fix(): remove originHeader decorator (#12245)

Fix https://github.com/twentyhq/core-team-issues/issues/858#issuecomment-2891213392 Fix #11966 Fix #12175
2025-05-23 18:01:36 +02:00
parent 54edcc0ea7
commit 8de85eea61
20 changed files with 98 additions and 62 deletions
--- a/packages/twenty-front/codegen-metadata.cjs
+++ b/packages/twenty-front/codegen-metadata.cjs
@ -1,3 +1,5 @@
 process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
 module.exports = {
  schema:
    (process.env.REACT_APP_SERVER_BASE_URL ?? 'http://localhost:3000') +
--- a/packages/twenty-front/codegen.cjs
+++ b/packages/twenty-front/codegen.cjs
@ -1,3 +1,5 @@
 process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
 module.exports = {
  schema:
    (process.env.REACT_APP_SERVER_BASE_URL ?? 'http://localhost:3000') +
--- a/packages/twenty-front/src/generated-metadata/graphql.ts
+++ b/packages/twenty-front/src/generated-metadata/graphql.ts
@ -1235,6 +1235,7 @@ export type MutationGenerateApiKeyTokenArgs = {
 export type MutationGetAuthTokensFromLoginTokenArgs = {
  loginToken: Scalars['String']['input'];
  origin: Scalars['String']['input'];
 };
@ -1246,6 +1247,7 @@ export type MutationGetAuthorizationUrlForSsoArgs = {
 export type MutationGetLoginTokenFromCredentialsArgs = {
  captchaToken?: InputMaybe<Scalars['String']['input']>;
  email: Scalars['String']['input'];
  origin: Scalars['String']['input'];
  password: Scalars['String']['input'];
 };
@ -1253,6 +1255,7 @@ export type MutationGetLoginTokenFromCredentialsArgs = {
 export type MutationGetLoginTokenFromEmailVerificationTokenArgs = {
  captchaToken?: InputMaybe<Scalars['String']['input']>;
  emailVerificationToken: Scalars['String']['input'];
  origin: Scalars['String']['input'];
 };
@ -1274,6 +1277,7 @@ export type MutationRenewTokenArgs = {
 export type MutationResendEmailVerificationTokenArgs = {
  email: Scalars['String']['input'];
  origin: Scalars['String']['input'];
 };
@ -1761,6 +1765,11 @@ export type QueryGetIndicatorHealthStatusArgs = {
 };
 export type QueryGetPublicWorkspaceDataByDomainArgs = {
  origin: Scalars['String']['input'];
 };
 export type QueryGetQueueMetricsArgs = {
  queueName: Scalars['String']['input'];
  timeRange?: InputMaybe<QueueMetricsTimeRange>;
--- a/packages/twenty-front/src/generated/graphql.tsx
+++ b/packages/twenty-front/src/generated/graphql.tsx
@ -1110,6 +1110,7 @@ export type MutationGenerateApiKeyTokenArgs = {
 export type MutationGetAuthTokensFromLoginTokenArgs = {
  loginToken: Scalars['String'];
  origin: Scalars['String'];
 };
@ -1121,6 +1122,7 @@ export type MutationGetAuthorizationUrlForSsoArgs = {
 export type MutationGetLoginTokenFromCredentialsArgs = {
  captchaToken?: InputMaybe<Scalars['String']>;
  email: Scalars['String'];
  origin: Scalars['String'];
  password: Scalars['String'];
 };
@ -1128,6 +1130,7 @@ export type MutationGetLoginTokenFromCredentialsArgs = {
 export type MutationGetLoginTokenFromEmailVerificationTokenArgs = {
  captchaToken?: InputMaybe<Scalars['String']>;
  emailVerificationToken: Scalars['String'];
  origin: Scalars['String'];
 };
@ -1149,6 +1152,7 @@ export type MutationRenewTokenArgs = {
 export type MutationResendEmailVerificationTokenArgs = {
  email: Scalars['String'];
  origin: Scalars['String'];
 };
@ -1586,6 +1590,11 @@ export type QueryGetIndicatorHealthStatusArgs = {
 };
