diff options
author | Ricardo <ricardo@cino.io> | 2023-10-13 14:12:03 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-10-13 13:12:03 +0100 |
commit | e503468660a13760010a94ecda5f0625c6f47f87 (patch) | |
tree | fa532f54fc5f091de08d55405ec6339bd2440a02 /config/cors.ts | |
parent | 1.3.16 [skip ci] (diff) | |
download | ferdium-server-e503468660a13760010a94ecda5f0625c6f47f87.tar.gz ferdium-server-e503468660a13760010a94ecda5f0625c6f47f87.tar.zst ferdium-server-e503468660a13760010a94ecda5f0625c6f47f87.zip |
Server re-build with latest AdonisJS framework & Typescript (#47)
* chore: setup first basis structure
* chore: ensure styling is loaded correctly
* chore: comply to new routing syntax by replace . with / in routes/resource locations
* chore: add login controller
* chore: correctly use views with slash instead of dot
* chore: working login + tests
* chore: clean up tests
* chore: add password-forgot endpoint and matching test
* chore: add delete page test
* chore: add logout test
* chore: add reset-password route and tests
* chore: remove obsolete comment
* chore: add account-page and tests
* chore: add data page & first step of the test
* chore: add transfer/import data feature and tests
* chore: add export and basic test
* chore: add all static api routes with tests
* Regenerate 'pnpm-lock.json' and fix bad merge conflict
WIP:
- Tests have been commented out since they dont work
- Server doesn't start
* easier dev and test runs
* - remove --require-pragma from reformat-files so formatting works properly
- run pnpm reformat-files over codebase
- remove .json files from .eslintignore
- add invalid.json file to .eslintignore
- configure prettier properly in eslint config
- add type jsdoc to prettier config
- run adonis generate:manifest command to regenerate ace-manifest.json
- specify volta in package.json
- introduce typecheck npm script
- remove unused .mjs extension from npm scripts
- install missing type definition dependencies
- add pnpm.allowedDeprecatedVersions to package.json
- fix invalid extends in tsconfig.json causing TS issues throughout codebase
- remove @ts-ignore throughout codebase which is not relevant anymore
- enable some of the tsconfig options
- remove outdated eslint-disable from codebase
- change deprecated faker.company.companyName() to faker.company.name()
- fix TS issues inside transfer.spec.ts
* - update to latest node and pnpm versions
- upgrade all non-major dependencies to latest
- install missing @types/luxon dependency
- add cuid to pnpm.allowedDeprecatedVersions
- add esModuleInterop config option to tsconfig
- migrate more deprecated faker methods to new ones
- add more temporary ts-ignore to code
* - update eslint config
- remove trailingComma: all since default in prettier v3
- add typecheck command to prepare-code npm script
- upgrade various dependencies to latest major version
- update tsconfig to include only useful config options
- disable some lint issues and fix others
* - add test command to prepare-code
- disable strictPropertyInitialization flag in tsconfig which creates issues with adonis models
- update precommit hook to excute pnpm prepare-code
- remove ts-ignore statements from all models
* fix node and pnpm dependency update
* add cross env (so that we can develop on windows)
* add signup endpoint (TODO: JWT auth)
* Add login endpoint
* Add me and updateMe endpoints
* Add service endpoint
* refactor: change endpoints to use jwt
* add recipes endpoint
* add workspaces endpoint
* fix web controllors for login and post import
* Update node deps
* Change auth middleware (for web) and exempt api from CSRF
* Add import endpoint (franz import)
* Fix export/import logic
* Fix service and workspace data in user/data
* Fix partial lint
* chore: workaround lint issues
* fix: migration naming had two .
* Sync back node with recipes repo
* Temporarily ignore typescript
* Fix adonisrc to handle public folder static assets
* Fix issue with production database
* add Legacy Password Provider
* Fix lint errors
* Fix issue on login errors frontend
* add Legacy Password Provider
* Fix issue with customIcons
* Fix issue with auth tokens
* Update 'node' to '18.18.0'
* make docker work
* improve docker entrypoint (test api performance)
* Add migration database script
* NODE_ENV on recipes
* prefer @ts-expect-error over @ts-ignore
* small fixes
* Update 'pnpm' to '8.7.6'
* fix error catch
* Automatically generate JWT Public and Private keys
* Use custom Adonis5-jwt
* Update code to use secret (old way, no breaking changes)
* Normalize appKey
* Trick to make JWT tokens on client work with new version
* Fix error with new JWT logic
* Change migration and how we store JWT
* Fix 500 response code (needs to be 401)
* Improve logic and fix bugs
* Fix build and entrypoint logic
* Catch error if appKey changes
* Add newToken logic
* Fix lint (ignore any errors)
* Add build for PRs
* pnpm reformat-files result
* Fix some tests
* Fix reset password not working (test failing)
* Restore csrfTokens (disabled by accident)
* Fix pnpm start command with .env
* Disable failing tests on the transfer endpoint (TODO)
* Add tests to PR build
* Fix build
* Remove unnecessary assertStatus
* Add typecheck
* hash password on UserFactory (fix build)
* Add JWT_USE_PEM true by default (increase security)
* fix name of github action
---------
Co-authored-by: Vijay A <vraravam@users.noreply.github.com>
Co-authored-by: Balaji Vijayakumar <kuttibalaji.v6@gmail.com>
Co-authored-by: MCMXC <16797721+mcmxcdev@users.noreply.github.com>
