WEB-547 feat(proxy): forward fineract provider requests to sandbox for local dev

[priyans11]

Summary

This PR adds a development proxy that forwards /fineract-provider requests to the Mifos sandbox and documents how it works. It enables local frontend development against the remote Fineract sandbox or a local Fineract instance, improves request logging, and makes error handling more robust. It also includes a ready-to-use localhost proxy sample and corporate-proxy support.

---

What Changed

Proxy (proxy.conf.js)

• Forward /fineract-provider → https://sandbox.mifos.community.
• Add pathRewrite so requests map to the sandbox root.
• Log rewritten (forwarded) target URLs for easier debugging.
• Improve onError:
  • Log detailed proxy errors on the server.
  • Return clear HTTP 502 responses to clients on failure.
• Add setupForProxy to support corporate HTTP(S) proxies via HTTPS_PROXY / HTTP_PROXY (uses HttpsProxyAgent when set).
• Keep a commented/example snippet for http://localhost:8443 behavior.

Localhost proxy (proxy.localhost.conf.js) — new

• New ready-to-use proxy file targeting http://localhost:8443 for local Fineract development.
• Same logging, pathRewrite, and onError behavior as sandbox config.
• Recommended for:
  ng serve --proxy-config proxy.localhost.conf.js

---

---

Documentation

README.md

• Added a section explaining how to use the development proxy (sandbox + localhost).
• Documented sandbox-related environment variables and clarified sandbox system reset behavior.
• Added curl examples:
  • Successful proxy request
  • Simulated failure returning 502
• Clarified when setupForProxy / HttpsProxyAgent is needed (corporate proxy only).

backend-proxy.md

• Replaced outdated examples with sandbox-specific guidance.
• Documented onError behavior with example server logs and client 502 responses.
• Clarified setupForProxy and HTTP_PROXY behavior.

---

Files Changed

• proxy.conf.js (updated)
• proxy.localhost.conf.js (added)
• README.md (updated)
• backend-proxy.md (updated)

---

Testing / How to Verify

Start frontend using the localhost proxy

Successful proxied request

• Expect proxied 200 response from sandbox/local backend.
• Server console shows the rewritten target URL.

Simulated failure

• Stop the backend or point proxy target to an invalid host.
• Repeat the request; expect HTTP/1.1 502 Bad Gateway and server log with the error.

Corporate proxy

• Set HTTP_PROXY / HTTPS_PROXY environment variable and verify outbound proxying uses the upstream proxy
  (logs the Using proxy server: message).

---

Notes

• Use proxy.localhost.conf.js for local dev on localhost:8443; setupForProxy is only required for corporate upstream proxies.
• This PR improves developer experience by providing a simple switch between sandbox and local backends while giving clearer logs and error responses.

---

Jira

• WEB-547

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Note

.coderabbit.yaml has unrecognized properties

CodeRabbit is using all valid settings from your configuration. Unrecognized properties (listed below) have been ignored and may indicate typos or deprecated fields that can be removed.

⚠️ Parsing warnings (1)

Validation error: Unrecognized key(s) in object: 'pre_merge_checks'

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Walkthrough

Replaces Chuck Norris proxy with forwarding for /fineract-provider to the Fineract sandbox, adds proxy lifecycle hooks (onProxyReq logging, onError → 502), adds a local proxy variant, renames corporate helper to setupForProxy(), and updates README and Lithuanian locale filename.

Changes

Cohort / File(s)	Summary
Proxy config (dev) proxy.conf.js	Context changed to ['/fineract-provider']; target → https://sandbox.mifos.community; pathRewrite updated to strip prefix; changeOrigin: true, secure: true, logLevel: 'debug'; added onProxyReq logging and onError handler (returns 502); added setupForProxy(proxyConfig) and exported it.
Proxy config (local) proxy.localhost.conf.js	New file exporting rule proxying /fineract-provider → http://localhost:8443; pathRewrite strips prefix; changeOrigin: true, secure: false, logLevel: 'debug'; includes onProxyReq logging and onError → 502.
Proxy docs docs/backend-proxy.md	Rewritten to document forwarding /fineract-provider/... → sandbox root, pathRewrite rationale, curl examples and sample outputs, 502 error behavior, corporate-proxy behavior (HttpsProxyAgent via setupForProxy()), and SSL guidance.
README & locales README.md, .../locales/*	Added Proxy Configuration sections and sandbox/local usage instructions; updated Quick Links and backend wording; duplicated proxy messaging across README sections; renamed Lithuanian locale li-LI.json → lt-LT.json.

Sequence Diagram(s)

sequenceDiagram
    participant Client as Client
    participant DevServer as Dev Server / Proxy
    participant CorpProxy as Corporate Proxy (optional)
    participant Sandbox as Fineract Sandbox

    rect rgb(240,248,255)
    Note over Client,Sandbox: Request flow for /fineract-provider/...
    Client->>DevServer: GET /fineract-provider/1.0/...
    DevServer->>DevServer: pathRewrite -> log (onProxyReq)
    alt HTTP_PROXY/http_proxy set
        DevServer->>CorpProxy: Forward via HttpsProxyAgent
        CorpProxy->>Sandbox: Forward request
        Sandbox-->>CorpProxy: Response
        CorpProxy-->>DevServer: Response
    else no corporate proxy
        DevServer->>Sandbox: Forward request directly
        Sandbox-->>DevServer: Response
    end
    DevServer-->>Client: Proxy response
    end

    rect rgb(255,240,240)
    Note over DevServer,Sandbox: Error handling
    Sandbox--xDevServer: Error / Timeout
    DevServer->>DevServer: onError — log and prepare 502
    DevServer-->>Client: HTTP 502 + client-visible message
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding a proxy to forward fineract-provider requests to the sandbox for local development. It is concise, specific, and clearly related to the primary objective of the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR adds a proxy configuration to forward /fineract-provider requests to the Mifos sandbox environment for local development, replacing the previous Chuck Norris API example configuration. This enables developers to work against a remote Fineract instance while avoiding CORS issues and maintaining corporate proxy agent support.

Key changes:

• Replaced example API proxy configuration with production-oriented Fineract provider proxy
• Updated security settings and added debug logging for proxy requests

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The target URL is hardcoded in the log statement instead of using the target variable from the configuration. This creates a maintenance issue where updating the target on line 14 won't automatically update the logging output. Consider using a variable reference to ensure consistency.

Suggested change

	console.log('[Proxy] Proxying:', req.method, req.url, '->', 'https://sandbox.mifos.community' + req.url);
	console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + req.url);

[Copilot]

The proxy configuration lacks error handling. Consider adding an onError callback to handle and log proxy errors gracefully. Without this, proxy failures may go unnoticed or cause unclear errors during development.