 export type QueryGetPublicWorkspaceDataByDomainArgs = {
  origin: Scalars['String'];
 };
 export type QueryGetQueueMetricsArgs = {
  queueName: Scalars['String'];
  timeRange?: InputMaybe<QueueMetricsTimeRange>;
@ -2592,6 +2601,7 @@ export type GenerateTransientTokenMutation = { __typename?: 'Mutation', generate
 export type GetAuthTokensFromLoginTokenMutationVariables = Exact<{
  loginToken: Scalars['String'];
  origin: Scalars['String'];
 }>;
@ -2608,6 +2618,7 @@ export type GetLoginTokenFromCredentialsMutationVariables = Exact<{
  email: Scalars['String'];
  password: Scalars['String'];
  captchaToken?: InputMaybe<Scalars['String']>;
  origin: Scalars['String'];
 }>;
@ -2616,6 +2627,7 @@ export type GetLoginTokenFromCredentialsMutation = { __typename?: 'Mutation', ge
 export type GetLoginTokenFromEmailVerificationTokenMutationVariables = Exact<{
  emailVerificationToken: Scalars['String'];
  captchaToken?: InputMaybe<Scalars['String']>;
  origin: Scalars['String'];
 }>;
@ -2638,6 +2650,7 @@ export type RenewTokenMutation = { __typename?: 'Mutation', renewToken: { __type
 export type ResendEmailVerificationTokenMutationVariables = Exact<{
  email: Scalars['String'];
  origin: Scalars['String'];
 }>;
@ -2677,7 +2690,9 @@ export type CheckUserExistsQueryVariables = Exact<{
 export type CheckUserExistsQuery = { __typename?: 'Query', checkUserExists: { __typename: 'UserExists', exists: boolean, isEmailVerified: boolean, availableWorkspaces: Array<{ __typename?: 'AvailableWorkspaceOutput', id: string, displayName?: string | null, logo?: string | null, workspaceUrls: { __typename?: 'WorkspaceUrls', subdomainUrl: string, customUrl?: string | null }, sso: Array<{ __typename?: 'SSOConnection', type: IdentityProviderType, id: string, issuer: string, name: string, status: SsoIdentityProviderStatus }> }> } | { __typename: 'UserNotExists', exists: boolean } };
-export type GetPublicWorkspaceDataByDomainQueryVariables = Exact<{ [key: string]: never; }>;
+export type GetPublicWorkspaceDataByDomainQueryVariables = Exact<{
  origin: Scalars['String'];
 }>;
 export type GetPublicWorkspaceDataByDomainQuery = { __typename?: 'Query', getPublicWorkspaceDataByDomain: { __typename?: 'PublicWorkspaceDataOutput', id: string, logo?: string | null, displayName?: string | null, workspaceUrls: { __typename?: 'WorkspaceUrls', subdomainUrl: string, customUrl?: string | null }, authProviders: { __typename?: 'AuthProviders', google: boolean, magicLink: boolean, password: boolean, microsoft: boolean, sso: Array<{ __typename?: 'SSOIdentityProvider', id: string, name: string, type: IdentityProviderType, status: SsoIdentityProviderStatus, issuer: string }> } } };
@ -3756,8 +3771,8 @@ export type GenerateTransientTokenMutationHookResult = ReturnType<typeof useGene
 export type GenerateTransientTokenMutationResult = Apollo.MutationResult<GenerateTransientTokenMutation>;
 export type GenerateTransientTokenMutationOptions = Apollo.BaseMutationOptions<GenerateTransientTokenMutation, GenerateTransientTokenMutationVariables>;
 export const GetAuthTokensFromLoginTokenDocument = gql`
-    mutation GetAuthTokensFromLoginToken($loginToken: String!) {
+    mutation GetAuthTokensFromLoginToken($loginToken: String!, $origin: String!) {
-  getAuthTokensFromLoginToken(loginToken: $loginToken) {
+  getAuthTokensFromLoginToken(loginToken: $loginToken, origin: $origin) {
