diff --git a/api/src/main/nim/personal_measure_api.nim b/api/src/main/nim/personal_measure_api.nim index 94f4497..0b8120f 100644 --- a/api/src/main/nim/personal_measure_api.nim +++ b/api/src/main/nim/personal_measure_api.nim @@ -34,6 +34,10 @@ proc loadConfig*(args: Table[string, docopt.Value] = initTable[string, docopt.Va warn "Cannot read configuration file \"" & filePath & "\":\n\t" & getCurrentExceptionMsg() + let knownOriginsArray = + if json.hasKey("knownOrigins"): json["knownOrigins"] + else: newJArray() + let cfg = CombinedConfig(docopt: args, json: json) result = PMApiConfig( @@ -41,7 +45,8 @@ proc loadConfig*(args: Table[string, docopt.Value] = initTable[string, docopt.Va dbConnString: cfg.getVal("db-conn-string"), debug: "true".startsWith(cfg.getVal("debug", "false").toLower()), port: parseInt(cfg.getVal("port", "8080")), - pwdCost: cast[int8](parseInt(cfg.getVal("pwd-cost", "11")))) + pwdCost: cast[int8](parseInt(cfg.getVal("pwd-cost", "11"))), + knownOrigins: toSeq(knownOriginsArray).mapIt(it.getStr)) proc initContext(args: Table[string, docopt.Value]): PMApiContext = diff --git a/api/src/main/nim/personal_measure_apipkg/api.nim b/api/src/main/nim/personal_measure_apipkg/api.nim index c30bbdd..9dccd3d 100644 --- a/api/src/main/nim/personal_measure_apipkg/api.nim +++ b/api/src/main/nim/personal_measure_apipkg/api.nim @@ -32,10 +32,21 @@ template halt(code: HttpCode, result.matched = true break allRoutes -template jsonResp(code: HttpCode, details: string = "", headers: RawHeaders = @{:} ) = +template jsonResp(code: HttpCode, details: string = "", headersToSend: RawHeaders = @{:} ) = + + let reqOrigin = $(request.headers["Origin"]) + let corsHeaders = + if ctx.cfg.knownOrigins.contains(reqOrigin): + @{ + "Access-Control-Allow-Origin": reqOrigin, + "Access-Control-Allow-Credentials": "true", + "Access-Control-Allow-Methods": $(request.reqMeth) + } + else: @{:} + halt( code, - headers & @{ + headersToSend & corsHeaders & @{ "Content-Type": JSON, "Cache-Control": "no-cache" }, diff --git a/api/src/main/nim/personal_measure_apipkg/configuration.nim b/api/src/main/nim/personal_measure_apipkg/configuration.nim index c71d5c2..db24bfb 100644 --- a/api/src/main/nim/personal_measure_apipkg/configuration.nim +++ b/api/src/main/nim/personal_measure_apipkg/configuration.nim @@ -9,6 +9,7 @@ type debug*: bool port*: int pwdCost*: int8 + knownOrigins*: seq[string] PMApiContext* = object cfg*: PMApiConfig @@ -23,7 +24,8 @@ proc `%`*(cfg: PMApiConfig): JsonNode = "dbConnString": cfg.dbConnString, "debug": cfg.debug, "port": cfg.port, - "pwdCost": cfg.pwdCost } + "pwdCost": cfg.pwdCost, + "knownOrigins": cfg.knownOrigins } template raiseEx*(errorType: type, reason: string): void = raise newException(errorType, reason) diff --git a/operations/terraform/.terraform/modules/modules.json b/operations/terraform/.terraform/modules/modules.json deleted file mode 100644 index e1334ee..0000000 --- a/operations/terraform/.terraform/modules/modules.json +++ /dev/null @@ -1 +0,0 @@ -{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"dev_env","Source":"./deployed_env","Dir":"deployed_env"},{"Key":"prod_env","Source":"./deployed_env","Dir":"deployed_env"}]} \ No newline at end of file diff --git a/operations/terraform/.terraform/plugins/linux_amd64/lock.json b/operations/terraform/.terraform/plugins/linux_amd64/lock.json deleted file mode 100644 index 61e2e16..0000000 --- a/operations/terraform/.terraform/plugins/linux_amd64/lock.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "aws": "7b0461a9e1bb61eb2b58ee46d67d51a2f59d4b0fe6137025c82b4f5060477d2f" -} \ No newline at end of file diff --git a/operations/terraform/.terraform/plugins/linux_amd64/terraform-provider-aws_v2.29.0_x4 b/operations/terraform/.terraform/plugins/linux_amd64/terraform-provider-aws_v2.29.0_x4 deleted file mode 100644 index 8bf93d5..0000000 Binary files a/operations/terraform/.terraform/plugins/linux_amd64/terraform-provider-aws_v2.29.0_x4 and /dev/null differ