feat(cors): whitelisting is configurable through .env variables

2026-01-03 21:10:05 +00:00 · 2022-03-21 17:36:42 +05:00
parent b0fb858c49
commit 99f91fbce2
2 changed files with 8 additions and 7 deletions
--- a/api/src/app.ts
+++ b/api/src/app.ts
@@ -16,13 +16,14 @@ dotenv.config()

 const app = express()

-const { MODE, CORS, PORT_WEB } = process.env
-const whiteList = [
-  `http://localhost:${PORT_WEB ?? 3000}`,
-  'https://sas.analytium.co.uk:8343'
-]
+const { MODE, CORS, WHITELIST } = process.env

 if (MODE?.trim() !== 'server' || CORS?.trim() === 'enable') {
+  const whiteList: string[] = []
+  WHITELIST?.split(' ')?.forEach((url) => {
+    if (url.startsWith('http')) whiteList.push(url)
+  })
+
  console.log('All CORS Requests are enabled')
  app.use(cors({ credentials: true, origin: whiteList }))
 }