refactor: Update server configuration to allow specific CORS origins

This commit is contained in:
Mo Tarbin 2024-06-30 22:58:33 -04:00
parent c13dd9addb
commit 49d877486c
3 changed files with 11 additions and 7 deletions

View File

@ -47,6 +47,7 @@ type ServerConfig struct {
RateLimit int `mapstructure:"rate_limit" yaml:"rate_limit"`
ReadTimeout time.Duration `mapstructure:"read_timeout" yaml:"read_timeout"`
WriteTimeout time.Duration `mapstructure:"write_timeout" yaml:"write_timeout"`
CorsAllowOrigins []string `mapstructure:"cors_allow_origins" yaml:"cors_allow_origins"`
}
type SchedulerConfig struct {
@ -79,7 +80,7 @@ type EmailConfig struct {
func NewConfig() *Config {
return &Config{
Telegram: TelegramConfig{
Token: "",
Token: "REMOVED",
},
Database: DatabaseConfig{
Type: "sqlite",

View File

@ -15,6 +15,8 @@ server:
write_timeout: 1s
rate_period: 60s
rate_limit: 200
cors_allow_origins:
- "http://localhost:5173"
scheduler_jobs:
due_job: 30m

View File

@ -109,7 +109,8 @@ func newServer(lc fx.Lifecycle, cfg *config.Config, db *gorm.DB, notifier *notif
WriteTimeout: cfg.Server.WriteTimeout,
}
config := cors.DefaultConfig()
config.AllowAllOrigins = true
config.AllowAllOrigins = !cfg.IsDoneTickDotCom
config.AllowOrigins = cfg.Server.CorsAllowOrigins
config.AllowCredentials = true
config.AddAllowHeaders("Authorization", "secretkey")
r.Use(cors.New(config))