refactor: Update server configuration to allow specific CORS origins

This commit is contained in:
Mo Tarbin 2024-06-30 22:58:33 -04:00
parent c13dd9addb
commit 49d877486c
3 changed files with 11 additions and 7 deletions

View File

@ -47,6 +47,7 @@ type ServerConfig struct {
RateLimit int `mapstructure:"rate_limit" yaml:"rate_limit"` RateLimit int `mapstructure:"rate_limit" yaml:"rate_limit"`
ReadTimeout time.Duration `mapstructure:"read_timeout" yaml:"read_timeout"` ReadTimeout time.Duration `mapstructure:"read_timeout" yaml:"read_timeout"`
WriteTimeout time.Duration `mapstructure:"write_timeout" yaml:"write_timeout"` WriteTimeout time.Duration `mapstructure:"write_timeout" yaml:"write_timeout"`
CorsAllowOrigins []string `mapstructure:"cors_allow_origins" yaml:"cors_allow_origins"`
} }
type SchedulerConfig struct { type SchedulerConfig struct {
@ -79,7 +80,7 @@ type EmailConfig struct {
func NewConfig() *Config { func NewConfig() *Config {
return &Config{ return &Config{
Telegram: TelegramConfig{ Telegram: TelegramConfig{
Token: "", Token: "REMOVED",
}, },
Database: DatabaseConfig{ Database: DatabaseConfig{
Type: "sqlite", Type: "sqlite",

View File

@ -15,6 +15,8 @@ server:
write_timeout: 1s write_timeout: 1s
rate_period: 60s rate_period: 60s
rate_limit: 200 rate_limit: 200
cors_allow_origins:
- "http://localhost:5173"
scheduler_jobs: scheduler_jobs:
due_job: 30m due_job: 30m

View File

@ -109,7 +109,8 @@ func newServer(lc fx.Lifecycle, cfg *config.Config, db *gorm.DB, notifier *notif
WriteTimeout: cfg.Server.WriteTimeout, WriteTimeout: cfg.Server.WriteTimeout,
} }
config := cors.DefaultConfig() config := cors.DefaultConfig()
config.AllowAllOrigins = true config.AllowAllOrigins = !cfg.IsDoneTickDotCom
config.AllowOrigins = cfg.Server.CorsAllowOrigins
config.AllowCredentials = true config.AllowCredentials = true
config.AddAllowHeaders("Authorization", "secretkey") config.AddAllowHeaders("Authorization", "secretkey")
r.Use(cors.New(config)) r.Use(cors.New(config))