    tokens {
      ...AuthTokensFragment
    }
@ -3780,6 +3795,7 @@ export type GetAuthTokensFromLoginTokenMutationFn = Apollo.MutationFunction<GetA
 * const [getAuthTokensFromLoginTokenMutation, { data, loading, error }] = useGetAuthTokensFromLoginTokenMutation({
 *   variables: {
 *      loginToken: // value for 'loginToken'
 *      origin: // value for 'origin'
 *   },
 * });
 */
@ -3826,11 +3842,12 @@ export type GetAuthorizationUrlForSsoMutationHookResult = ReturnType<typeof useG
 export type GetAuthorizationUrlForSsoMutationResult = Apollo.MutationResult<GetAuthorizationUrlForSsoMutation>;
 export type GetAuthorizationUrlForSsoMutationOptions = Apollo.BaseMutationOptions<GetAuthorizationUrlForSsoMutation, GetAuthorizationUrlForSsoMutationVariables>;
 export const GetLoginTokenFromCredentialsDocument = gql`
-    mutation GetLoginTokenFromCredentials($email: String!, $password: String!, $captchaToken: String) {
+    mutation GetLoginTokenFromCredentials($email: String!, $password: String!, $captchaToken: String, $origin: String!) {
  getLoginTokenFromCredentials(
    email: $email
    password: $password
    captchaToken: $captchaToken
    origin: $origin
  ) {
    loginToken {
      ...AuthTokenFragment
@ -3856,6 +3873,7 @@ export type GetLoginTokenFromCredentialsMutationFn = Apollo.MutationFunction<Get
 *      email: // value for 'email'
 *      password: // value for 'password'
 *      captchaToken: // value for 'captchaToken'
 *      origin: // value for 'origin'
 *   },
 * });
 */
@ -3867,10 +3885,11 @@ export type GetLoginTokenFromCredentialsMutationHookResult = ReturnType<typeof u
 export type GetLoginTokenFromCredentialsMutationResult = Apollo.MutationResult<GetLoginTokenFromCredentialsMutation>;
 export type GetLoginTokenFromCredentialsMutationOptions = Apollo.BaseMutationOptions<GetLoginTokenFromCredentialsMutation, GetLoginTokenFromCredentialsMutationVariables>;
 export const GetLoginTokenFromEmailVerificationTokenDocument = gql`
-    mutation GetLoginTokenFromEmailVerificationToken($emailVerificationToken: String!, $captchaToken: String) {
+    mutation GetLoginTokenFromEmailVerificationToken($emailVerificationToken: String!, $captchaToken: String, $origin: String!) {
  getLoginTokenFromEmailVerificationToken(
    emailVerificationToken: $emailVerificationToken
    captchaToken: $captchaToken
    origin: $origin
  ) {
    loginToken {
      ...AuthTokenFragment
@ -3899,6 +3918,7 @@ export type GetLoginTokenFromEmailVerificationTokenMutationFn = Apollo.MutationF
 *   variables: {
 *      emailVerificationToken: // value for 'emailVerificationToken'
 *      captchaToken: // value for 'captchaToken'
 *      origin: // value for 'origin'
 *   },
 * });
 */
@ -3988,8 +4008,8 @@ export type RenewTokenMutationHookResult = ReturnType<typeof useRenewTokenMutati
 export type RenewTokenMutationResult = Apollo.MutationResult<RenewTokenMutation>;
 export type RenewTokenMutationOptions = Apollo.BaseMutationOptions<RenewTokenMutation, RenewTokenMutationVariables>;
 export const ResendEmailVerificationTokenDocument = gql`
-    mutation ResendEmailVerificationToken($email: String!) {
+    mutation ResendEmailVerificationToken($email: String!, $origin: String!) {
-  resendEmailVerificationToken(email: $email) {
+  resendEmailVerificationToken(email: $email, origin: $origin) {
    success
  }
 }