Co-authored-by: André Oliveira <oliveira.andrerodrigues95@gmail.com>
Diffstat (limited to 'config/cors.ts')
-rw-r--r-- | config/cors.ts | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/config/cors.ts b/config/cors.ts new file mode 100644 index 0000000..dc0e3f6 --- /dev/null +++ b/config/cors.ts | |||
@@ -0,0 +1,134 @@ | |||
1 | /** | ||
2 | * Config source: https://git.io/JfefC | ||
3 | * | ||
4 | * Feel free to let us know via PR, if you find something broken in this config | ||
5 | * file. | ||
6 | */ | ||
7 | |||
8 | import { CorsConfig } from '@ioc:Adonis/Core/Cors'; | ||
9 | |||
10 | const corsConfig: CorsConfig = { | ||
11 | /* | ||
12 | |-------------------------------------------------------------------------- | ||
13 | | Enabled | ||
14 | |-------------------------------------------------------------------------- | ||
15 | | | ||
16 | | A boolean to enable or disable CORS integration from your AdonisJs | ||
17 | | application. | ||
18 | | | ||
19 | | Setting the value to `true` will enable the CORS for all HTTP request. However, | ||
20 | | you can define a function to enable/disable it on per request basis as well. | ||
21 | | | ||
22 | */ | ||
23 | enabled: false, | ||
24 | |||
25 | // You can also use a function that return true or false. | ||
26 | // enabled: (request) => request.url().startsWith('/api') | ||
27 | |||
28 | /* | ||
29 | |-------------------------------------------------------------------------- | ||
30 | | Origin | ||
31 | |-------------------------------------------------------------------------- | ||
32 | | | ||
33 | | Set a list of origins to be allowed for `Access-Control-Allow-Origin`. | ||
34 | | The value can be one of the following: | ||
35 | | | ||
36 | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin | ||
37 | | | ||
38 | | Boolean (true) - Allow current request origin. | ||
39 | | Boolean (false) - Disallow all. | ||
40 | | String - Comma separated list of allowed origins. | ||
41 | | Array - An array of allowed origins. | ||
42 | | String (*) - A wildcard (*) to allow all request origins. | ||
43 | | Function - Receives the current origin string and should return | ||
44 | | one of the above values. | ||
45 | | | ||
46 | */ | ||
47 | origin: true, | ||
48 | |||
49 | /* | ||
50 | |-------------------------------------------------------------------------- | ||
51 | | Methods | ||
52 | |-------------------------------------------------------------------------- | ||
53 | | | ||
54 | | An array of allowed HTTP methods for CORS. The `Access-Control-Request-Method` | ||
55 | | is checked against the following list. | ||
56 | | | ||
57 | | Following is the list of default methods. Feel free to add more. | ||
58 | */ | ||
59 | methods: ['GET', 'HEAD', 'POST', 'PUT', 'DELETE'], | ||
60 | |||
61 | /* | ||
62 | |-------------------------------------------------------------------------- | ||
63 | | Headers | ||
64 | |-------------------------------------------------------------------------- | ||
65 | | | ||
66 | | List of headers to be allowed for `Access-Control-Allow-Headers` header. | ||
67 | | The value can be one of the following: | ||
68 | | | ||
69 | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers | ||
70 | | | ||
71 | | Boolean(true) - Allow all headers mentioned in `Access-Control-Request-Headers`. | ||
72 | | Boolean(false) - Disallow all headers. | ||
73 | | String - Comma separated list of allowed headers. | ||
74 | | Array - An array of allowed headers. | ||
75 | | Function - Receives the current header and should return one of the above values. | ||
76 | | | ||
77 | */ | ||
78 | headers: true, | ||
79 | |||
80 | /* | ||
81 | |-------------------------------------------------------------------------- | ||
82 | | Expose Headers | ||
83 | |-------------------------------------------------------------------------- | ||
84 | | | ||
85 | | A list of headers to be exposed by setting `Access-Control-Expose-Headers`. | ||
86 | | header. By default following 6 simple response headers are exposed. | ||
87 | | | ||
88 | | Cache-Control | ||
89 | | Content-Language | ||
90 | | Content-Type | ||
91 | | Expires | ||
92 | | Last-Modified | ||
93 | | Pragma | ||
94 | | | ||
95 | | In order to add more headers, simply define them inside the following array. | ||
96 | | | ||
97 | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers | ||
98 | | | ||
99 | */ | ||
100 | exposeHeaders: [ | ||
101 | 'cache-control', | ||
102 | 'content-language', | ||
103 | 'content-type', | ||
104 | 'expires', | ||
105 | 'last-modified', | ||
106 | 'pragma', | ||
107 | ], | ||
108 | |||
109 | /* | ||
110 | |-------------------------------------------------------------------------- | ||
111 | | Credentials | ||
112 | |-------------------------------------------------------------------------- | ||
113 | | | ||
114 | | Toggle `Access-Control-Allow-Credentials` header. If value is set to `true`, | ||
115 | | then header will be set, otherwise not. | ||
116 | | | ||
117 | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials | ||
118 | | | ||
119 | */ | ||
120 | credentials: true, | ||
121 | |||
122 | /* | ||
123 | |-------------------------------------------------------------------------- | ||
124 | | MaxAge | ||
125 | |-------------------------------------------------------------------------- | ||
126 | | | ||
127 | | Define `Access-Control-Max-Age` header in seconds. | ||
128 | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age | ||
129 | | | ||
130 | */ | ||
131 | maxAge: 90, | ||
132 | }; | ||
133 | |||
134 | export default corsConfig; | ||