Suggested change

	console.log('[Proxy] Proxying:', req.method, req.url, '->', 'https://sandbox.mifos.community' + req.url);
	console.log('[Proxy] Proxying:', req.method, req.url, '->', 'https://sandbox.mifos.community' + req.url);
	},
	onError: function(err, req, res) {
	console.error('[Proxy] Error while proxying request:', req && req.method, req && req.url, '->', 'https://sandbox.mifos.community', '-', err && err.message);
	if (res && !res.headersSent) {
	res.writeHead(502, { 'Content-Type': 'text/plain' });
	res.end('Proxy error: ' + (err && err.message ? err.message : 'Unknown error'));
	}

[IOhacker]

Add an entry in the README about this change. Just another important point is that now it is exposed the API of the backend in the URL https://apis.mifos.community , these are the variables/values used in the Sandbox Web App

  - FINERACT_API_URLS=https://apis.mifos.community
  - FINERACT_API_URL=https://apis.mifos.community
  - FINERACT_API_PROVIDER=/1.0/core/api
  - FINERACT_API_ACTUATOR=/1.0/core
  - FINERACT_API_VERSION=/v1
  - FINERACT_PLATFORM_TENANT_IDENTIFIER=default
  - MIFOS_DEFAULT_LANGUAGE=en-US
  - MIFOS_SUPPORTED_LANGUAGES=cs-CS,de-DE,en-US,es-MX,fr-FR,it-IT,ko-KO,li-LI,lv-LV,ne-NE,pt-PT,sw-SW
  - MIFOS_PRELOAD_CLIENTS=true
  - MIFOS_DEFAULT_CHAR_DELIMITER=,

I think that you can keep another proxy conf in order to use the localhost

[priyans11]

okay, I'm on it

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

proxy.conf.js (1)

3-3: Upgrade https-proxy-agent to patch CVE-2018-3739.

Version 7.0.2 is affected by CVE-2018-3739, which allows denial-of-service and possible uninitialized-memory exposure via unsanitized proxy authentication data passed to Buffer. Upgrade to the latest patched version of https-proxy-agent.

🧹 Nitpick comments (1)

proxy.conf.js (1)

18-20: Consider using the config value instead of hardcoding the target URL.

The logging hook hardcodes 'https://sandbox.mifos.community' instead of referencing the actual target from the configuration. If the target changes, the logs will be misleading.

🔎 Suggested refactor

-    onProxyReq: function(proxyReq, req, res) {
-      console.log('[Proxy] Proxying:', req.method, req.url, '->', 'https://sandbox.mifos.community' + req.url);
+    onProxyReq: function(proxyReq, req, res) {
+      console.log('[Proxy] Proxying:', req.method, req.url, '-> https://sandbox.mifos.community' + req.url);
     }

Or better yet, reference the target from the parent scope:

+const PROXY_TARGET = 'https://sandbox.mifos.community';
 const proxyConfig = [
   {
     context: ['/fineract-provider'],
-    target: 'https://sandbox.mifos.community',
+    target: PROXY_TARGET,
     changeOrigin: true,
     secure: true,
     logLevel: 'debug',
     onProxyReq: function(proxyReq, req, res) {
-      console.log('[Proxy] Proxying:', req.method, req.url, '->', 'https://sandbox.mifos.community' + req.url);
+      console.log('[Proxy] Proxying:', req.method, req.url, '->', PROXY_TARGET + req.url);
     }
   }
 ];

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b00c60e and 75165d7.

📒 Files selected for processing (1)

• proxy.conf.js

🔇 Additional comments (2)

proxy.conf.js (2)

13-14: LGTM! Verify the target endpoint path structure.

The proxy configuration correctly forwards /fineract-provider requests to the Mifos sandbox. Since no pathRewrite is specified, the path is preserved in the forwarded request (e.g., /fineract-provider/api/v1/offices → https://sandbox.mifos.community/fineract-provider/api/v1/offices).

Please verify that the Mifos sandbox expects requests at the /fineract-provider path. If the sandbox API is directly at the root, you may need to add:

   context: ['/fineract-provider'],
   target: 'https://sandbox.mifos.community',
+  pathRewrite: { '^/fineract-provider': '' },
   changeOrigin: true,

---

16-17: LGTM! Appropriate settings for secure proxy with debugging.

Setting secure: true is correct for the HTTPS target, and logLevel: 'debug' will help troubleshoot proxy issues during local development.

[IOhacker]

Kindly review my comments

[IOhacker]

Add an entry in the README about this change. Just another important point is that now it is exposed the API of the backend in the URL https://apis.mifos.community , these are the variables/values used in the Sandbox Web App

  - FINERACT_API_URLS=https://apis.mifos.community
  - FINERACT_API_URL=https://apis.mifos.community
  - FINERACT_API_PROVIDER=/1.0/core/api
  - FINERACT_API_ACTUATOR=/1.0/core
  - FINERACT_API_VERSION=/v1
  - FINERACT_PLATFORM_TENANT_IDENTIFIER=default
  - MIFOS_DEFAULT_LANGUAGE=en-US
  - MIFOS_SUPPORTED_LANGUAGES=cs-CS,de-DE,en-US,es-MX,fr-FR,it-IT,ko-KO,li-LI,lv-LV,ne-NE,pt-PT,sw-SW
  - MIFOS_PRELOAD_CLIENTS=true
  - MIFOS_DEFAULT_CHAR_DELIMITER=,

I think that you can keep another proxy conf in order to use the localhost

[IOhacker]

Use this PR https://mifosforge.jira.com/browse/WEB-547 in your commit and PR, squash and commit your changes and for any new future PR please open a ticket or you can ask in the web-app channel for any assistance https://mifosforge.jira.com/jira/software/c/projects/WEB/boards/62 . Thank you for your efforts and contributions.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

proxy.conf.js (2)

29-46: Fix hardcoded target URL in commented configuration.

The commented localhost configuration has the same hardcoding issue as the main config (line 40). Even though it's commented out, it should use this.target for consistency.

🔎 Proposed fix

   //   onError: function(err, req, res) {
-  //     console.error('[Proxy] Error while proxying request:', req && req.method, req && req.url, '->', 'http://localhost:8443', '-', err && err.message);
+  //     console.error('[Proxy] Error while proxying request:', req && req.method, req && req.url, '->', this.target, '-', err && err.message);
   //     if (res && !res.headersSent) {
   //       res.writeHead(502, { 'Content-Type': 'text/plain' });
   //       res.end('Proxy error: ' + (err && err.message ? err.message : 'Unknown error'));

---

67-67: Clarify the warning message.

The warning message is misleading. It states "API requests will not be proxied," but this only refers to the absence of a corporate proxy agent (for environments requiring HTTP_PROXY). The API proxy configuration itself will still function and forward requests to the configured target.

🔎 Proposed clarification

   } else {
-    console.warn('No proxy server configured. API requests will not be proxied.');
+    console.warn('No corporate proxy server configured. Direct connections will be used.');
   }

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 75165d7 and c48f45a.

