inserito cors.ts e variabili forzate in docker-compose.yml per auth-url e auth-trust
This commit is contained in:
parent
33941a23dc
commit
03c29072ac
5 changed files with 32 additions and 37 deletions
20
dist/index.js
vendored
20
dist/index.js
vendored
|
|
@ -1,8 +1,8 @@
|
||||||
import { ExpressAuth } from "@auth/express";
|
import { ExpressAuth } from "@auth/express";
|
||||||
import cors from "cors";
|
|
||||||
import dotenv from "dotenv";
|
import dotenv from "dotenv";
|
||||||
import express from "express";
|
import express from "express";
|
||||||
import { authConfig } from "./auth/config.js";
|
import { authConfig } from "./auth/config.js";
|
||||||
|
import { corsMiddleware } from "./config/cors.js";
|
||||||
import { errorHandler } from "./middleware/errorHandler.js";
|
import { errorHandler } from "./middleware/errorHandler.js";
|
||||||
import categorieRouter from "./routes/categorie.js";
|
import categorieRouter from "./routes/categorie.js";
|
||||||
import rimborsiRouter from "./routes/rimborsi.js";
|
import rimborsiRouter from "./routes/rimborsi.js";
|
||||||
|
|
@ -12,23 +12,9 @@ dotenv.config();
|
||||||
const app = express();
|
const app = express();
|
||||||
const port = Number(process.env.PORT) || 3003;
|
const port = Number(process.env.PORT) || 3003;
|
||||||
app.set("trust proxy", 1);
|
app.set("trust proxy", 1);
|
||||||
const allowedOrigins = [
|
app.use(corsMiddleware);
|
||||||
"http://localhost:5173",
|
|
||||||
"http://127.0.0.1:5173",
|
|
||||||
process.env.FRONTEND_URL,
|
|
||||||
].filter(Boolean);
|
|
||||||
app.use(cors({
|
|
||||||
origin(origin, callback) {
|
|
||||||
if (!origin || allowedOrigins.includes(origin)) {
|
|
||||||
callback(null, true);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
callback(new Error("Origin non consentita"));
|
|
||||||
}
|
|
||||||
},
|
|
||||||
credentials: true,
|
|
||||||
}));
|
|
||||||
app.use(express.json());
|
app.use(express.json());
|
||||||
|
app.options(/.*/, corsMiddleware);
|
||||||
app.get("/api/health", (_req, res) => {
|
app.get("/api/health", (_req, res) => {
|
||||||
res.json({ status: "ok" });
|
res.json({ status: "ok" });
|
||||||
});
|
});
|
||||||
|
|
|
||||||
2
dist/index.js.map
vendored
2
dist/index.js.map
vendored
|
|
@ -1 +1 @@
|
||||||
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,eAAe,MAAM,uBAAuB,CAAC;AACpD,OAAO,cAAc,MAAM,sBAAsB,CAAC;AAClD,OAAO,iBAAiB,MAAM,yBAAyB,CAAC;AACxD,OAAO,YAAY,MAAM,oBAAoB,CAAC;AAE9C,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;AACtB,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;AAE9C,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;AAC1B,MAAM,cAAc,GAAG;IACrB,uBAAuB;IACvB,uBAAuB;IACvB,OAAO,CAAC,GAAG,CAAC,YAAY;CACzB,CAAC,MAAM,CAAC,OAAO,CAAa,CAAC;AAE9B,GAAG,CAAC,GAAG,CACL,IAAI,CAAC;IACH,MAAM,CAAC,MAAM,EAAE,QAAQ;QACrB,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC/C,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC;IACD,WAAW,EAAE,IAAI;CAClB,CAAC,CACH,CAAC;AACF,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;AAExB,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACnC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAC7B,CAAC,CAAC,CAAC;AAEH,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC;AAChD,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;AACrC,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,eAAe,CAAC,CAAC;AACjD,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC;AACzC,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;AAE/C,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;AAEtB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,EAAE;IAC/B,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,EAAE,CAAC,CAAC;AACxD,CAAC,CAAC,CAAC"}
|
