryException(async () => {
      const rawResponse = await oauth.refreshTokenGrantRequest(
@ -1041,8 +1040,7 @@ export class StackClientInterface {
      client_secret: this.options.publishableClientKey,
    };
    const clientAuthentication = oauth.ClientSecretPost(this.options.publishableClientKey);
-    // Allow insecure HTTP requests only in test environment (for localhost testing)
-    const allowInsecure = getNodeEnvironment() === 'test' && tokenEndpoint.startsWith('http://');
+    const allowInsecure = (process.env.NODE_ENV === 'test' || process.env.NODE_ENV === 'development') && tokenEndpoint.startsWith('http://');

    let params: URLSearchParams;
    try {