feat: Check valid ORIGIN

Author: wec

src/routes/+layout.server.ts

@@ -1,7 +1,13 @@
 import type { LayoutServerLoad } from './$types';
+import { env } from '$env/dynamic/private';
 
-export const load: LayoutServerLoad = async ({ locals }) => {
+export const load: LayoutServerLoad = async ({ locals, url }) => {
+	const origin = env.ORIGIN ?? '';
 	return {
+		originWarning: {
+			currentOrigin: url.origin,
+			isWarning: origin !== url.origin
+		},
 		userAuthenticated: locals.userAuthenticated
 	};
 };

src/routes/+layout.svelte

@@ -1,8 +1,20 @@
 <script lang="ts">
 	import { Toaster } from 'svelte-5-french-toast';
 	import '../app.css';
-	let { children } = $props();
+	let { children, data } = $props();
 </script>
 
 <Toaster />
+{#if data.originWarning.isWarning}
+	<div class="w-full bg-red-600 p-2 text-center text-white">
+		<p>
+			Invalid origin found. Please specify ORIGIN={data.originWarning.currentOrigin}. Check
+			<a
+				target="_blank"
+				class="underline"
+				href="https://dashlit.cwec.dev/guide/getting-started.html">Docs</a
+			>.
+		</p>
+	</div>
+{/if}
 {@render children()}