📒 Files selected for processing (1)

• proxy.conf.js

[IOhacker]

I suggest to create a new filea instead of commenting the section like a new file called proxy.localhost.conf.sample

[priyans11]

@IOhacker
I’ve addressed the review feedback by refining the proxy configuration.
Specifically, I removed the hardcoded logging target, added proper error handling, and improved request logginh.
The changes are now aligned with Jira WEB-547, as requested.

README updates are in progress and can be handled separately if required.
Kindly take another look when convenient. Thank you for the guidance and review.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

proxy.conf.js (2)

19-19: Add defensive null checks for this.target.

While this.target should be available in the callback context, adding defensive checks would make the code more robust and prevent potential undefined string concatenation if the binding fails.

🔎 Proposed refinement

     onProxyReq: function(proxyReq, req, res) {
-      console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + req.url);
+      console.log('[Proxy] Proxying:', req.method, req.url, '->', (this && this.target ? this.target : 'unknown') + req.url);
     },
     onError: function(err, req, res) {
-      console.error('[Proxy] Error while proxying request:', req && req.method, req && req.url, '->', this.target, '-', err && err.message);
+      console.error('[Proxy] Error while proxying request:', req && req.method, req && req.url, '->', (this && this.target ? this.target : 'unknown'), '-', err && err.message);
       if (res && !res.headersSent) {

Based on the previous review comments suggesting a safe fallback.

Also applies to: 22-22

---

29-46: Consider extracting the localhost configuration to a sample file.

The commented localhost configuration duplicates the handler logic from the main config. As IOhacker suggested earlier, creating a separate proxy.localhost.conf.sample file would better follow DRY principles and make it easier to maintain both configurations independently.

Based on the previous review comments.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c48f45a and 2dbe1b5.

📒 Files selected for processing (1)

• proxy.conf.js

🔇 Additional comments (3)

proxy.conf.js (3)

14-14: Verify the correct target URL.

IOhacker's previous comment mentioned that the API is now exposed at https://apis.mifos.community, but this configuration uses https://sandbox.mifos.community. Please confirm which endpoint is correct for the proxy target.

Based on the previous review comments.

---

12-28: Reminder: Complete the README updates.

As mentioned in your previous comment and requested by IOhacker, please ensure the README is updated to document this proxy configuration change. The documentation should explain the proxy setup and the environment variables mentioned by IOhacker (FINERACT_API_URLS, FINERACT_API_PROVIDER, etc.).

Based on the previous review comments.

---

21-27: Excellent error handling implementation.

The error handler correctly:

• Uses this.target consistently with the request logger (addressing previous feedback)
• Checks if headers were already sent before responding
• Returns an appropriate 502 status code
• Provides informative error messages for debugging

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

README.md (1)

147-160: Clarify where sandbox environment variables should be configured.

The environment variables are listed but the documentation doesn't explicitly state whether these should be set in .env, environment.ts, Docker compose variables, or elsewhere. Add guidance on how to apply these variables in the development workflow.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2dbe1b5 and 33d5bfe.

📒 Files selected for processing (1)

• README.md

🔇 Additional comments (1)

README.md (1)

135-179: No action required—referenced files exist and are correct.

Both proxy.conf.js and ./docs/backend-proxy.md exist in the repository and are correctly referenced. The proxy configuration comment in proxy.conf.js (line 29) matches the README documentation exactly. The relationship between the proxy target (sandbox.mifos.community) and API endpoint (apis.mifos.community) is already clarified in the README with the note "(exposed in the sandbox)".

Likely an incorrect or invalid review comment.

[IOhacker]

@priyans11 please squash and commit

[priyans11]

@IOhacker
I’ve addressed the review feedback by improving proxy logging, adding explicit
error handling, and documenting the sandbox proxy configuration in the README
as requested (WEB-547).
Kindly re-review when convenient.
Thank you.

[priyans11]

@IOhacker
I’ve squashed all the related commits into a single commit as requested and referenced WEB-547.
The review feedback has been addressed by improving proxy logging, adding proper error handling, and documenting the sandbox proxy configuration in the README.

Kindly have another look when you get a chance. Thank you for your time and guidance.

[IOhacker]

Kindly, reply my comment

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

proxy.conf.js (1)

37-54: Consider extracting the localhost configuration to a separate file.

IOhacker previously suggested creating a separate file (e.g., proxy.localhost.conf.sample or proxy.localhost.conf.js) instead of keeping the alternative configuration commented inline. This would:

• Make it easier to switch between configurations (copy/rename file)
• Avoid maintaining duplicate code in comments
• Provide a clearer separation of different proxy setups

The current inline approach works fine, so this is optional.

🔎 Suggested approach

Create a new file proxy.localhost.conf.js with:

'use strict';

const { HttpsProxyAgent } = require('https-proxy-agent');

const proxyConfig = [
  {
    context: ['/fineract-provider'],
    target: 'http://localhost:8443',
    changeOrigin: true,
    secure: false,
    logLevel: 'debug',
    onProxyReq: function(proxyReq, req, res) {
      console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + req.url);
    },
    onError: function(err, req, res) {
      console.error('[Proxy] Error while proxying request:', req && req.method, req && req.url, '->', this.target, '-', err && err.message);
      if (res && !res.headersSent) {
        res.writeHead(502, { 'Content-Type': 'text/plain' });
        res.end('Proxy error: ' + (err && err.message ? err.message : 'Unknown error'));
      }
    }
  }
];

function setupForProxy(proxyConfig) {
  // ... same implementation
}

module.exports = setupForProxy(proxyConfig);

Then document in README how to switch configurations (e.g., renaming files or updating angular.json).

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d97e6b2 and fd939a3.

📒 Files selected for processing (2)

• README.md
• proxy.conf.js

🚧 Files skipped from review as they are similar to previous changes (1)

• README.md

🔇 Additional comments (3)

proxy.conf.js (3)

18-35: LGTM! Logging and error handling are well implemented.

The proxy logging and error handling have been properly addressed based on previous review feedback:

• Line 19 and 27 correctly use this.target instead of hardcoded URLs
• Comprehensive error handling with appropriate 502 status codes
• Defensive checks for headers and error messages

---

60-79: LGTM! Corporate proxy setup is well implemented.

The setupForProxy function correctly handles corporate proxy scenarios:

• Normalizes single or array configurations
• Reads standard HTTP_PROXY environment variable
• Applies the proxy agent to all configurations
• Provides helpful console feedback

The https-proxy-agent package (v7.0.2) is properly listed in devDependencies and correctly imported at the top of the file.

---

13-14: Verify or correct the API proxy path configuration—documentation shows a potential domain/path mismatch.

The proxy is configured to target https://sandbox.mifos.community with context /fineract-provider and no pathRewrite. However, the README.md documentation indicates the actual Fineract API is exposed at https://apis.mifos.community (a different domain) with path /1.0/core/api.

Without pathRewrite, requests to /fineract-provider/* will be forwarded as-is to https://sandbox.mifos.community/fineract-provider/*. If the sandbox backend expects a different path structure (e.g., /1.0/core/api/*), this configuration will fail.

