From 8c4a1554ca0753402f2a0f7458cfcb821a4a871e Mon Sep 17 00:00:00 2001 From: Ruidy Date: Sun, 2 Jun 2024 11:59:07 +0200 Subject: [PATCH] make origin a config change api sync url --- internal/server/handle_api_extension.go | 1 + internal/server/routes.go | 2 ++ internal/server/server.go | 14 +++++++++++--- main.go | 7 +++++-- 4 files changed, 19 insertions(+), 5 deletions(-) create mode 100644 internal/server/handle_api_extension.go diff --git a/internal/server/handle_api_extension.go b/internal/server/handle_api_extension.go new file mode 100644 index 0000000..abb4e43 --- /dev/null +++ b/internal/server/handle_api_extension.go @@ -0,0 +1 @@ +package server diff --git a/internal/server/routes.go b/internal/server/routes.go index 003037b..21beace 100644 --- a/internal/server/routes.go +++ b/internal/server/routes.go @@ -12,6 +12,8 @@ func (s Server) MountHandlers() { s.Router.GET("/debug/pprof/*", echo.WrapHandler(http.DefaultServeMux)) s.Router.GET("/", handleLoginPage()) s.Router.POST("/", handleLogin(s.as)) + // TODO: turn it to private using an API key? + s.Router.POST("/api/sync", handleSync()) // admin g := s.Router.Group("") g.Use(MakeAuthMiddleware()) diff --git a/internal/server/server.go b/internal/server/server.go index fd0ac82..5d82e56 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -40,6 +40,7 @@ type options struct { fs *embed.FS debug *bool secretKey *string + origins []string } type Option func(*options) error @@ -75,6 +76,13 @@ func WithSecretKey(secretKey string) Option { } } +func WithOrigins(origins []string) Option { + return func(o *options) error { + o.origins = origins + return nil + } +} + func New(bs *booking.Service, as *auth.Service, ps *pdf.PdfService, hc *config.Host, opts ...Option) (*Server, error) { option := new(options) for _, opt := range opts { @@ -85,7 +93,7 @@ func New(bs *booking.Service, as *auth.Service, ps *pdf.PdfService, hc *config.H } s := &Server{ - Router: NewRouter(*option.fs, *option.debug, *option.secretKey), + Router: NewRouter(*option.fs, *option.debug, *option.secretKey, option.origins), bs: bs, as: as, ps: ps, @@ -127,7 +135,7 @@ func renderTempl(c echo.Context, status int, t templ.Component) error { return nil } -func NewRouter(fs embed.FS, debug bool, secret string) *echo.Echo { +func NewRouter(fs embed.FS, debug bool, secret string, origins []string) *echo.Echo { e := echo.New() // config e.HideBanner = true @@ -155,7 +163,7 @@ func NewRouter(fs embed.FS, debug bool, secret string) *echo.Echo { e.Use(middleware.Recover()) e.Use(middleware.Secure()) e.Use(middleware.Gzip()) - // e.Use(middleware.CSRF()) + e.Use(middleware.CORSWithConfig(middleware.CORSConfig{AllowOrigins: origins})) e.Use(sentryecho.New(sentryecho.Options{})) e.Use(SentryTracingMiddleware) e.Use(session.Middleware(sessions.NewCookieStore([]byte(secret)))) diff --git a/main.go b/main.go index 9057a22..1fa987f 100644 --- a/main.go +++ b/main.go @@ -62,7 +62,7 @@ func run(ctx context.Context, getEnv func(string) string) error { return fmt.Errorf("error starting pdf service %s", err) } - as := auth.NewService(os.Getenv("SESSION_SECRET"), getEnv("ADMIN"), getEnv("ADMIN_SECRET")) + as := auth.NewService(getEnv("SESSION_SECRET"), getEnv("ADMIN"), getEnv("ADMIN_SECRET")) p := getEnv("PORT") port, err := strconv.Atoi(p) @@ -70,9 +70,12 @@ func run(ctx context.Context, getEnv func(string) string) error { return fmt.Errorf("error parsing PORT env %s", err) } + ogs := getEnv("ORIGINS") + origins := strings.Split(ogs, ",") + srv, err := server.New( booking.NewService(db), as, ps, config.NewHost(), - server.WithPort(port), server.WithFileSystem(static), server.WithDebug(strings.ToLower(getEnv("DEBUG")) == "true"), server.WithSecretKey(getEnv("SECRET_KEY"))) + server.WithPort(port), server.WithFileSystem(static), server.WithDebug(strings.ToLower(getEnv("DEBUG")) == "true"), server.WithSecretKey(getEnv("SECRET_KEY")), server.WithOrigins(origins)) if err != nil { return fmt.Errorf("error starting server %s", err) }