@ -4010,6 +4030,7 @@ export type ResendEmailVerificationTokenMutationFn = Apollo.MutationFunction<Res
 * const [resendEmailVerificationTokenMutation, { data, loading, error }] = useResendEmailVerificationTokenMutation({
 *   variables: {
 *      email: // value for 'email'
 *      origin: // value for 'origin'
 *   },
 * });
 */
@ -4214,8 +4235,8 @@ export type CheckUserExistsQueryHookResult = ReturnType<typeof useCheckUserExist
 export type CheckUserExistsLazyQueryHookResult = ReturnType<typeof useCheckUserExistsLazyQuery>;
 export type CheckUserExistsQueryResult = Apollo.QueryResult<CheckUserExistsQuery, CheckUserExistsQueryVariables>;
 export const GetPublicWorkspaceDataByDomainDocument = gql`
-    query GetPublicWorkspaceDataByDomain {
+    query GetPublicWorkspaceDataByDomain($origin: String!) {
-  getPublicWorkspaceDataByDomain {
+  getPublicWorkspaceDataByDomain(origin: $origin) {
    id
    logo
    displayName
@ -4252,10 +4273,11 @@ export const GetPublicWorkspaceDataByDomainDocument = gql`
 * @example
 * const { data, loading, error } = useGetPublicWorkspaceDataByDomainQuery({
 *   variables: {
 *      origin: // value for 'origin'
 *   },
 * });
 */
-export function useGetPublicWorkspaceDataByDomainQuery(baseOptions?: Apollo.QueryHookOptions<GetPublicWorkspaceDataByDomainQuery, GetPublicWorkspaceDataByDomainQueryVariables>) {
+export function useGetPublicWorkspaceDataByDomainQuery(baseOptions: Apollo.QueryHookOptions<GetPublicWorkspaceDataByDomainQuery, GetPublicWorkspaceDataByDomainQueryVariables>) {
        const options = {...defaultOptions, ...baseOptions}
        return Apollo.useQuery<GetPublicWorkspaceDataByDomainQuery, GetPublicWorkspaceDataByDomainQueryVariables>(GetPublicWorkspaceDataByDomainDocument, options);
      }
--- a/packages/twenty-front/src/modules/auth/graphql/mutations/getAuthTokensFromLoginToken.ts
+++ b/packages/twenty-front/src/modules/auth/graphql/mutations/getAuthTokensFromLoginToken.ts
@ -1,8 +1,8 @@
 import { gql } from '@apollo/client';
 export const GET_AUTH_TOKENS_FROM_LOGIN_TOKEN = gql`
-  mutation GetAuthTokensFromLoginToken($loginToken: String!) {
+  mutation GetAuthTokensFromLoginToken($loginToken: String!, $origin: String!) {
-    getAuthTokensFromLoginToken(loginToken: $loginToken) {
+    getAuthTokensFromLoginToken(loginToken: $loginToken, origin: $origin) {
      tokens {
        ...AuthTokensFragment
      }
--- a/packages/twenty-front/src/modules/auth/graphql/mutations/getLoginTokenFromCredentials.ts
+++ b/packages/twenty-front/src/modules/auth/graphql/mutations/getLoginTokenFromCredentials.ts
@ -5,11 +5,13 @@ export const GET_LOGIN_TOKEN_FROM_CREDENTIALS = gql`
    $email: String!
    $password: String!
    $captchaToken: String
    $origin: String!
  ) {
    getLoginTokenFromCredentials(
      email: $email
      password: $password
      captchaToken: $captchaToken
      origin: $origin
    ) {
      loginToken {
        ...AuthTokenFragment
--- a/packages/twenty-front/src/modules/auth/graphql/mutations/getLoginTokenFromEmailVerificationToken.ts
+++ b/packages/twenty-front/src/modules/auth/graphql/mutations/getLoginTokenFromEmailVerificationToken.ts
@ -4,10 +4,12 @@ export const GET_LOGIN_TOKEN_FROM_EMAIL_VERIFICATION_TOKEN = gql`
  mutation GetLoginTokenFromEmailVerificationToken(
    $emailVerificationToken: String!
    $captchaToken: String
    $origin: String!