Either:

• Confirm that sandbox.mifos.community accepts and routes /fineract-provider requests correctly, or
• Update the configuration to use the correct target domain and add pathRewrite rules as documented

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

proxy.conf.js (2)

19-21: Logged URL doesn't reflect the rewritten path.

The log shows this.target + req.url which includes the /fineract-provider prefix, but pathRewrite strips this prefix before forwarding. For example, a request to /fineract-provider/api/v1/clients logs as going to https://sandbox.mifos.community/fineract-provider/api/v1/clients, but it actually forwards to https://sandbox.mifos.community/api/v1/clients.

Consider logging the rewritten path to avoid confusion when debugging:

🔎 Proposed fix

     onProxyReq: function (proxyReq, req, res) {
-      console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + req.url);
+      const rewrittenPath = req.url.replace(/^\/fineract-provider/, '');
+      console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + rewrittenPath);
     },

---

37-41: Add a commented comma to ease switching between configurations.

If a developer uncomments the localhost block, they'll encounter a syntax error because there's no comma after the closing brace on line 37. Consider adding a commented comma to make the switch easier:

🔎 Proposed fix

     }
-  }
+  },
   // Uncomment this configuration to proxy to a local Fineract instance instead
   // {

Alternatively, per the reviewer's earlier suggestion, consider creating a separate proxy.localhost.conf.js sample file instead of inline comments.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fd939a3 and 4c2f6a0.

📒 Files selected for processing (1)

• proxy.conf.js

🔇 Additional comments (2)

proxy.conf.js (2)

22-36: Error handling looks solid.

Good implementation with defensive checks (res && !res.headersSent) and proper use of this.target for dynamic logging. The 502 response with a descriptive error message provides clear feedback during development.

---

13-17: Configuration looks good overall.

The proxy setup correctly:

• Routes /fineract-provider requests to the sandbox backend
• Strips the path prefix via pathRewrite to avoid 404s (addresses the earlier review concern)
• Uses secure: true for SSL validation
• Enables debug logging for troubleshooting

[IOhacker]

@priyans11 why the breadcrumb and entity notes tab have been modified in this ticket?

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

proxy.conf.js (1)

39-57: Consider extracting the localhost config to a separate sample file.

Per the earlier review feedback from IOhacker, it was suggested to create a separate proxy.localhost.conf.sample file instead of keeping the alternative configuration commented inline. This would make it easier for developers to switch between configurations and keep the main file cleaner.

Also note: Line 48 uses req.url (unprefixed) while the active configuration on line 21 uses the manually calculated rewrittenPath for consistency. If this block is ever uncommented, it would log different path formats.

🧹 Nitpick comments (1)

src/app/core/shell/breadcrumb/breadcrumb.component.ts (1)

100-101: Consider using stricter types instead of any.

Per Angular best practices and the coding guidelines for strict type safety, consider typing these variables more explicitly:

-          let breadcrumbLabel: any;
-          let url: any;
+          let breadcrumbLabel: string | false = false;
+          let url: string | undefined;

This would align with the Breadcrumb interface which expects label: string and url: string.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c4e979a and 384b87e.

📒 Files selected for processing (2)

• proxy.conf.js
• src/app/core/shell/breadcrumb/breadcrumb.component.ts

🧰 Additional context used

📓 Path-based instructions (1)

src/app/**

⚙️ CodeRabbit configuration file

src/app/**: For Angular code: verify component separation, trackBy on *ngFor,
strict type safety, and clean observable patterns.

Files:

• src/app/core/shell/breadcrumb/breadcrumb.component.ts

🧬 Code graph analysis (1)

src/app/core/shell/breadcrumb/breadcrumb.component.ts (1)

src/app/core/shell/breadcrumb/breadcrumb.model.ts (1)

• Breadcrumb (4-7)

🔇 Additional comments (5)

proxy.conf.js (1)

13-37: LGTM! Proxy configuration looks well-structured.

The configuration correctly:

• Uses pathRewrite to strip /fineract-provider prefix
• References this.target dynamically in both onProxyReq and onError handlers
• Returns proper 502 status with informative error messages
• Enables debug logging for development visibility

src/app/core/shell/breadcrumb/breadcrumb.component.ts (4)

58-64: Good implementation of OnDestroy and subscription cleanup.

The destroy$ Subject pattern with takeUntil is the recommended approach for managing Observable subscriptions in Angular components. This prevents memory leaks when the component is destroyed.

---

90-93: Clean observable merge pattern for language-aware breadcrumbs.

The use of merge() to combine NavigationEnd events with onLangChange is a clean approach to ensure breadcrumbs regenerate when the language changes. The takeUntil(this.destroy$) properly manages the subscription lifecycle.

---

272-289: Translation fallback logic is sound.

The enhanced getTranslate method correctly:

1. Checks labels.text.* first for static breadcrumb labels
2. Falls back to labels.menus.* for action names
3. Returns the original text if no translation is found

This ensures breadcrumbs remain functional even when translations are missing.

---

294-297: Proper cleanup in ngOnDestroy.

Calling both next() and complete() on the destroy$ Subject ensures all subscriptions using takeUntil(this.destroy$) are properly terminated and resources are released.

[priyans11]

@priyans11 why the breadcrumb and entity notes tab have been modified in this ticket?

@IOhacker
"Sorry, I accidentally included some local changes when I fetched/rebased. I reverted them and now the branch only contains the intended proxy.conf.js and README.md changes."

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The logging in the commented localhost configuration is inconsistent with the active sandbox configuration. The active configuration on line 21 computes a rewrittenPath to show the actual proxied path, but this localhost version logs req.url directly without applying the path rewrite. For consistency and accuracy in debugging, this should also compute and log the rewritten path similar to the active configuration.

Suggested change

	// onProxyReq: function(proxyReq, req, res) {
	// console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + req.url);
	// onProxyReq: function (proxyReq, req, res) {
	// const rewrittenPath = (req.url || '').replace(/^\/fineract-provider/, '');
	// console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + rewrittenPath);

[Copilot]

The referenced backend-proxy.md documentation file still contains outdated examples showing the old Chuck Norris API proxy configuration. Since this PR updates the proxy to use Fineract endpoints, the documentation should be updated to reflect the current proxy configuration to avoid confusion for developers.

Suggested change

	For more details on proxy configuration, see the [backend proxy documentation](./docs/backend-proxy.md).
	The proxy is configured to work with Fineract endpoints as described in this section.

[Copilot]

The documentation states that the system resets every 6 hours, but it doesn't clarify what "system reset" means in this context. Does this mean the sandbox data is wiped, authentication tokens are invalidated, or the service restarts? Adding clarity here would help developers understand what to expect during development.

