Add CORS support

This commit is contained in:
Garrett Mills 2022-11-14 21:59:03 -06:00
parent ac1d221f38
commit ffc057c2c5
7 changed files with 73 additions and 7 deletions

View File

@ -21,6 +21,8 @@ spec:
value: '4' value: '4'
- name: SERVER_FORCE_SSL - name: SERVER_FORCE_SSL
value: 'true' value: 'true'
- name: ENABLE_CORS
value: 'true'
- name: DATABASE_USERNAME - name: DATABASE_USERNAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

View File

@ -9,7 +9,7 @@
}, },
"dependencies": { "dependencies": {
"@atao60/fse-cli": "^0.1.7", "@atao60/fse-cli": "^0.1.7",
"@extollo/lib": "^0.14.8", "@extollo/lib": "^0.14.10",
"@types/node": "^18.11.9", "@types/node": "^18.11.9",
"any-date-parser": "^1.5.3", "any-date-parser": "^1.5.3",
"copyfiles": "^2.4.1", "copyfiles": "^2.4.1",

View File

@ -3,7 +3,7 @@ lockfileVersion: 5.4
specifiers: specifiers:
'@atao60/fse-cli': ^0.1.7 '@atao60/fse-cli': ^0.1.7
'@extollo/cc': ^0.6.0 '@extollo/cc': ^0.6.0
'@extollo/lib': ^0.14.8 '@extollo/lib': ^0.14.10
'@types/node': ^18.11.9 '@types/node': ^18.11.9
any-date-parser: ^1.5.3 any-date-parser: ^1.5.3
copyfiles: ^2.4.1 copyfiles: ^2.4.1
@ -19,7 +19,7 @@ specifiers:
dependencies: dependencies:
'@atao60/fse-cli': 0.1.7 '@atao60/fse-cli': 0.1.7
'@extollo/lib': 0.14.8 '@extollo/lib': 0.14.10
'@types/node': 18.11.9 '@types/node': 18.11.9
any-date-parser: 1.5.3 any-date-parser: 1.5.3
copyfiles: 2.4.1 copyfiles: 2.4.1
@ -126,8 +126,8 @@ packages:
- supports-color - supports-color
dev: true dev: true
/@extollo/lib/0.14.8: /@extollo/lib/0.14.10:
resolution: {integrity: sha512-W98WJd8GIcLfQlqfqlsy0WkHWuHYEV929oEMktjP1Mf66n31Vu9S13Pds3wki3/CKVQ4wdOm4OEZstWAy+cHQA==} resolution: {integrity: sha512-lAQxRRR7Dn7oIV3lDlKs0f6tRkhFGkFBjylfo+kcfHIxEzItnyvg3XNJtZ/xGiQuERnF0eMO+Cd5YsT0zeDouQ==}
dependencies: dependencies:
'@atao60/fse-cli': 0.1.7 '@atao60/fse-cli': 0.1.7
'@extollo/ui': 0.1.0_@types+node@14.18.33 '@extollo/ui': 0.1.0_@types+node@14.18.33

View File

@ -0,0 +1,12 @@
import {env, HTTPMethod} from '@extollo/lib'
export default {
enable: env('ENABLE_CORS', false),
allow: {
origins: [
'https://garrettmills.dev',
'https://glmdev.tech',
] as string[],
methods: ['post', 'get', 'options'] as HTTPMethod[],
},
}

View File

@ -8,6 +8,7 @@ import {
CacheQueue, CacheQueue,
BusConnectorConfig, QueueConfig, SyncQueue BusConnectorConfig, QueueConfig, SyncQueue
} from '@extollo/lib' } from '@extollo/lib'
import {CORS} from '../http/middlewares/CORS.middleware'
export default { export default {
debug: env('DEBUG_MODE', false), debug: env('DEBUG_MODE', false),
@ -61,7 +62,7 @@ export default {
middleware: { middleware: {
global: { global: {
pre: [], pre: [CORS],
}, },
}, },
} }

View File

@ -0,0 +1,48 @@
import {Middleware, Injectable, Inject, Config, HTTPMethod, Response, HTTPStatus, http, Logging} from '@extollo/lib'
/**
* CORS Middleware
* --------------------------------------------
* Put some description here.
*/
@Injectable()
export class CORS extends Middleware {
@Inject()
protected readonly config!: Config
@Inject()
protected readonly logging!: Logging
public async apply() {
this.logging.debug('CORS Middleware')
if ( !this.config.get('cors.enable', false) ) {
this.logging.debug('Will not send CORS headers: CORS is disabled.')
return
}
const response: Response = this.request.response
response.setHeader('Access-Control-Allow-Headers', '*')
if ( this.config.get('server.debug', false) ) {
response.setHeader('Access-Control-Allow-Origin', '*')
response.setHeader('Access-Control-Allow-Methods', '*')
if ( this.request.method === 'options' ) {
return http(HTTPStatus.NO_CONTENT)
}
return
}
const origins = this.config.get('cors.allow.origins', []) as string[]
response.setHeader('Access-Control-Allow-Origin', origins.join(','))
const methods = this.config.get('cors.allow.methods') as HTTPMethod[]
response.setHeader('Access-Control-Allow-Methods', methods.map(x => x.toUpperCase()).join(','))
if ( this.request.method === 'options' ) {
response.setStatus(HTTPStatus.NO_CONTENT)
return ''
}
}
}

View File

@ -1,4 +1,4 @@
import {redirect, Route, SessionAuthMiddleware} from '@extollo/lib' import {redirect, Route, SessionAuthMiddleware, api} from '@extollo/lib'
import {Home} from '../controllers/Home.controller' import {Home} from '../controllers/Home.controller'
import {PageView} from '../middlewares/PageView.middleware' import {PageView} from '../middlewares/PageView.middleware'
import {Snippets} from '../controllers/Snippets.controller' import {Snippets} from '../controllers/Snippets.controller'
@ -9,6 +9,9 @@ import {LoadFeedPosts} from '../middlewares/parameters/LoadFeedPosts.middleware'
import {ValidContactForm} from '../middlewares/parameters/ValidContactForm.middleware' import {ValidContactForm} from '../middlewares/parameters/ValidContactForm.middleware'
import {RateLimit} from '../middlewares/RateLimit.middleware' import {RateLimit} from '../middlewares/RateLimit.middleware'
Route.endpoint('options', '**')
.handledBy(() => api.one({}))
Route Route
.group('/', () => { .group('/', () => {
Route.get('/') Route.get('/')