  ) {
    getLoginTokenFromEmailVerificationToken(
      emailVerificationToken: $emailVerificationToken
      captchaToken: $captchaToken
      origin: $origin
    ) {
      loginToken {
        ...AuthTokenFragment
--- a/packages/twenty-front/src/modules/auth/graphql/mutations/resendEmailVerificationToken.ts
+++ b/packages/twenty-front/src/modules/auth/graphql/mutations/resendEmailVerificationToken.ts
@ -1,8 +1,8 @@
 import { gql } from '@apollo/client';
 export const RESEND_EMAIL_VERIFICATION_TOKEN = gql`
-  mutation ResendEmailVerificationToken($email: String!) {
+  mutation ResendEmailVerificationToken($email: String!, $origin: String!) {
-    resendEmailVerificationToken(email: $email) {
+    resendEmailVerificationToken(email: $email, origin: $origin) {
      success
    }
  }
--- a/packages/twenty-front/src/modules/auth/graphql/queries/getPublicWorkspaceDataByDomain.ts
+++ b/packages/twenty-front/src/modules/auth/graphql/queries/getPublicWorkspaceDataByDomain.ts
@ -1,8 +1,8 @@
 import { gql } from '@apollo/client';
 export const GET_PUBLIC_WORKSPACE_DATA_BY_DOMAIN = gql`
-  query GetPublicWorkspaceDataByDomain {
+  query GetPublicWorkspaceDataByDomain($origin: String!) {
-    getPublicWorkspaceDataByDomain {
+    getPublicWorkspaceDataByDomain(origin: $origin) {
      id
      logo
      displayName
--- a/packages/twenty-front/src/modules/auth/hooks/mocks/useAuth.ts
+++ b/packages/twenty-front/src/modules/auth/hooks/mocks/useAuth.ts
@ -14,6 +14,7 @@ export const queries = {
 export const email = 'test@test.com';
 export const password = 'testing';
 export const origin = 'http://localhost';
 export const token =
  'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';
@ -21,8 +22,9 @@ export const variables = {
  getLoginTokenFromCredentials: {
    email,
    password,
    origin,
  },
-  getAuthTokensFromLoginToken: { loginToken: token },
+  getAuthTokensFromLoginToken: { loginToken: token, origin },
  signup: {
    email,
    password,
--- a/packages/twenty-front/src/modules/auth/hooks/useAuth.ts
+++ b/packages/twenty-front/src/modules/auth/hooks/useAuth.ts
@ -53,6 +53,7 @@ import { isEmailVerificationRequiredState } from '@/client-config/states/isEmail
 import { isMultiWorkspaceEnabledState } from '@/client-config/states/isMultiWorkspaceEnabledState';
 import { useIsCurrentLocationOnAWorkspace } from '@/domain-manager/hooks/useIsCurrentLocationOnAWorkspace';
 import { useLastAuthenticatedWorkspaceDomain } from '@/domain-manager/hooks/useLastAuthenticatedWorkspaceDomain';
 import { useOrigin } from '@/domain-manager/hooks/useOrigin';
 import { useRedirect } from '@/domain-manager/hooks/useRedirect';
 import { useRedirectToWorkspaceDomain } from '@/domain-manager/hooks/useRedirectToWorkspaceDomain';
 import { domainConfigurationState } from '@/domain-manager/states/domainConfigurationState';
@ -74,6 +75,7 @@ export const useAuth = () => {
    currentWorkspaceMemberState,
  );
  const setCurrentUserWorkspace = useSetRecoilState(currentUserWorkspaceState);
  const { origin } = useOrigin();
  const setCurrentWorkspaceMembers = useSetRecoilState(
    currentWorkspaceMembersState,
@ -179,6 +181,7 @@ export const useAuth = () => {
            email,
            password,
            captchaToken,
            origin,
          },
        });
        if (isDefined(getLoginTokenResult.errors)) {
@ -203,7 +206,7 @@ export const useAuth = () => {
        throw error;
      }
    },
-    [getLoginTokenFromCredentials, setSearchParams, setSignInUpStep],
+    [getLoginTokenFromCredentials, setSearchParams, setSignInUpStep, origin],
  );
  const handleGetLoginTokenFromEmailVerificationToken = useCallback(
@ -212,6 +215,7 @@ export const useAuth = () => {
        variables: {
          emailVerificationToken,
          captchaToken,
          origin,
        },
      });
@ -225,7 +229,7 @@ export const useAuth = () => {
      return loginTokenResult.data.getLoginTokenFromEmailVerificationToken;
    },
