GKaszewski/k-notes
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement configurable CORS origins and remove redundant comments

Browse Source
This commit is contained in:
Gabriel Kaszewski
2025-12-26 00:52:37 +01:00
parent efb0f17a2e
commit c2d57bc5a2
1 changed files with 26 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
notes-api/src/main.rs
View File

@@ -54,7 +54,6 @@ async fn main() -> anyhow::Result<()> {
.map_err(|e| anyhow::anyhow!(e))?; .map_err(|e| anyhow::anyhow!(e))?;
// Run migrations // Run migrations
// The factory/infra layer abstracts the database type
if let Err(e) = run_migrations(&pool).await { if let Err(e) = run_migrations(&pool).await {
tracing::warn!( tracing::warn!(
"Migration error (might be expected if not implemented for this DB): {}", "Migration error (might be expected if not implemented for this DB): {}",
@@ -128,42 +127,37 @@ async fn main() -> anyhow::Result<()> {
.with_secure(false) // Set to true in production with HTTPS .with_secure(false) // Set to true in production with HTTPS
.with_expiry(Expiry::OnInactivity(Duration::seconds(60 * 60 * 24 * 7))); // 7 days .with_expiry(Expiry::OnInactivity(Duration::seconds(60 * 60 * 24 * 7))); // 7 days
// Auth layer
let auth_layer = AuthManagerLayerBuilder::new(backend, session_layer).build(); let auth_layer = AuthManagerLayerBuilder::new(backend, session_layer).build();
// Parse CORS origins let mut cors = CorsLayer::new()
// let mut cors = CorsLayer::new() .allow_methods([
// .allow_methods([ axum::http::Method::GET,
// axum::http::Method::GET, axum::http::Method::POST,
// axum::http::Method::POST, axum::http::Method::PATCH,
// axum::http::Method::PATCH, axum::http::Method::DELETE,
// axum::http::Method::DELETE, axum::http::Method::OPTIONS,
// axum::http::Method::OPTIONS, ])
// ]) .allow_headers([
// .allow_headers([ axum::http::header::AUTHORIZATION,
// axum::http::header::AUTHORIZATION, axum::http::header::ACCEPT,
// axum::http::header::ACCEPT, axum::http::header::CONTENT_TYPE,
// axum::http::header::CONTENT_TYPE, ])
// ]) .allow_credentials(true);
// .allow_credentials(true);
let mut cors = CorsLayer::very_permissive();
// Add allowed origins let mut allowed_origins = Vec::new();
// let mut allowed_origins = Vec::new(); for origin in &config.cors_allowed_origins {
// for origin in &config.cors_allowed_origins { tracing::debug!("Allowing CORS origin: {}", origin);
// tracing::debug!("Allowing CORS origin: {}", origin); if let Ok(value) = origin.parse::<axum::http::HeaderValue>() {
// if let Ok(value) = origin.parse::<axum::http::HeaderValue>() { allowed_origins.push(value);
// allowed_origins.push(value); } else {
// } else { tracing::warn!("Invalid CORS origin: {}", origin);
// tracing::warn!("Invalid CORS origin: {}", origin); }
// } }
// }
// if !allowed_origins.is_empty() { if !allowed_origins.is_empty() {
// cors = cors.allow_origin(allowed_origins); cors = cors.allow_origin(allowed_origins);
// } }
// Build the application
let app = Router::new() let app = Router::new()
.nest("/api/v1", routes::api_v1_router()) .nest("/api/v1", routes::api_v1_router())
.layer(auth_layer) .layer(auth_layer)
@@ -171,7 +165,6 @@ async fn main() -> anyhow::Result<()> {
.layer(TraceLayer::new_for_http()) .layer(TraceLayer::new_for_http())
.with_state(state); .with_state(state);
// Start the server
let addr = format!("{}:{}", config.host, config.port); let addr = format!("{}:{}", config.host, config.port);
let listener = tokio::net::TcpListener::bind(&addr).await?; let listener = tokio::net::TcpListener::bind(&addr).await?;