Update: Npm Cors Doc
This commit is contained in:
Yûki VACHOT
parent
c6e02cf797
commit
f69ed4b3d4
2 changed files with 21 additions and 30 deletions
|
|
@ -1,28 +1,19 @@
|
|||
const cors = require('cors');
|
||||
module.exports.cors = cors;
|
||||
|
||||
const allowList = [
|
||||
const whitelist = [
|
||||
'http://127.0.0.1:4200',
|
||||
'http://127.0.0.1:4201',
|
||||
'https://admin-polynotfound.herokuapp.com',
|
||||
'https://polynotfound.herokuapp.com'
|
||||
];
|
||||
|
||||
const corsOptionsDelegate = function(req, callback) {
|
||||
console.log(req.header('Origin'), allowList.indexOf(req.header('Origin')));
|
||||
let corsOptions;
|
||||
if (allowList.indexOf(req.header('Origin')) !== -1) {
|
||||
corsOptions = {
|
||||
origin: true,
|
||||
credentials: true
|
||||
}
|
||||
} else {
|
||||
corsOptions = {
|
||||
origin: false,
|
||||
credentials: true
|
||||
module.exports.corsOptions = {
|
||||
origin: function(origin, callback) {
|
||||
if (whitelist.indexOf(origin) !== -1) {
|
||||
callback(null, true);
|
||||
} else {
|
||||
callback(new Error('Not allowed by CORS'));
|
||||
}
|
||||
}
|
||||
console.log(corsOptions);
|
||||
callback(null, corsOptions)
|
||||
}
|
||||
module.exports.options = corsOptionsDelegate;
|
||||
|
|
@ -1,43 +1,43 @@
|
|||
const users = require("../controllers/user.controller");
|
||||
const {cors, options} = require("../config/cors.config");
|
||||
const {cors, corsOptions} = require("../config/cors.config");
|
||||
module.exports = app => {
|
||||
let router = require("express").Router();
|
||||
|
||||
// Authenticate a User
|
||||
router.post("/user/auth", cors(options), users.auth);
|
||||
router.post("/user/auth", cors(corsOptions), users.auth);
|
||||
|
||||
// Logout a User
|
||||
router.delete("/user/logout", cors(options), users.logout);
|
||||
router.delete("/user/logout", cors(corsOptions), users.logout);
|
||||
|
||||
// Request password reset with email
|
||||
router.post("/user/resetPass", cors(options), users.resetPass);
|
||||
router.post("/user/resetPass", cors(corsOptions), users.resetPass);
|
||||
|
||||
// Create and Save a new User
|
||||
router.post("/user/create", cors(options), users.create);
|
||||
router.post("/user/create", cors(corsOptions), users.create);
|
||||
|
||||
// Retrieve all Users if admin
|
||||
router.get("/user/findAll", cors(options), users.findAll);
|
||||
router.get("/user/findAll", cors(corsOptions), users.findAll);
|
||||
|
||||
// Find single User from id if admin or session id
|
||||
router.get("/user/findOne/:id", cors(options), users.findOne);
|
||||
router.get("/user/findOne/:id", cors(corsOptions), users.findOne);
|
||||
|
||||
// Update a User from id if admin or session id
|
||||
router.put("/user/update/:id", cors(options), users.update);
|
||||
router.put("/user/update/:id", cors(corsOptions), users.update);
|
||||
|
||||
// Delete a User from id if admin or session id
|
||||
router.delete("/user/delete/:id", cors(options), users.delete);
|
||||
router.delete("/user/delete/:id", cors(corsOptions), users.delete);
|
||||
|
||||
// Delete all Users if superAdmin
|
||||
router.delete("/user/deleteAll", cors(options), users.deleteAll);
|
||||
router.delete("/user/deleteAll", cors(corsOptions), users.deleteAll);
|
||||
|
||||
// Get all Roles depending on the User session id
|
||||
router.get("/user/roles", cors(options), users.roles);
|
||||
router.get("/user/roles", cors(corsOptions), users.roles);
|
||||
|
||||
// Get 1 or multiple ad adapted to the User session id
|
||||
router.get("/user/ad", cors(options), users.ad);
|
||||
router.get("/user/ad", cors(corsOptions), users.ad);
|
||||
|
||||
// Get History
|
||||
router.get("/user/history", cors(options), users.history);
|
||||
router.get("/user/history", cors(corsOptions), users.history);
|
||||
|
||||
app.use('/api', router);
|
||||
};
|
||||
|
|
|
|||
Reference in a new issue