-    [getLoginTokenFromEmailVerificationToken],
+    [getLoginTokenFromEmailVerificationToken, origin],
  );
  const loadCurrentUser = useCallback(async () => {
@ -335,7 +339,10 @@ export const useAuth = () => {
  const handleGetAuthTokensFromLoginToken = useCallback(
    async (loginToken: string) => {
      const getAuthTokensResult = await getAuthTokensFromLoginToken({
-        variables: { loginToken },
+        variables: {
          loginToken,
          origin,
        },
      });
      if (isDefined(getAuthTokensResult.errors)) {
@ -364,6 +371,7 @@ export const useAuth = () => {
      setTokenPair,
      refreshObjectMetadataItems,
      loadCurrentUser,
      origin,
    ],
  );
--- a/packages/twenty-front/src/modules/auth/sign-in-up/hooks/useHandleResendEmailVerificationToken.ts
+++ b/packages/twenty-front/src/modules/auth/sign-in-up/hooks/useHandleResendEmailVerificationToken.ts
@ -1,5 +1,6 @@
 import { useCallback } from 'react';
 import { useOrigin } from '@/domain-manager/hooks/useOrigin';
 import { SnackBarVariant } from '@/ui/feedback/snack-bar-manager/components/SnackBar';
 import { useSnackBar } from '@/ui/feedback/snack-bar-manager/hooks/useSnackBar';
 import { t } from '@lingui/core/macro';
@ -9,6 +10,7 @@ export const useHandleResendEmailVerificationToken = () => {
  const { enqueueSnackBar } = useSnackBar();
  const [resendEmailVerificationToken, { loading }] =
    useResendEmailVerificationTokenMutation();
  const { origin } = useOrigin();
  const handleResendEmailVerificationToken = useCallback(
    (email: string | null) => {
@ -22,7 +24,10 @@ export const useHandleResendEmailVerificationToken = () => {
        try {
          const { data } = await resendEmailVerificationToken({
-            variables: { email },
+            variables: {
              email,
              origin,
            },
          });
          if (data?.resendEmailVerificationToken?.success === true) {
@ -41,7 +46,7 @@ export const useHandleResendEmailVerificationToken = () => {
        }
      };
    },
-    [enqueueSnackBar, resendEmailVerificationToken],
+    [enqueueSnackBar, resendEmailVerificationToken, origin],
  );
  return { handleResendEmailVerificationToken, loading };
--- a/packages/twenty-front/src/modules/domain-manager/hooks/useGetPublicWorkspaceDataByDomain.ts
+++ b/packages/twenty-front/src/modules/domain-manager/hooks/useGetPublicWorkspaceDataByDomain.ts
@ -1,6 +1,7 @@
 import { workspacePublicDataState } from '@/auth/states/workspacePublicDataState';
 import { isMultiWorkspaceEnabledState } from '@/client-config/states/isMultiWorkspaceEnabledState';
 import { useIsCurrentLocationOnDefaultDomain } from '@/domain-manager/hooks/useIsCurrentLocationOnDefaultDomain';
 import { useOrigin } from '@/domain-manager/hooks/useOrigin';
 import { useRedirectToDefaultDomain } from '@/domain-manager/hooks/useRedirectToDefaultDomain';
 import { workspaceAuthProvidersState } from '@/workspace/states/workspaceAuthProvidersState';
 import { useRecoilValue, useSetRecoilState } from 'recoil';
@ -10,6 +11,7 @@ import { isDefined } from 'twenty-shared/utils';
 export const useGetPublicWorkspaceDataByDomain = () => {
  const { isDefaultDomain } = useIsCurrentLocationOnDefaultDomain();
  const isMultiWorkspaceEnabled = useRecoilValue(isMultiWorkspaceEnabledState);
  const { origin } = useOrigin();
  const setWorkspaceAuthProviders = useSetRecoilState(
    workspaceAuthProvidersState,
  );
@ -20,6 +22,9 @@ export const useGetPublicWorkspaceDataByDomain = () => {
  );
  const { loading, data, error } = useGetPublicWorkspaceDataByDomainQuery({
    variables: {
      origin,
    },
    skip:
      (isMultiWorkspaceEnabled && isDefaultDomain) ||
      isDefined(workspacePublicData),
--- a/packages/twenty-front/src/modules/domain-manager/hooks/useOrigin.ts
+++ b/packages/twenty-front/src/modules/domain-manager/hooks/useOrigin.ts
@ -0,0 +1,7 @@
 import { useMemo } from 'react';
 export const useOrigin = () => {
  const origin = useMemo(() => window.location.origin, []);
