Merge pull request #223 from getmaxun/allow-origins

feat: dynamic public url

server/src/constants/config.ts

@@ -1,4 +1,4 @@
-export const SERVER_PORT = process.env.SERVER_PORT ? Number(process.env.SERVER_PORT) : 8080
+export const SERVER_PORT = process.env.BACKEND_PORT ? Number(process.env.BACKEND_PORT) : 8080
 export const DEBUG = process.env.DEBUG === 'true'
 export const LOGS_PATH = process.env.LOGS_PATH ?? 'server/logs'
 export const ANALYTICS_ID = 'oss'

server/src/routes/auth.ts

@@ -384,7 +384,7 @@ router.get(
         httpOnly: false,
         maxAge: 60000,
       });
-      res.redirect(`http://localhost:5173`);
+      res.redirect(process.env.PUBLIC_URL as string || "http://localhost:5173");
     } catch (error: any) {
       res.status(500).json({ message: `Google OAuth error: ${error.message}` });
     }

server/src/server.ts

@@ -21,7 +21,7 @@ import swaggerSpec from './swagger/config';
 
 const app = express();
 app.use(cors({
-  origin: 'http://localhost:5173',
+  origin: process.env.PUBLIC_URL ? process.env.PUBLIC_URL : 'http://localhost:5173',
   credentials: true,
 }));
 app.use(express.json());
@@ -92,9 +92,10 @@ app.get('/', function (req, res) {
 
 // Add CORS headers
 app.use((req, res, next) => {
-  res.header('Access-Control-Allow-Origin', '*');
+  res.header('Access-Control-Allow-Origin', process.env.PUBLIC_URL || 'http://localhost:5173');
   res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
   res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization');
+  res.header('Access-Control-Allow-Credentials', 'true');
   if (req.method === 'OPTIONS') {
     return res.sendStatus(200);
   }