From c03da477fbbd3c81a005a03479c101f947978b50 Mon Sep 17 00:00:00 2001 From: Cadu Gomes Date: Mon, 13 Nov 2023 15:01:41 -0300 Subject: [PATCH] feat: cors setup --- package.json | 1 + src/server/routes/index.ts | 29 +++++++++++++++++++++++++++-- yarn.lock | 20 ++++++++++++++++++++ 3 files changed, 48 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 27568f14..578fc96f 100644 --- a/package.json +++ b/package.json @@ -20,6 +20,7 @@ "@aws-sdk/client-s3": "^3.431.0", "@babel/runtime": "^7.23.1", "@fastify/cookie": "^9.1.0", + "@fastify/cors": "^8.4.1", "@fastify/formbody": "^7.4.0", "@fastify/multipart": "^8.0.0", "@types/ua-parser-js": "^0.7.38", diff --git a/src/server/routes/index.ts b/src/server/routes/index.ts index 67e5b8bd..119aee1d 100644 --- a/src/server/routes/index.ts +++ b/src/server/routes/index.ts @@ -22,13 +22,13 @@ import menuApi from './rest/menu/menu'; import processApi from './rest/process/processApi'; import rocketchatApi from './rest/rocketchat/livechat'; import viewPaths from './rest/view/view'; - +import cors, { FastifyCorsOptions } from '@fastify/cors'; import healthApi from './rest/health'; const PORT = parseInt(process.env.PORT ?? '3000', 10); const HOST = process.env.HOST ?? '0.0.0.0'; -export const fastify = Fastify({ +const fastify = Fastify({ logger, }); @@ -37,6 +37,8 @@ fastify.register(cookie, { parseOptions: {} as FastifyCookieOptions, } as FastifyCookieOptions); +fastify.register(cors, getCorsConfig()); + fastify.register(documentApi); fastify.register(formApi); fastify.register(listViewApi); @@ -69,3 +71,26 @@ export async function serverStart() { process.exit(1); } } + +function getCorsConfig() { + const ALLOWED_ORIGINS = (process.env.ALLOWED_ORIGINS || '').split('|'); + const corsOptions: FastifyCorsOptions = { + origin: function (origin, callback) { + if (origin) { + if (ALLOWED_ORIGINS.indexOf(origin) !== -1) { + callback(null, true); + } else { + logger.error(`${origin} Not allowed by CORS`); + callback(new Error(`Not allowed by CORS`), false); + } + } else { + callback(null, true); + } + }, + allowedHeaders: ['Content-Type', 'Authorization', 'Cookie'], + credentials: true, + optionsSuccessStatus: 200, // some legacy browsers (IE11, various SmartTVs) choke on 204 + }; + + return corsOptions; +} diff --git a/yarn.lock b/yarn.lock index e63302a5..212f06c3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1867,6 +1867,14 @@ cookie "^0.5.0" fastify-plugin "^4.0.0" +"@fastify/cors@^8.4.1": + version "8.4.1" + resolved "https://registry.yarnpkg.com/@fastify/cors/-/cors-8.4.1.tgz#bd8fece8e175a20059a4c6552f0e7de9e94eafa0" + integrity sha512-iYQJtrY3pFiDS5mo5zRaudzg2OcUdJ96PD6xfkKOOEilly5nnrFZx/W6Sce2T79xxlEn2qpU3t5+qS2phS369w== + dependencies: + fastify-plugin "^4.0.0" + mnemonist "0.39.5" + "@fastify/deepmerge@^1.0.0": version "1.3.0" resolved "https://registry.yarnpkg.com/@fastify/deepmerge/-/deepmerge-1.3.0.tgz#8116858108f0c7d9fd460d05a7d637a13fe3239a" @@ -7437,6 +7445,13 @@ mmmagic@^0.5.3: dependencies: nan "^2.13.2" +mnemonist@0.39.5: + version "0.39.5" + resolved "https://registry.yarnpkg.com/mnemonist/-/mnemonist-0.39.5.tgz#5850d9b30d1b2bc57cc8787e5caa40f6c3420477" + integrity sha512-FPUtkhtJ0efmEFGpU14x7jGbTB+s18LrzRL2KgoWz9YvcY3cPomz8tih01GbHwnGk/OmkOKfqd/RAQoc8Lm7DQ== + dependencies: + obliterator "^2.0.1" + module-alias@^2.2.3: version "2.2.3" resolved "https://registry.yarnpkg.com/module-alias/-/module-alias-2.2.3.tgz#ec2e85c68973bda6ab71ce7c93b763ec96053221" @@ -7789,6 +7804,11 @@ object.values@^1.1.6: define-properties "^1.2.0" es-abstract "^1.22.1" +obliterator@^2.0.1: + version "2.0.4" + resolved "https://registry.yarnpkg.com/obliterator/-/obliterator-2.0.4.tgz#fa650e019b2d075d745e44f1effeb13a2adbe816" + integrity sha512-lgHwxlxV1qIg1Eap7LgIeoBWIMFibOjbrYPIPJZcI1mmGAI2m3lNYpK12Y+GBdPQ0U1hRwSord7GIaawz962qQ== + on-exit-leak-free@^2.1.0: version "2.1.2" resolved "https://registry.yarnpkg.com/on-exit-leak-free/-/on-exit-leak-free-2.1.2.tgz#fed195c9ebddb7d9e4c3842f93f281ac8dadd3b8"