[Copilot]

Several language locale codes appear to be incorrect based on ISO 639-1 and ISO 3166-1 standards. Specifically: cs-CS should be cs-CZ (Czech Republic), ko-KO should be ko-KR (South Korea), and ne-NE should be ne-NP (Nepal). Additionally, li-LI is unclear and should be verified - it might be lt-LT for Lithuanian. These should match the actual locale codes used by the Mifos sandbox environment.

Suggested change

	MIFOS_SUPPORTED_LANGUAGES=cs-CS,de-DE,en-US,es-MX,fr-FR,it-IT,ko-KO,li-LI,lv-LV,ne-NE,pt-PT,sw-SW
	MIFOS_SUPPORTED_LANGUAGES=cs-CZ,de-DE,en-US,es-MX,fr-FR,it-IT,ko-KR,lt-LT,lv-LV,ne-NP,pt-PT,sw-SW

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

proxy.conf.js (2)

39-58: Localhost configuration provided inline.

The commented localhost configuration is consistent and mirrors the sandbox setup. However, a past review suggested creating a separate sample file (e.g., proxy.localhost.conf.sample) instead of inline comments for better discoverability and maintainability.

Do you want to extract this into a separate sample file as previously suggested, or keep it inline for simplicity?

---

69-80: Clarify the proxy warning message.

The warning "API requests will not be proxied" is misleading. The development proxy will still forward /fineract-provider requests to the sandbox—only the corporate proxy agent (via HTTP_PROXY) won't be used. Consider clarifying:

🔎 Proposed fix

   } else {
-    console.warn('No proxy server configured. API requests will not be proxied.');
+    console.log('No corporate proxy (HTTP_PROXY) configured. Using direct connection to proxy target.');
   }

README.md (2)

147-160: Consider clarifying the scope of environment variables.

The listed environment variables (e.g., FINERACT_API_URLS, FINERACT_API_PROVIDER) appear to be sandbox deployment configurations rather than local proxy settings. The proxy.conf.js doesn't consume these variables directly. Consider adding a note that these are the sandbox backend's configuration for context, to avoid confusion with local development proxy settings.

---

34-39: Consider wrapping bare URLs for better formatting.

Markdownlint flags the bare URLs in the backend options list. While functional, wrapping them in angle brackets (<https://...>) or making them proper markdown links would improve readability and make them clickable in rendered documentation.

🔎 Proposed fix

   - **Option A: Use existing remote server**
-   - Use the sandbox (MariaDB) at https://sandbox.mifos.community — sandbox data is reset every 6 hours; test data and transient state may be cleared.
-   - Use the demo (MariaDB) at https://demo.mifos.community
-   - Use the demo (Keycloak) at https://oauth.mifos.community
-   - Use the demo (2FA) at https://2fa.mifos.community
-   - Use the demo (Oidc) at https://oidc.mifos.community
-   - Use the demo (Postgres) at https://elephant.mifos.community
+   - Use the sandbox (MariaDB) at <https://sandbox.mifos.community> — sandbox data is reset every 6 hours; test data and transient state may be cleared.
+   - Use the demo (MariaDB) at <https://demo.mifos.community>
+   - Use the demo (Keycloak) at <https://oauth.mifos.community>
+   - Use the demo (2FA) at <https://2fa.mifos.community>
+   - Use the demo (Oidc) at <https://oidc.mifos.community>
+   - Use the demo (Postgres) at <https://elephant.mifos.community>

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 187e496 and a3e4eaf.

📒 Files selected for processing (2)

• README.md
• proxy.conf.js

🧰 Additional context used

🪛 markdownlint-cli2 (0.18.1)

README.md

34-34: Bare URL used

(MD034, no-bare-urls)

---

35-35: Bare URL used

(MD034, no-bare-urls)

---

36-36: Bare URL used

(MD034, no-bare-urls)

---

37-37: Bare URL used

(MD034, no-bare-urls)

---

38-38: Bare URL used

(MD034, no-bare-urls)

---

39-39: Bare URL used

(MD034, no-bare-urls)

🔇 Additional comments (4)

proxy.conf.js (2)

13-22: Proxy configuration looks solid!

The configuration correctly forwards /fineract-provider requests to the sandbox, strips the path prefix, and logs rewritten paths using this.target for consistency. The debug logging will be helpful during development.

---

23-37: Error handling is well-implemented!

The error handler properly uses this.target for consistent logging, checks res.headersSent to prevent double-writes, and returns an appropriate 502 status code with a descriptive message.

README.md (2)

15-15: Clear documentation of sandbox limitations!

The updated notices about 6-hour data resets and clearing of test data/transient state provide helpful transparency for developers working with the sandbox environment.

Also applies to: 34-40

---

157-157: Language codes corrected to ISO standards!

The locale codes have been properly updated to match ISO 639-1 and ISO 3166-1 standards (cs-CZ, ko-KR, lt-LT, ne-NP). This addresses the previously flagged inconsistencies.

Also applies to: 202-219

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a3e4eaf and 2422d5b.

📒 Files selected for processing (1)

• docs/backend-proxy.md

🔇 Additional comments (3)

docs/backend-proxy.md (3)

19-34: Clear and well-documented proxy configuration.

The sandbox proxy configuration is clearly explained with appropriate settings (secure: true, logLevel: 'debug') and useful request logging via onProxyReq. The code block is properly formatted.

---

36-39: Excellent explanation of pathRewrite behavior.

The example clearly demonstrates how /fineract-provider/1.0/... is rewritten to the sandbox root endpoint, making it easy for developers to understand the path transformation logic.

---

47-53: Documentation accurately reflects the actual implementation.

The proxy.conf.js implementation confirms all documented details: the setupForProxy(proxyConfig) function exists, correctly checks both http_proxy and HTTP_PROXY environment variables, attaches HttpsProxyAgent to proxy entries when detected, and logs the proxy server with console.log(). The documentation is aligned with the implementation.

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The FINERACT_API_ACTUATOR value shown here (/1.0/core) is inconsistent with the default value documented elsewhere in the README (/fineract-provider) and in the environment files. This could cause confusion for developers trying to configure their sandbox environment. Please verify which value is correct for the sandbox environment.

Suggested change

	FINERACT_API_ACTUATOR=/1.0/core
	FINERACT_API_ACTUATOR=/fineract-provider

[Copilot]

The FINERACT_API_PROVIDER value shown here (/1.0/core/api) is inconsistent with the default value documented elsewhere in the README (/fineract-provider/api) and in the environment files. This could cause confusion for developers trying to configure their sandbox environment. Please verify which value is correct for the sandbox environment.

Suggested change

	FINERACT_API_PROVIDER=/1.0/core/api
	FINERACT_API_PROVIDER=/fineract-provider/api

[Copilot]

The documentation mentions a function named setupForProxy(proxyConfig), but the actual function in proxy.conf.js is named setupForProxy (which is correct). However, the documentation doesn't mention the console.warn message that appears when HTTP_PROXY is not set, which states "No proxy server configured. API requests will not be proxied." This message is misleading because the dev server proxy will still work - only the corporate proxy forwarding is disabled. Consider clarifying this behavior in the documentation.