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,eAAe,MAAM,uBAAuB,CAAC;AACpD,OAAO,cAAc,MAAM,sBAAsB,CAAC;AAClD,OAAO,iBAAiB,MAAM,yBAAyB,CAAC;AACxD,OAAO,YAAY,MAAM,oBAAoB,CAAC;AAE9C,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;AACtB,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;AAE9C,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;AAC1B,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;AACxB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;AACxB,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;AAElC,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACnC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAC7B,CAAC,CAAC,CAAC;AAEH,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC;AAChD,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;AACrC,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,eAAe,CAAC,CAAC;AACjD,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC;AACzC,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;AAE/C,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;AAEtB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,EAAE;IAC/B,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,EAAE,CAAC,CAAC;AACxD,CAAC,CAAC,CAAC"}
|
||||||
|
|
@ -11,6 +11,9 @@ services:
|
||||||
DB_HOST: mysql
|
DB_HOST: mysql
|
||||||
DB_PORT: 3306
|
DB_PORT: 3306
|
||||||
PORT: 3003
|
PORT: 3003
|
||||||
|
FRONTEND_URL: https://provapraticafrontend.andreavillari.it
|
||||||
|
AUTH_URL: https://provapraticabackend.andreavillari.it
|
||||||
|
AUTH_TRUST_HOST: "true"
|
||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:3003:3003"
|
- "127.0.0.1:3003:3003"
|
||||||
depends_on:
|
depends_on:
|
||||||
|
|
|
||||||
22
src/config/cors.ts
Normal file
22
src/config/cors.ts
Normal file
|
|
@ -0,0 +1,22 @@
|
||||||
|
import cors from "cors";
|
||||||
|
|
||||||
|
const allowedOrigins = [
|
||||||
|
"http://localhost:5173",
|
||||||
|
"http://127.0.0.1:5173",
|
||||||
|
"https://provapraticafrontend.andreavillari.it",
|
||||||
|
process.env.FRONTEND_URL,
|
||||||
|
].filter(Boolean) as string[];
|
||||||
|
|
||||||
|
export const corsMiddleware = cors({
|
||||||
|
origin(origin, callback) {
|
||||||
|
if (!origin || allowedOrigins.includes(origin)) {
|
||||||
|
callback(null, true);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
console.warn(`CORS: origin non consentita: ${origin}`);
|
||||||
|
callback(null, false);
|
||||||
|
},
|
||||||
|
credentials: true,
|
||||||
|
methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
|
||||||
|
allowedHeaders: ["Content-Type", "Authorization", "Cookie", "X-Requested-With"],
|
||||||
|
});
|
||||||
22
src/index.ts
22
src/index.ts
|
|
@ -1,8 +1,8 @@
|
||||||
import { ExpressAuth } from "@auth/express";
|
import { ExpressAuth } from "@auth/express";
|
||||||
import cors from "cors";
|
|
||||||
import dotenv from "dotenv";
|
import dotenv from "dotenv";
|
||||||
import express from "express";
|
import express from "express";
|
||||||
import { authConfig } from "./auth/config.js";
|
import { authConfig } from "./auth/config.js";
|
||||||
|
import { corsMiddleware } from "./config/cors.js";
|
||||||
import { errorHandler } from "./middleware/errorHandler.js";
|
import { errorHandler } from "./middleware/errorHandler.js";
|
||||||
import categorieRouter from "./routes/categorie.js";
|
import categorieRouter from "./routes/categorie.js";
|
||||||
import rimborsiRouter from "./routes/rimborsi.js";
|
import rimborsiRouter from "./routes/rimborsi.js";
|
||||||
|
|
@ -15,25 +15,9 @@ const app = express();
|
||||||
const port = Number(process.env.PORT) || 3003;
|
const port = Number(process.env.PORT) || 3003;
|
||||||
|
|
||||||
app.set("trust proxy", 1);
|
app.set("trust proxy", 1);
|
||||||
const allowedOrigins = [
|
app.use(corsMiddleware);
|
||||||
"http://localhost:5173",
|
|
||||||
"http://127.0.0.1:5173",
|
|
||||||
process.env.FRONTEND_URL,
|
|
||||||
].filter(Boolean) as string[];
|
|
||||||
|
|
||||||
app.use(
|
|
||||||
cors({
|
|
||||||
origin(origin, callback) {
|
|
||||||
if (!origin || allowedOrigins.includes(origin)) {
|
|
||||||
callback(null, true);
|
|
||||||
} else {
|
|
||||||
callback(new Error("Origin non consentita"));
|
|
||||||
}
|
|
||||||
},
|
|
||||||
credentials: true,
|
|
||||||
})
|
|
||||||
);
|
|
||||||
app.use(express.json());
|
app.use(express.json());
|
||||||
|
app.options(/.*/, corsMiddleware);
|
||||||
|
|
||||||
app.get("/api/health", (_req, res) => {
|
app.get("/api/health", (_req, res) => {
|
||||||
res.json({ status: "ok" });
|
res.json({ status: "ok" });
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue