feat: cors setup

konecty · Nov 13, 2023 · c03da47 · c03da47
1 parent f156207
commit c03da47
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 2 deletions.
diff --git a/package.json b/package.json
@@ -20,6 +20,7 @@
 		"@aws-sdk/client-s3": "^3.431.0",
 		"@babel/runtime": "^7.23.1",
 		"@fastify/cookie": "^9.1.0",
+		"@fastify/cors": "^8.4.1",
 		"@fastify/formbody": "^7.4.0",
 		"@fastify/multipart": "^8.0.0",
 		"@types/ua-parser-js": "^0.7.38",

diff --git a/src/server/routes/index.ts b/src/server/routes/index.ts
@@ -22,13 +22,13 @@ import menuApi from './rest/menu/menu';
 import processApi from './rest/process/processApi';
 import rocketchatApi from './rest/rocketchat/livechat';
 import viewPaths from './rest/view/view';
-
+import cors, { FastifyCorsOptions } from '@fastify/cors';
 import healthApi from './rest/health';
 
 const PORT = parseInt(process.env.PORT ?? '3000', 10);
 const HOST = process.env.HOST ?? '0.0.0.0';
 
-export const fastify = Fastify({
+const fastify = Fastify({
 	logger,
 });
 
@@ -37,6 +37,8 @@ fastify.register(cookie, {
 	parseOptions: {} as FastifyCookieOptions,
 } as FastifyCookieOptions);
 
+fastify.register(cors, getCorsConfig());
+
 fastify.register(documentApi);
 fastify.register(formApi);
 fastify.register(listViewApi);
@@ -69,3 +71,26 @@ export async function serverStart() {
 		process.exit(1);
 	}
 }
+
+function getCorsConfig() {
+	const ALLOWED_ORIGINS = (process.env.ALLOWED_ORIGINS || '').split('|');
+	const corsOptions: FastifyCorsOptions = {
+		origin: function (origin, callback) {
+			if (origin) {
+				if (ALLOWED_ORIGINS.indexOf(origin) !== -1) {
+					callback(null, true);
+				} else {
+					logger.error(`${origin} Not allowed by CORS`);
+					callback(new Error(`Not allowed by CORS`), false);
+				}
+			} else {
+				callback(null, true);
+			}
+		},
+		allowedHeaders: ['Content-Type', 'Authorization', 'Cookie'],
+		credentials: true,
+		optionsSuccessStatus: 200, // some legacy browsers (IE11, various SmartTVs) choke on 204
+	};
+
+	return corsOptions;
+}
diff --git a/yarn.lock b/yarn.lock
@@ -1867,6 +1867,14 @@
     cookie "^0.5.0"
     fastify-plugin "^4.0.0"
 
+"@fastify/cors@^8.4.1":
+  version "8.4.1"
+  resolved "https://registry.yarnpkg.com/@fastify/cors/-/cors-8.4.1.tgz#bd8fece8e175a20059a4c6552f0e7de9e94eafa0"
+  integrity sha512-iYQJtrY3pFiDS5mo5zRaudzg2OcUdJ96PD6xfkKOOEilly5nnrFZx/W6Sce2T79xxlEn2qpU3t5+qS2phS369w==
+  dependencies:
+    fastify-plugin "^4.0.0"
+    mnemonist "0.39.5"
+
 "@fastify/deepmerge@^1.0.0":
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/@fastify/deepmerge/-/deepmerge-1.3.0.tgz#8116858108f0c7d9fd460d05a7d637a13fe3239a"
@@ -7437,6 +7445,13 @@ mmmagic@^0.5.3:
   dependencies:
     nan "^2.13.2"
 
+[email protected]:
+  version "0.39.5"
+  resolved "https://registry.yarnpkg.com/mnemonist/-/mnemonist-0.39.5.tgz#5850d9b30d1b2bc57cc8787e5caa40f6c3420477"
+  integrity sha512-FPUtkhtJ0efmEFGpU14x7jGbTB+s18LrzRL2KgoWz9YvcY3cPomz8tih01GbHwnGk/OmkOKfqd/RAQoc8Lm7DQ==
+  dependencies:
+    obliterator "^2.0.1"
+
 module-alias@^2.2.3:
   version "2.2.3"
   resolved "https://registry.yarnpkg.com/module-alias/-/module-alias-2.2.3.tgz#ec2e85c68973bda6ab71ce7c93b763ec96053221"
@@ -7789,6 +7804,11 @@ object.values@^1.1.6:
     define-properties "^1.2.0"
     es-abstract "^1.22.1"
 
+obliterator@^2.0.1:
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/obliterator/-/obliterator-2.0.4.tgz#fa650e019b2d075d745e44f1effeb13a2adbe816"
+  integrity sha512-lgHwxlxV1qIg1Eap7LgIeoBWIMFibOjbrYPIPJZcI1mmGAI2m3lNYpK12Y+GBdPQ0U1hRwSord7GIaawz962qQ==
+
 on-exit-leak-free@^2.1.0:
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/on-exit-leak-free/-/on-exit-leak-free-2.1.2.tgz#fed195c9ebddb7d9e4c3842f93f281ac8dadd3b8"