Suggested change

	The repository configures a helper function in `proxy.conf.js` named `setupForProxy(proxyConfig)` which will attach an
	`HttpsProxyAgent` to proxy entries when the `HTTP_PROXY` (or `http_proxy`) environment variable is present. This lets
	the dev server forward requests through a corporate proxy when required. See `proxy.conf.js` for the exact behaviour
	and a short console log that reports the proxy server when detected.
	The repository configures a helper function in `proxy.conf.js` named `setupForProxy` (which takes `proxyConfig` as an
	argument) that will attach an `HttpsProxyAgent` to proxy entries when the `HTTP_PROXY` (or `http_proxy`) environment
	variable is present. This lets the dev server forward requests through a corporate proxy when required. When a
	corporate proxy is detected, `setupForProxy` logs the proxy server address; when no `HTTP_PROXY`/`http_proxy` is set,
	it logs a warning such as "No proxy server configured. API requests will not be proxied." This warning only means that
	forwarding via a corporate proxy is disabled — the dev server proxy configuration described above still works normally.

[Copilot]

The language codes in this table are incorrect for Czech, Korean, and Nepali. The codes should be cs-CS, ko-KO, and ne-NE to match the actual translation files in src/assets/translations/ and the environment configuration files.

The file names shown are also incorrect:

• cs-CZ.json should be cs-CS.json
• ko-KR.json should be ko-KO.json
• ne-NP.json should be ne-NE.json

[Copilot]

The supported languages list contains incorrect language codes. Based on the actual translation files and environment configuration, the codes should be cs-CS, ko-KO, and ne-NE (not cs-CZ, ko-KR, and ne-NP).

The corrected value should be:
cs-CS,de-DE,en-US,es-MX,fr-FR,it-IT,ko-KO,lt-LT,lv-LV,ne-NE,pt-PT,sw-SW

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2422d5b and 293a89d.

📒 Files selected for processing (2)

• README.md
• docs/backend-proxy.md

🚧 Files skipped from review as they are similar to previous changes (1)

• docs/backend-proxy.md

🧰 Additional context used

🪛 markdownlint-cli2 (0.18.1)

README.md

34-34: Bare URL used

(MD034, no-bare-urls)

---

35-35: Bare URL used

(MD034, no-bare-urls)

---

36-36: Bare URL used

(MD034, no-bare-urls)

---

37-37: Bare URL used

(MD034, no-bare-urls)

---

38-38: Bare URL used

(MD034, no-bare-urls)

---

39-39: Bare URL used

(MD034, no-bare-urls)

🔇 Additional comments (3)

README.md (3)

179-179: Verify backend-proxy.md documentation is current.

Line 179 references backend-proxy.md documentation. A past review flagged that backend-proxy.md contained outdated proxy configuration examples (old Chuck Norris API proxy). Please verify that the docs/backend-proxy.md file has been updated to reflect the current Fineract proxy configuration described in this README section, or clarify the reference.

---

157-158: Language codes are now consistent and accurate.

The language locale codes throughout the README have been corrected and are now consistent:

• MIFOS_SUPPORTED_LANGUAGES (line 157–158) uses correct codes
• Configuration table (line 202) matches
• Language reference table (lines 204–219) aligns with actual translation files

The Lithuanian entry has been properly updated from li-LI to lt-LT (line 215), and all codes (cs-CS, ko-KO, ne-NE, lt-LT) now match the actual translation files in the codebase. Past review feedback has been successfully addressed.

Also applies to: 202-202, 204-219

---

15-15: Sandbox reset clarification is improved.

The documentation now clearly specifies that "test data and transient state" reset every 6 hours, addressing the past review comment about clarifying what "system reset" means. This messaging is consistent across lines 15, 34, and 145–146.

Also applies to: 34-34, 145-146

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

README.md (1)

34-39: Wrap bare URLs in markdown link syntax to fix markdown lint violations (MD034).

These bare URLs violate the no-bare-urls rule. Wrap each URL in markdown link syntax for consistency with markdown standards.

🔎 Proposed fix

-   - Use the sandbox (MariaDB) at https://sandbox.mifos.community — sandbox data is reset every 6 hours; test data and transient state may be cleared.
-   - Use the demo (MariaDB) at https://demo.mifos.community
-   - Use the demo (Keycloak) at https://oauth.mifos.community
-   - Use the demo (2FA) at https://2fa.mifos.community
-   - Use the demo (Oidc) at https://oidc.mifos.community
-   - Use the demo (Postgres) at https://elephant.mifos.community
+   - Use the [sandbox (MariaDB)](https://sandbox.mifos.community) — sandbox data is reset every 6 hours; test data and transient state may be cleared.
+   - Use the [demo (MariaDB)](https://demo.mifos.community)
+   - Use the [demo (Keycloak)](https://oauth.mifos.community)
+   - Use the [demo (2FA)](https://2fa.mifos.community)
+   - Use the [demo (Oidc)](https://oidc.mifos.community)
+   - Use the [demo (Postgres)](https://elephant.mifos.community)

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cfe14f5 and 9117cc8.

📒 Files selected for processing (3)

• README.md
• docs/backend-proxy.md
• proxy.conf.js

🚧 Files skipped from review as they are similar to previous changes (1)

• proxy.conf.js

🧰 Additional context used

🪛 markdownlint-cli2 (0.18.1)

README.md

34-34: Bare URL used

(MD034, no-bare-urls)

---

35-35: Bare URL used

(MD034, no-bare-urls)

---

36-36: Bare URL used

(MD034, no-bare-urls)

---

37-37: Bare URL used

(MD034, no-bare-urls)

---

38-38: Bare URL used

(MD034, no-bare-urls)

---

39-39: Bare URL used

(MD034, no-bare-urls)

🔇 Additional comments (2)

README.md (2)

135-180: Proxy Configuration section is comprehensive and well-structured.

The new section clearly documents the sandbox proxy setup, environment variables, localhost proxy switching instructions, and testing procedures. The inclusion of both successful and error proxy scenarios with curl examples and expected outputs is helpful for developers.

---

157-157: Language codes are accurate and consistent with actual translation files.

The current codes in MIFOS_SUPPORTED_LANGUAGES (line 157) and the language table (lines 242, 248, 254, 255, 257) are correct and match the actual translation files in the repository. The codes cs-CS, ko-KO, and ne-NE are not errors—they correspond directly to cs-CS.json, ko-KO.json, and ne-NE.json respectively in src/assets/translations/. All language codes are internally consistent across the README and the codebase.

Likely an incorrect or invalid review comment.

[priyans11]

I suggest to create a new filea instead of commenting the section like a new file called proxy.localhost.conf.sample

@IOhacker I’m sorry, I missed this comment earlier. Could you please clarify whether you’re suggesting creating a separate proxy sample JavaScript file specifically for localhost?
i m a begginer, pls help me understand nd would be greatly appreciated
Thank you.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

proxy.conf.js (2)

64-83: Clarify the warning message to avoid developer confusion.

