Aneurin Barker Snook 1 рік тому
батько
коміт
d749a4d68a
5 змінених файлів з 46 додано та 1 видалено
  1. 31 0
      package-lock.json
  2. 2 0
      package.json
  3. 3 1
      src/http.ts
  4. 1 0
      src/index.ts
  5. 9 0
      src/types.ts

+ 31 - 0
package-lock.json

@@ -10,12 +10,14 @@
       "license": "SEE LICENSE IN LICENSE.md",
       "dependencies": {
         "@edge/misc-utils": "^1.0.4",
+        "cors": "^2.8.5",
         "dotenv": "^16.3.1",
         "express": "^4.18.2",
         "jsonwebtoken": "^9.0.2",
         "mongodb": "^6.3.0"
       },
       "devDependencies": {
+        "@types/cors": "^2.8.17",
         "@types/express": "^4.17.21",
         "@types/jsonwebtoken": "^9.0.5",
         "@types/node": "^20.10.3",
@@ -253,6 +255,15 @@
         "@types/node": "*"
       }
     },
+    "node_modules/@types/cors": {
+      "version": "2.8.17",
+      "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.17.tgz",
+      "integrity": "sha512-8CGDvrBj1zgo2qE+oS3pOCyYNqCPryMWY2bGfwA0dcfopWGgxs+78df0Rs3rc9THP4JkOhLsAa+15VdpAqkcUA==",
+      "dev": true,
+      "dependencies": {
+        "@types/node": "*"
+      }
+    },
     "node_modules/@types/express": {
       "version": "4.17.21",
       "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz",
@@ -914,6 +925,18 @@
       "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
       "integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ=="
     },
+    "node_modules/cors": {
+      "version": "2.8.5",
+      "resolved": "https://registry.npmjs.org/cors/-/cors-2.8.5.tgz",
+      "integrity": "sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==",
+      "dependencies": {
+        "object-assign": "^4",
+        "vary": "^1"
+      },
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
     "node_modules/create-require": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz",
@@ -2160,6 +2183,14 @@
         "node": ">=0.10.0"
       }
     },
+    "node_modules/object-assign": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
+      "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/object-inspect": {
       "version": "1.13.1",
       "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz",

+ 2 - 0
package.json

@@ -14,6 +14,7 @@
   "author": "",
   "license": "SEE LICENSE IN LICENSE.md",
   "devDependencies": {
+    "@types/cors": "^2.8.17",
     "@types/express": "^4.17.21",
     "@types/jsonwebtoken": "^9.0.5",
     "@types/node": "^20.10.3",
@@ -26,6 +27,7 @@
   },
   "dependencies": {
     "@edge/misc-utils": "^1.0.4",
+    "cors": "^2.8.5",
     "dotenv": "^16.3.1",
     "express": "^4.18.2",
     "jsonwebtoken": "^9.0.2",

+ 3 - 1
src/http.ts

@@ -3,14 +3,16 @@ import * as herd from './herd/api'
 import * as task from './task/api'
 import type { Context } from './types'
 import type { ErrorRequestHandler } from 'express'
+import cors from 'cors'
 import express from 'express'
 import { http } from '@edge/misc-utils'
 
 /** Create an Express application. */
 function createExpress(ctx: Context) {
-  // Initialize app with JSON and auth middleware
+  // Initialize app with JSON, CORS, and auth middleware
   const app = express()
   app.use(express.json())
+  app.use(cors(ctx.config.cors))
   app.use(ctx.auth.verifyRequestMiddleware)
 
   const prefix = ctx.config.api.prefix

+ 1 - 0
src/index.ts

@@ -32,6 +32,7 @@ main({
       },
     },
   },
+  cors: undefined,
   http: {
     host: process.env.HTTP_HOST || '',
     port: parseInt(process.env.HTTP_PORT || '5001'),

+ 9 - 0
src/types.ts

@@ -1,6 +1,7 @@
 import type { Auth } from './auth'
 import type { Logger } from './log'
 import type { Models } from './db'
+import type cors from 'cors'
 import type { Db, MongoClient } from 'mongodb'
 
 /** Application configuration context. */
@@ -20,6 +21,14 @@ export interface Config {
       secret: string
     }
   }
+  /**
+   * CORS options.
+   * At the moment, this is always undefined for default usage; a future update should add support for configuration
+   * via environment variables.
+   *
+   * @see https://www.npmjs.com/package/cors#usage
+   */
+  cors: Parameters<typeof cors>[0]
   http: {
     /** HTTP bind host (default: empty) */
     host: string