inserito cors.ts e variabili forzate in docker-compose.yml per auth-url e auth-trust
All checks were successful
Deploy to VPS / build (push) Successful in 17s
Deploy to VPS / deploy (push) Successful in 11s

This commit is contained in:
AV77web 2026-06-09 13:21:03 +02:00
parent 33941a23dc
commit 03c29072ac
5 changed files with 32 additions and 37 deletions

20
dist/index.js vendored
View file

@ -1,8 +1,8 @@
import { ExpressAuth } from "@auth/express";
import cors from "cors";
import dotenv from "dotenv";
import express from "express";
import { authConfig } from "./auth/config.js";
import { corsMiddleware } from "./config/cors.js";
import { errorHandler } from "./middleware/errorHandler.js";
import categorieRouter from "./routes/categorie.js";
import rimborsiRouter from "./routes/rimborsi.js";
@ -12,23 +12,9 @@ dotenv.config();
const app = express();
const port = Number(process.env.PORT) || 3003;
app.set("trust proxy", 1);
const allowedOrigins = [
"http://localhost:5173",
"http://127.0.0.1:5173",
process.env.FRONTEND_URL,
].filter(Boolean);
app.use(cors({
origin(origin, callback) {
if (!origin || allowedOrigins.includes(origin)) {
callback(null, true);
}
else {
callback(new Error("Origin non consentita"));
}
},
credentials: true,
}));
app.use(corsMiddleware);
app.use(express.json());
app.options(/.*/, corsMiddleware);
app.get("/api/health", (_req, res) => {
res.json({ status: "ok" });
});

2
dist/index.js.map vendored
View file

@ -1 +1 @@
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,eAAe,MAAM,uBAAuB,CAAC;AACpD,OAAO,cAAc,MAAM,sBAAsB,CAAC;AAClD,OAAO,iBAAiB,MAAM,yBAAyB,CAAC;AACxD,OAAO,YAAY,MAAM,oBAAoB,CAAC;AAE9C,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;AACtB,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;AAE9C,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;AAC1B,MAAM,cAAc,GAAG;IACrB,uBAAuB;IACvB,uBAAuB;IACvB,OAAO,CAAC,GAAG,CAAC,YAAY;CACzB,CAAC,MAAM,CAAC,OAAO,CAAa,CAAC;AAE9B,GAAG,CAAC,GAAG,CACL,IAAI,CAAC;IACH,MAAM,CAAC,MAAM,EAAE,QAAQ;QACrB,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC/C,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC;IACD,WAAW,EAAE,IAAI;CAClB,CAAC,CACH,CAAC;AACF,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;AAExB,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACnC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAC7B,CAAC,CAAC,CAAC;AAEH,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC;AAChD,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;AACrC,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,eAAe,CAAC,CAAC;AACjD,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC;AACzC,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;AAE/C,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;AAEtB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,EAAE;IAC/B,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,EAAE,CAAC,CAAC;AACxD,CAAC,CAAC,CAAC"}
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,eAAe,MAAM,uBAAuB,CAAC;AACpD,OAAO,cAAc,MAAM,sBAAsB,CAAC;AAClD,OAAO,iBAAiB,MAAM,yBAAyB,CAAC;AACxD,OAAO,YAAY,MAAM,oBAAoB,CAAC;AAE9C,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;AACtB,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;AAE9C,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;AAC1B,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;AACxB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;AACxB,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;AAElC,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACnC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAC7B,CAAC,CAAC,CAAC;AAEH,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC;AAChD,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;AACrC,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,eAAe,CAAC,CAAC;AACjD,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC;AACzC,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;AAE/C,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;AAEtB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,EAAE;IAC/B,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,EAAE,CAAC,CAAC;AACxD,CAAC,CAAC,CAAC"}

View file

@ -11,6 +11,9 @@ services:
DB_HOST: mysql
DB_PORT: 3306
PORT: 3003
FRONTEND_URL: https://provapraticafrontend.andreavillari.it
AUTH_URL: https://provapraticabackend.andreavillari.it
AUTH_TRUST_HOST: "true"
ports:
- "127.0.0.1:3003:3003"
depends_on:

22
src/config/cors.ts Normal file
View file

@ -0,0 +1,22 @@
import cors from "cors";
const allowedOrigins = [
"http://localhost:5173",
"http://127.0.0.1:5173",
"https://provapraticafrontend.andreavillari.it",
process.env.FRONTEND_URL,
].filter(Boolean) as string[];
export const corsMiddleware = cors({
origin(origin, callback) {
if (!origin || allowedOrigins.includes(origin)) {
callback(null, true);
return;
}
console.warn(`CORS: origin non consentita: ${origin}`);
callback(null, false);
},
credentials: true,
methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
allowedHeaders: ["Content-Type", "Authorization", "Cookie", "X-Requested-With"],
});

View file

@ -1,8 +1,8 @@
import { ExpressAuth } from "@auth/express";
import cors from "cors";
import dotenv from "dotenv";
import express from "express";
import { authConfig } from "./auth/config.js";
import { corsMiddleware } from "./config/cors.js";
import { errorHandler } from "./middleware/errorHandler.js";
import categorieRouter from "./routes/categorie.js";
import rimborsiRouter from "./routes/rimborsi.js";
@ -15,25 +15,9 @@ const app = express();
const port = Number(process.env.PORT) || 3003;
app.set("trust proxy", 1);
const allowedOrigins = [
"http://localhost:5173",
"http://127.0.0.1:5173",
process.env.FRONTEND_URL,
].filter(Boolean) as string[];
app.use(
cors({
origin(origin, callback) {
if (!origin || allowedOrigins.includes(origin)) {
callback(null, true);
} else {
callback(new Error("Origin non consentita"));
}
},
credentials: true,
})
);
app.use(corsMiddleware);
app.use(express.json());
app.options(/.*/, corsMiddleware);
app.get("/api/health", (_req, res) => {
res.json({ status: "ok" });