krgamestudios/news-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tweak cors handling

Browse Source
This commit is contained in:
Kayne Ruse
2022-07-26 13:39:04 +01:00
parent 3b4ac12582
commit 76fa0649f2
6 changed files with 24 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/news/index.js
+17 -8
View File
@@ -1,5 +1,6 @@
const express = require('express');
const router = express.Router();
const cors = require('cors'); //route-by-route, because some routes are available without authentication
//middleware
const authToken = require('../utilities/token-auth');
@@ -11,17 +12,25 @@ const edit = require('./edit');
const remove = require('./remove');
//basic route management (all query possibilities)
router.get('/', query(false, false));
router.get('/:id(\\d+)', query(false, false));
router.get('/archive', query(true, false));
router.get('/archive/:id(\\d+)', query(true, false));
router.get('/metadata', query(false, true));
router.get('/metadata/:id(\\d+)', query(false, true));
router.get('/archive/metadata', query(true, true));
router.get('/archive/metadata/:id(\\d+)', query(true, true));
router.get('/', cors(), query(false, false));
router.get('/:id(\\d+)', cors(), query(false, false));
router.get('/archive', cors(), query(true, false));
router.get('/archive/:id(\\d+)', cors(), query(true, false));
router.get('/metadata', cors(), query(false, true));
router.get('/metadata/:id(\\d+)', cors(), query(false, true));
router.get('/archive/metadata', cors(), query(true, true));
router.get('/archive/metadata/:id(\\d+)', cors(), query(true, true));
//use middleware to authenticate the rest of the routes
router.use(cors({
credentials: true,
origin: [`${process.env.WEB_ORIGIN}`], //because auth-server
allowedHeaders: ['Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Authorization', 'Set-Cookie'],
exposedHeaders: ['Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Authorization', 'Set-Cookie'],
}));
router.use(authToken);
router.use((req, res, next) => {
if (req.user.mod) {
next();
server/server.js
-2
View File
@@ -5,11 +5,9 @@ require('dotenv').config();
const express = require('express');
const app = express();
const server = require('http').Server(app);
const cors = require('cors');
//config
app.use(express.json());
app.use(cors());
//database connection
const database = require('./database');