  return { origin };
 };
--- a/packages/twenty-server/src/engine/core-modules/auth/auth.resolver.ts
+++ b/packages/twenty-server/src/engine/core-modules/auth/auth.resolver.ts
@ -48,7 +48,6 @@ import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
 import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate';
 import { AuthUser } from 'src/engine/decorators/auth/auth-user.decorator';
 import { AuthWorkspace } from 'src/engine/decorators/auth/auth-workspace.decorator';
 import { OriginHeader } from 'src/engine/decorators/auth/origin-header.decorator';
 import { SettingsPermissionsGuard } from 'src/engine/guards/settings-permissions.guard';
 import { UserAuthGuard } from 'src/engine/guards/user-auth.guard';
 import { WorkspaceAuthGuard } from 'src/engine/guards/workspace-auth.guard';
@ -135,7 +134,7 @@ export class AuthResolver {
  async getLoginTokenFromCredentials(
    @Args()
    getLoginTokenFromCredentialsInput: GetLoginTokenFromCredentialsInput,
-    @OriginHeader() origin: string,
+    @Args('origin') origin: string,
  ): Promise<LoginToken> {
    const workspace =
      await this.domainManagerService.getWorkspaceByOriginOrDefaultWorkspace(
@ -167,7 +166,7 @@ export class AuthResolver {
  async getLoginTokenFromEmailVerificationToken(
    @Args()
    getLoginTokenFromEmailVerificationTokenInput: GetLoginTokenFromEmailVerificationTokenInput,
-    @OriginHeader() origin: string,
+    @Args('origin') origin: string,
  ) {
    const user =
      await this.emailVerificationTokenService.validateEmailVerificationTokenOrThrow(
@ -320,7 +319,7 @@ export class AuthResolver {
  @Mutation(() => AuthTokens)
  async getAuthTokensFromLoginToken(
    @Args() getAuthTokensFromLoginTokenInput: GetAuthTokensFromLoginTokenInput,
-    @OriginHeader() origin: string,
+    @Args('origin') origin: string,
  ): Promise<AuthTokens> {
    const workspace =
      await this.domainManagerService.getWorkspaceByOriginOrDefaultWorkspace(
--- a/packages/twenty-server/src/engine/core-modules/email-verification/email-verification.resolver.ts
+++ b/packages/twenty-server/src/engine/core-modules/email-verification/email-verification.resolver.ts
@ -9,7 +9,6 @@ import { ResendEmailVerificationTokenOutput } from 'src/engine/core-modules/emai
 import { EmailVerificationExceptionFilter } from 'src/engine/core-modules/email-verification/email-verification-exception-filter.util';
 import { EmailVerificationService } from 'src/engine/core-modules/email-verification/services/email-verification.service';
 import { I18nContext } from 'src/engine/core-modules/i18n/types/i18n-context.type';
 import { OriginHeader } from 'src/engine/decorators/auth/origin-header.decorator';
@Resolver()
@UseFilters(EmailVerificationExceptionFilter)
@ -23,7 +22,7 @@ export class EmailVerificationResolver {
  async resendEmailVerificationToken(
    @Args()
    resendEmailVerificationTokenInput: ResendEmailVerificationTokenInput,
-    @OriginHeader() origin: string,
+    @Args('origin') origin: string,
    @Context() context: I18nContext,
  ): Promise<ResendEmailVerificationTokenOutput> {
    const workspace =
--- a/packages/twenty-server/src/engine/core-modules/user/user.resolver.ts
+++ b/packages/twenty-server/src/engine/core-modules/user/user.resolver.ts
@ -42,10 +42,8 @@ import { UserVarsService } from 'src/engine/core-modules/user/user-vars/services
 import { User } from 'src/engine/core-modules/user/user.entity';
 import { userValidator } from 'src/engine/core-modules/user/user.validate';
 import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
 import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate';
 import { AuthUser } from 'src/engine/decorators/auth/auth-user.decorator';
 import { AuthWorkspace } from 'src/engine/decorators/auth/auth-workspace.decorator';
 import { OriginHeader } from 'src/engine/decorators/auth/origin-header.decorator';
 import { WorkspaceAuthGuard } from 'src/engine/guards/workspace-auth.guard';