The warning on line 79 states "API requests will not be proxied," which is misleading. When HTTP_PROXY is not set, only corporate proxy forwarding is disabled—the Angular dev server proxy (forwarding /fineract-provider to the sandbox) continues to work normally. This warning may confuse developers who see it but observe the proxy functioning correctly.

Based on past review feedback, consider updating the message to be more specific:

🔎 Proposed fix

   } else {
-    console.warn('No proxy server configured. API requests will not be proxied.');
+    console.warn('No corporate proxy (HTTP_PROXY) configured. Dev server proxy will still forward /fineract-provider requests.');
   }

Alternatively, you could make it informational rather than a warning:

   } else {
-    console.warn('No proxy server configured. API requests will not be proxied.');
+    console.log('No corporate proxy configured. Using direct connection for dev server proxy.');
   }

---

3-3: Update https-proxy-agent from 7.0.2 to 7.0.6 (latest stable version).

Version 7.0.2 has no known security vulnerabilities, but 7.0.6 is the current latest release and includes additional patches and maintenance updates.

🧹 Nitpick comments (1)

proxy.conf.js (1)

39-58: Consider creating a separate sample file for the localhost configuration.

As suggested in previous feedback, instead of keeping this as a commented block, create a separate file proxy.localhost.conf.sample (or proxy.conf.local.example.js) that developers can copy and rename when they need to proxy to a local Fineract instance. This approach:

• Keeps the main configuration file clean and focused
• Provides a clear, documented example for local development
• Makes it easier for developers to switch between configurations

🔎 Suggested approach

1. Create a new file proxy.conf.local.example.js with the localhost configuration:

'use strict';

const { HttpsProxyAgent } = require('https-proxy-agent');

const proxyConfig = [
  {
    context: ['/fineract-provider'],
    target: 'http://localhost:8443',
    pathRewrite: { '^/fineract-provider': '' },
    changeOrigin: true,
    secure: false,
    logLevel: 'debug',
    onProxyReq: function(proxyReq, req, res) {
      const rewrittenPath = (req.url || '').replace(/^\/fineract-provider/, '');
      console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + rewrittenPath);
    },
    onError: function(err, req, res) {
      console.error('[Proxy] Error while proxying request:', req && req.method, req && req.url, '->', this.target, '-', err && err.message);
      if (res && !res.headersSent) {
        res.writeHead(502, { 'Content-Type': 'text/plain' });
        res.end('Proxy error: ' + (err && err.message ? err.message : 'Unknown error'));
      }
    }
  }
];

function setupForProxy(proxyConfig) {
  // ... same as in proxy.conf.js
}

module.exports = setupForProxy(proxyConfig);

2. Remove the commented block from proxy.conf.js (lines 39-58)

3. Add a note in the main file or README explaining: "To proxy to a local Fineract instance, copy proxy.conf.local.example.js to proxy.conf.js"

This addresses the reviewer's feedback and provides a cleaner solution for developers who need localhost proxying.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6a61374 and e778b11.

📒 Files selected for processing (3)

• README.md
• docs/backend-proxy.md
• proxy.conf.js

🚧 Files skipped from review as they are similar to previous changes (1)

• README.md

🔇 Additional comments (4)

proxy.conf.js (1)

11-38: LGTM! Proxy configuration is well-structured.

The proxy configuration correctly:

• Uses array context for clarity
• Strips the /fineract-provider prefix via pathRewrite
• Logs rewritten paths with dynamic this.target reference
• Handles errors gracefully with 502 responses

All previously identified issues (hardcoded URLs, missing error handling) have been addressed.

docs/backend-proxy.md (3)

18-42: LGTM! Example configuration accurately reflects the implementation.

The documented proxy configuration example correctly mirrors the actual implementation in proxy.conf.js, including the array context, sandbox target, pathRewrite rule, and both lifecycle handlers.

---

44-68: LGTM! Error handling is well-documented with clear examples.

The documentation thoroughly explains the proxy error handling behavior, including:

• Detailed description of what the onError handler does
• Server-side logging example
• Client-side 502 response example

This addresses the previously identified gap in error handling documentation.

---

76-89: Corporate proxy documentation is accurate and helpful.

The documentation clearly explains:

• The setupForProxy function's purpose and behavior
• The distinction between corporate proxy forwarding and dev server proxy functionality
• That the warning message refers only to corporate proxy, not the dev server proxy

This addresses potential developer confusion about the warning message. If the warning message in proxy.conf.js (line 79) is updated per my earlier suggestion, ensure this documentation remains aligned with the actual log message text.

[IOhacker]

@priyans11 my suggestion is to add a new file, with another name and put the configuration there. No need to comment the code in the same file. In the Readme just add the instruction for explaining how to use the file for the localhost. Please trust yourself and don't use the AI (I think that you are doing a lot of changes suggested by the AI)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

proxy.localhost.conf.js (1)

18-19: Consider extracting the pathRewrite logic to reduce duplication.

The rewrittenPath computation on line 18 is identical to the one in proxy.conf.js line 20. While this duplication is minor and the files serve different purposes (localhost vs. sandbox), extracting this into a shared helper function would improve maintainability if the rewrite logic ever needs to change.

🔎 Optional refactor to eliminate duplication

Create a shared helper at the top of each file:

function getRewrittenPath(url) {
  return (url || '').replace(/^\/fineract-provider/, '');
}

Then use it in onProxyReq:

    onProxyReq: function (proxyReq, req, res) {
-      const rewrittenPath = (req.url || '').replace(/^\/fineract-provider/, '');
+      const rewrittenPath = getRewrittenPath(req.url);
      console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + rewrittenPath);
    },

However, since these are separate configuration files that developers will use independently, the current duplication is acceptable.

proxy.conf.js (1)

50-61: Clarify the warning message scope.

The warning on line 60 states "API requests will not be proxied," but this is misleading. The proxy configuration will still forward /fineract-provider requests to the sandbox—the HTTP_PROXY environment variable is only needed for corporate proxy scenarios where an intermediate proxy server sits between your development machine and the internet.

The current message might confuse developers who see it during normal operation (when no corporate proxy is needed).

🔎 Suggested clarification

  } else {
-    console.warn('No proxy server configured. API requests will not be proxied.');
+    console.log('No corporate proxy detected. Direct connection to target will be used.');
  }

Or make it more explicit:

  } else {
-    console.warn('No proxy server configured. API requests will not be proxied.');
+    console.log('HTTP_PROXY not set. Direct connection to the configured target (sandbox/localhost) will be used.');
  }

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e778b11 and b09ff96.

