diff --git a/README.md b/README.md index eeaf75b..b5764c3 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ SASjs Server is available in two modes - Desktop (without authentication) and Se ## Installation -Installation can be made programmatically using command line, or by manually downloading and running the executable. +Installation can be made programmatically using command line, or by manually downloading and running the executable. ### Programmatic @@ -48,16 +48,32 @@ When launching the app, it will make use of specific environment variables. Thes Example contents of a `.env` file: ``` -MODE=desktop # options: [desktop|server] default: desktop -CORS=disable # options: [disable|enable] default: disable +MODE=desktop # options: [desktop|server] default: `desktop` +CORS=disable # options: [disable|enable] default: `disable` for `server` & `enable` for `desktop` +WHITELIST= # options: space separated urls PROTOCOL=http # options: [http|https] default: http PORT=5000 # default: 5000 -PORT_WEB=3000 # port for sasjs web component(react). default: 3000 + +# optional +# for MODE: `desktop`, prompts user +# for MODE: `server` gets value from api/package.json `configuration.sasPath` SAS_PATH=/path/to/sas/executable.exe + + +# optional +# for MODE: `desktop`, prompts user +# for MODE: `server` defaults to /tmp DRIVE_PATH=/tmp -PROTOCOL=http # options: [http|https] default: http + +# ENV variables required for PROTOCOL: `https` PRIVATE_KEY=privkey.pem FULL_CHAIN=fullchain.pem + +# ENV variables required for MODE: `server` +ACCESS_TOKEN_SECRET= +REFRESH_TOKEN_SECRET= +AUTH_CODE_SECRET= +DB_CONNECT=mongodb+srv://:@/?retryWrites=true&w=majority ``` ## Persisting the Session @@ -94,11 +110,10 @@ Instead of `app_name` you can pass: - `all` to act on all processes - `id` to act on a specific process id - ## Server Version -The following credentials can be used for the initial connection to SASjs/server. It is recommended to change these on first use. +The following credentials can be used for the initial connection to SASjs/server. It is recommended to change these on first use. -* CLIENTID: `clientID1` -* USERNAME: `secretuser` -* PASSWORD: `secretpassword` +- CLIENTID: `clientID1` +- USERNAME: `secretuser` +- PASSWORD: `secretpassword` diff --git a/api/.env.example b/api/.env.example index c808872..f36cf34 100644 --- a/api/.env.example +++ b/api/.env.example @@ -1,10 +1,10 @@ MODE=[desktop|server] default considered as desktop -CORS=[disable|enable] default considered as disable +CORS=[disable|enable] default considered as disable for server MODE & enable for desktop MODE +WHITELIST= PROTOCOL=[http|https] default considered as http PRIVATE_KEY=privkey.pem FULL_CHAIN=fullchain.pem PORT=[5000] default value is 5000 -PORT_WEB=[port for sasjs web component(react)] default value is 3000 ACCESS_TOKEN_SECRET= REFRESH_TOKEN_SECRET= AUTH_CODE_SECRET= diff --git a/api/src/app.ts b/api/src/app.ts index cc8bff2..35dfa9b 100644 --- a/api/src/app.ts +++ b/api/src/app.ts @@ -16,14 +16,17 @@ dotenv.config() const app = express() -const { MODE, CORS, PORT_WEB } = process.env -const whiteList = [ - `http://localhost:${PORT_WEB ?? 3000}`, - 'https://sas.analytium.co.uk:8343' -] +const { MODE, CORS, WHITELIST } = process.env if (MODE?.trim() !== 'server' || CORS?.trim() === 'enable') { - console.log('All CORS Requests are enabled') + const whiteList: string[] = [] + WHITELIST?.split(' ')?.forEach((url) => { + if (url.startsWith('http')) + // removing trailing slash of URLs listing for CORS + whiteList.push(url.replace(/\/$/, '')) + }) + + console.log('All CORS Requests are enabled for:', whiteList) app.use(cors({ credentials: true, origin: whiteList })) }