🔧 chore (finance): Enabled CORS for API endpoints

aryanprince · Feb 9, 2024 · 792e040 · 792e040
1 parent 2c03207
commit 792e040
Showing 1 changed file with 30 additions and 1 deletion.
diff --git a/apps/finance/next.config.js b/apps/finance/next.config.js
@@ -5,6 +5,35 @@
 await import("./src/env.js");
 
 /** @type {import("next").NextConfig} */
-const config = {};
+const config = {
+  async headers() {
+    return [
+      {
+        // Routes this applies to
+        source: "/api/(.*)",
+        // Headers
+        headers: [
+          // Allow for specific domains to have access or * for all
+          {
+            key: "Access-Control-Allow-Origin",
+            value: "*",
+            // DOES NOT WORK
+            // value: process.env.ALLOWED_ORIGIN,
+          },
+          // Allows for specific methods accepted
+          {
+            key: "Access-Control-Allow-Methods",
+            value: "GET, POST, PUT, DELETE, OPTIONS",
+          },
+          // Allows for specific headers accepted (These are a few standard ones)
+          {
+            key: "Access-Control-Allow-Headers",
+            value: "Content-Type, Authorization",
+          },
+        ],
+      },
+    ];
+  },
+};
 
 export default config;