 import { SettingPermissionType } from 'src/engine/metadata-modules/permissions/constants/setting-permission-type.constants';
 import { PermissionsService } from 'src/engine/metadata-modules/permissions/permissions.service';
@ -355,15 +353,8 @@ export class UserResolver {
  @ResolveField(() => OnboardingStatus)
  async onboardingStatus(
    @Parent() user: User,
-    @OriginHeader() origin: string,
+    @AuthWorkspace() workspace: Workspace,
  ): Promise<OnboardingStatus> {
    const workspace =
      await this.domainManagerService.getWorkspaceByOriginOrDefaultWorkspace(
        origin,
      );
    workspaceValidator.assertIsDefinedOrThrow(workspace);
    return this.onboardingService.getOnboardingStatus(user, workspace);
  }
--- a/packages/twenty-server/src/engine/core-modules/workspace/workspace.resolver.ts
+++ b/packages/twenty-server/src/engine/core-modules/workspace/workspace.resolver.ts
@ -43,7 +43,6 @@ import { AuthApiKey } from 'src/engine/decorators/auth/auth-api-key.decorator';
 import { AuthUserWorkspaceId } from 'src/engine/decorators/auth/auth-user-workspace-id.decorator';
 import { AuthUser } from 'src/engine/decorators/auth/auth-user.decorator';
 import { AuthWorkspace } from 'src/engine/decorators/auth/auth-workspace.decorator';
 import { OriginHeader } from 'src/engine/decorators/auth/origin-header.decorator';
 import { SettingsPermissionsGuard } from 'src/engine/guards/settings-permissions.guard';
 import { UserAuthGuard } from 'src/engine/guards/user-auth.guard';
 import { WorkspaceAuthGuard } from 'src/engine/guards/workspace-auth.guard';
@ -89,19 +88,12 @@ export class WorkspaceResolver {
  }
  @Mutation(() => Workspace)
-  @UseGuards(UserAuthGuard)
+  @UseGuards(UserAuthGuard, WorkspaceAuthGuard)
  async activateWorkspace(
    @Args('data') data: ActivateWorkspaceInput,
    @AuthUser() user: User,
-    @OriginHeader() origin: string,
+    @AuthWorkspace() workspace: Workspace,
  ) {
    const workspace =
      await this.domainManagerService.getWorkspaceByOriginOrDefaultWorkspace(
        origin,
      );
    workspaceValidator.assertIsDefinedOrThrow(workspace);
    return await this.workspaceService.activateWorkspace(user, workspace, data);
  }
@ -292,7 +284,7 @@ export class WorkspaceResolver {
  @Query(() => PublicWorkspaceDataOutput)
  async getPublicWorkspaceDataByDomain(
-    @OriginHeader() origin: string,
+    @Args('origin') origin: string,
  ): Promise<PublicWorkspaceDataOutput | undefined> {
    try {
      const workspace =
--- a/packages/twenty-server/src/engine/decorators/auth/origin-header.decorator.ts
+++ b/packages/twenty-server/src/engine/decorators/auth/origin-header.decorator.ts
@ -1,11 +0,0 @@
 import { createParamDecorator, ExecutionContext } from '@nestjs/common';
 import { getRequest } from 'src/utils/extract-request';
 export const OriginHeader = createParamDecorator(
  (data: unknown, ctx: ExecutionContext) => {
    const request = getRequest(ctx);
    return request.headers['origin'];
  },
 );
--- a/packages/twenty-server/test/integration/graphql/suites/auth.integration-spec.ts
+++ b/packages/twenty-server/test/integration/graphql/suites/auth.integration-spec.ts
@ -23,7 +23,7 @@ describe('AuthResolve (integration)', () => {
    const queryData = {
      query: `
        mutation GetLoginTokenFromCredentials {
-          getLoginTokenFromCredentials(email: "${auth.email}", password: "${auth.password}") {
+          getLoginTokenFromCredentials(email: "${auth.email}", password: "${auth.password}", origin: "http://localhost") {
            loginToken {
              token
              expiresAt
@ -56,7 +56,7 @@ describe('AuthResolve (integration)', () => {
    const queryData = {
      query: `
        mutation GetAuthTokensFromLoginToken {
-          getAuthTokensFromLoginToken(loginToken: "${loginToken}") {
+          getAuthTokensFromLoginToken(loginToken: "${loginToken}", origin: "http://localhost") {
            tokens {
              accessToken {
                token