Desktop app calls /v1/me directly on den-web on relaunch — missing /api/den proxy prefix

[joelstucki-taulia]

Summary

After a successful desktop sign-in, the OpenWork desktop app persists the session and on relaunch makes a GET /v1/me request directly against the den-web frontend URL. Since den-web proxies API calls under /api/den/v1/*, the bare /v1/me path returns 404.

Steps to Reproduce

1. Deploy den-api and den-web to separate hosts (e.g. Cloud Run)
2. Sign in to the desktop app via OpenWork Cloud
3. Close and relaunch the desktop app
4. App shows "Request failed with 404" immediately on launch
5. Logs show: GET 404 https://<den-web-host>/v1/me

Root Cause

The desktop app stores the den-web URL as baseUrl and on relaunch calls baseUrl + /v1/me to verify the session. But den-web only exposes API endpoints under /api/den/v1/* — the bare /v1/* paths don't exist on the frontend.

Workaround

Add a redirect in den-web/next.config.js:

async redirects() {
  return [
    {
      source: "/v1/:path*",
      destination: "/api/den/v1/:path*",
      permanent: false,
    },
  ];
},

Expected Behavior

The desktop app should use the full proxy path (/api/den/v1/me) when calling the session verification endpoint on relaunch, or den-web should handle /v1/* paths natively.

Environment

• Google Cloud Run (separate den-api and den-web services)
• OpenWork desktop app v0.13.9 macOS