📒 Files selected for processing (3)

• README.md
• proxy.conf.js
• proxy.localhost.conf.js

🧰 Additional context used

🧬 Code graph analysis (2)

proxy.localhost.conf.js (1)

proxy.conf.js (1)

• rewrittenPath (20-20)

proxy.conf.js (1)

proxy.localhost.conf.js (1)

• rewrittenPath (18-18)

🔇 Additional comments (10)

proxy.localhost.conf.js (1)

1-37: LGTM! Configuration is correct for local development.

The localhost proxy configuration is well-structured with appropriate settings for development against a local Fineract instance:

• secure: false is correct for localhost
• pathRewrite properly strips the /fineract-provider prefix
• Error handling returns HTTP 502 with descriptive messages
• Logging provides clear debugging output

proxy.conf.js (4)

3-10: LGTM! Proper setup for corporate proxy support.

The import of HttpsProxyAgent and updated comment block correctly document the proxy configuration's purpose.

---

13-18: LGTM! Correct sandbox configuration.

The proxy configuration properly targets the Fineract sandbox with:

• Context array for /fineract-provider routes
• Secure connection (secure: true) for HTTPS target
• Path rewriting to strip the prefix
• Debug logging enabled

---

19-22: LGTM! Request logging provides useful debugging information.

The onProxyReq hook correctly logs the proxied request with the rewritten path, making it easy to troubleshoot proxy behavior during development.

---

23-37: LGTM! Robust error handling with appropriate HTTP status.

The onError handler properly:

• Logs detailed error information including the target
• Returns HTTP 502 (Bad Gateway) when the backend is unreachable
• Checks res.headersSent to avoid double-send errors

README.md (5)

135-160: LGTM! Clear and comprehensive proxy documentation.

The proxy configuration section provides:

• Clear explanation of the default sandbox setup
• Correct target URL and API endpoint information
• Important warning about 6-hour data resets
• Complete environment variable reference

---

162-180: LGTM! Helpful guidance for local development.

The localhost proxy instructions are clear and correctly explain:

• How to use the separate proxy.localhost.conf.js file
• That the local Fineract instance should run on port 8443
• That setupForProxy/HttpsProxyAgent are only for corporate proxy scenarios

The note about corporate proxies on lines 177-179 appropriately clarifies when the HTTP_PROXY environment variable is needed.

---

181-228: LGTM! Excellent testing examples and error scenarios.

The proxy features and testing section provides:

• Clear list of proxy benefits
• Practical curl examples for verification
• Expected console output for successful requests
• Documented error behavior with HTTP 502 responses

The examples will help developers verify their proxy setup is working correctly.

---

264-264: Lithuanian locale code updated correctly.

The change from li-LI to lt-LT for Lithuanian is correct. The ISO 639-1 code for Lithuanian is lt, not li.

---

152-153: The documented locale codes are correct—no changes needed.

The locale codes ko-KO, ne-NE, and cs-CS in the README documentation match the actual translation files in src/assets/translations/. These are the correct ISO locale codes for Korean (South Korea), Nepali (Nepal), and Czech (Czechia) respectively, and no correction to ko-KR, ne-NP, or cs-CZ is required.

The FINERACT_API_PROVIDER and FINERACT_API_ACTUATOR values are consistent across the README, environment configuration files, and docker-compose setup.

Note: The README line 157 is missing es-CL from the supported languages list, though the translation file exists and is included in docker-compose.yml. Consider adding it for consistency if Spanish (Chile) support is intended.

Likely an incorrect or invalid review comment.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

proxy.localhost.conf.js (1)

17-20: Consider removing redundant path rewrite logic.

Line 18 manually replicates the pathRewrite configuration from line 13. Since http-proxy-middleware automatically applies pathRewrite before calling onProxyReq, manually recalculating rewrittenPath is unnecessary and violates the DRY principle. The req.url passed to onProxyReq already reflects the rewritten path.

🔎 Simplified logging without redundant rewrite

     onProxyReq: function (proxyReq, req, res) {
-      const rewrittenPath = (req.url || '').replace(/^\/fineract-provider/, '');
-      console.log('[Proxy] Proxying:', req.method, req.url, '->', this.target + rewrittenPath);
+      console.log('[Proxy] Proxying:', req.method, 'to', this.target + req.url);
     },

docs/backend-proxy.md (1)

27-31: Consider documenting the redundant path rewrite.

Line 29 manually replicates the pathRewrite transformation that http-proxy-middleware automatically applies before calling onProxyReq. While this may reflect the current implementation in proxy.conf.js, the documentation could note that req.url already contains the rewritten path, making the manual replacement unnecessary.

Alternative simplified approach

If this example is updated (either here or in the actual proxy.conf.js), consider:

onProxyReq: function (proxyReq, req, res) {
  // req.url already reflects pathRewrite transformation
  console.log('[Proxy] Proxying:', req.method, 'to', this.target + req.url);
}

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b09ff96 and af64ac3.

📒 Files selected for processing (4)

• README.md
• docs/backend-proxy.md
• proxy.conf.js
• proxy.localhost.conf.js

🚧 Files skipped from review as they are similar to previous changes (1)

• proxy.conf.js

🧰 Additional context used

🧬 Code graph analysis (1)

proxy.localhost.conf.js (1)

proxy.conf.js (1)

• rewrittenPath (20-20)

🔇 Additional comments (5)

proxy.localhost.conf.js (1)

21-35: LGTM!

The error handling is well-implemented with defensive checks for res and !res.headersSent, ensuring graceful degradation when proxy failures occur.

README.md (2)

162-180: LGTM!

Clear, actionable instructions for local Fineract development. The note about HttpsProxyAgent / setupForProxy (lines 178-179) appropriately clarifies when corporate proxy logic is needed versus direct localhost access.

---

190-228: Excellent testing documentation.

The curl examples with expected outputs (both success and failure scenarios) provide practical, copy-paste-ready commands for developers to verify proxy behavior. The detailed console output examples are particularly helpful for troubleshooting.

docs/backend-proxy.md (2)

48-68: LGTM!

Comprehensive error handling documentation with concrete examples of both server-side logging and client-side responses. This addresses the previous review feedback requesting onError documentation.

---

77-86: LGTM!

The documentation clearly distinguishes between corporate proxy forwarding (controlled by HTTP_PROXY) and the Angular dev server proxy (always active). Lines 83-84 effectively clarify that the warning message scope is limited to corporate proxy forwarding, addressing potential developer confusion.

[priyans11]

@priyans11 my suggestion is to add a new file, with another name and put the configuration there. No need to comment the code in the same file. In the Readme just add the instruction for explaining how to use the file for the localhost. Please trust yourself and don't use the AI (I think that you are doing a lot of changes suggested by the AI)

@IOhacker thanks for the clarification. I ve made the changes as suggested by separating the configurations into a dedicated file and updating the README accordingly.
You’re also right about the AI suggestions, as I m still getting familiar with open source workflows, I relied on them more than necessary. I’ll be more mindful of this going forward. Thank you for the guidance. I really appreciate it :)

[IOhacker]

LGTM