From e78df8a9f1dd5cd132d70f006076178db7208073 Mon Sep 17 00:00:00 2001 From: dev4 Date: Thu, 18 Sep 2025 15:11:09 +0000 Subject: [PATCH] ci: docker_tag=ext feat: CORS dynamique + vars exemple --- .env.exemple | 11 +++++++---- lecoffre-front.code-workspace | 7 +++++++ src/config/index.ts | 20 ++++++++++++++++++-- 3 files changed, 32 insertions(+), 6 deletions(-) diff --git a/.env.exemple b/.env.exemple index 4bcdc4c..547f36b 100644 --- a/.env.exemple +++ b/.env.exemple @@ -44,9 +44,9 @@ NEXT_PUBLIC_DEFAULT_STORAGE_URLS=https://dev4.4nkweb.com/storage # WS # RELAY_URLS=wss://demo.4nkweb.com/ws RELAY_URLS=wss://dev4.4nkweb.com/ws -# SIGNER_WS_URL=https://dev4.4nkweb.com/signer/ -SIGNER_WS_URL=https://dev3.4nkweb.com/signer/ -SIGNER_BASE_URL=https://dev3.4nkweb.com/signer/ +# SIGNER_WS_URL=ws://dev4.4nkweb.com/signer/ +SIGNER_WS_URL=ws://dev3.4nkweb.com/signer/ +SIGNER_BASE_URL=https://dev3.4nkweb.com # IHM URLS # VITE_BOOTSTRAPURL=http://sdk_relay:8090/ @@ -56,6 +56,9 @@ VITE_BOOTSTRAPURL=https://dev4.4nkweb.com/ws/ SUCCES='4242 4242 4242 4242' DECLINED='4000 0025 0000 3155' +ENABLE_SUBSCRIPTION_STUB=true +CORS_ALLOWED_ORIGINS=http://local.4nkweb.com:3000,https://dev4.4nkweb.com + # ================================= /!\ sensible ======================== # Configuration IDNOT @@ -86,4 +89,4 @@ STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID= STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID= STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID= -SIGNER_API_KEY= \ No newline at end of file +SIGNER_API_KEY=your-api-key-change-this \ No newline at end of file diff --git a/lecoffre-front.code-workspace b/lecoffre-front.code-workspace index f800291..8d437dd 100644 --- a/lecoffre-front.code-workspace +++ b/lecoffre-front.code-workspace @@ -1,13 +1,20 @@ { "folders": [ { + "name": "lecoffre-front", "path": "../lecoffre-front" }, { + "name": "lecoffre-back-mini", "path": "." }, { + "name": "ihm_client", "path": "../ihm_client" + }, + { + "name": "lecoffre_node", + "path": "../lecoffre_node" } ], "settings": { diff --git a/src/config/index.ts b/src/config/index.ts index 214b871..d51b754 100644 --- a/src/config/index.ts +++ b/src/config/index.ts @@ -6,9 +6,25 @@ export const config = { port: process.env.PORT || 8080, defaultStorage: process.env.DEFAULT_STORAGE || 'https://dev3.4nkweb.com/storage', appHost: process.env.APP_HOST || 'http://localhost:3000', - + + // CORS dynamique: autorise une liste d'origines connues cors: { - origin: 'http://localhost:3000', + origin: (origin: string | undefined, callback: (err: Error | null, allow?: boolean) => void) => { + const defaultAllowed = ['http://localhost:3000', 'http://local.4nkweb.com:3000', 'https://dev4.4nkweb.com']; + const envAllowed = (process.env.CORS_ALLOWED_ORIGINS || '') + .split(',') + .map((s) => s.trim()) + .filter((s) => s.length > 0); + const allowedOrigins = envAllowed.length > 0 ? envAllowed : defaultAllowed; + + if (!origin) { + return callback(null, true); + } + if (allowedOrigins.includes(origin)) { + return callback(null, true); + } + return callback(new Error(`CORS origin not allowed: ${origin}`)); + }, methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], allowedHeaders: ['Content-Type', 'x-session-id', 'Authorization'], credentials: true