Lots of improvements

2026-02-22 21:09:07 +00:00 · 2026-02-22 21:09:07 +00:00 · eb02b5832b
commit eb02b5832b
parent 205302dbb8
39 changed files with 699 additions and 271 deletions
--- a/server-rs/src/routes/pb_proxy.rs
+++ b/server-rs/src/routes/pb_proxy.rs
@ -11,10 +11,11 @@ use crate::state::AppState;

 /// Dedicated HTTP client for proxying — does not follow redirects so 3xx
 /// responses are passed through to the browser (needed for OAuth flows).
+/// No overall timeout because SSE (Server-Sent Events) connections used by
+/// PocketBase realtime/OAuth2 are long-lived streams.
 static PROXY_CLIENT: LazyLock<reqwest::Client> = LazyLock::new(|| {
    reqwest::Client::builder()
        .redirect(reqwest::redirect::Policy::none())
-        .timeout(Duration::from_secs(30))
        .connect_timeout(Duration::from_secs(5))
        .build()
        .expect("Failed to build proxy HTTP client")
@ -97,16 +98,12 @@ pub async fn proxy_to_pocketbase(state: Arc<AppState>, req: Request) -> impl Int
                }
            }

-            match upstream.bytes().await {
-                Ok(bytes) => response.body(Body::from(bytes)).unwrap(),
-                Err(err) => {
-                    warn!("Failed to read upstream response: {err}");
-                    Response::builder()
-                        .status(StatusCode::BAD_GATEWAY)
-                        .body(Body::from("Failed to read upstream response"))
-                        .unwrap()
-                }
-            }
+            // Stream the response body instead of buffering it entirely.
+            // This is critical for SSE (Server-Sent Events) used by PocketBase's
+            // realtime system and OAuth2 flow — buffering would hang forever
+            // since SSE responses never complete.
+            let body = Body::from_stream(upstream.bytes_stream());
+            response.body(body).unwrap()
        }
        Err(err) => {
            warn!("PocketBase proxy error: {err}");