From 7930719eaa1393bb2377dd0a12bcb5eee2781182 Mon Sep 17 00:00:00 2001 From: Vikram Rangnekar Date: Fri, 6 Mar 2020 09:47:51 +0530 Subject: [PATCH] Add ability to set CORS headers --- Dockerfile | 2 ++ config/dev.yml | 9 +++++++++ go.mod | 1 + go.sum | 2 ++ serv/config.go | 12 +++++++----- serv/http.go | 16 ++++++++++++++++ serv/serv.go | 2 +- tmpl/dev.yml | 9 +++++++++ tmpl/prod.yml | 9 +++++++++ 9 files changed, 56 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index b80dae3..3930588 100644 --- a/Dockerfile +++ b/Dockerfile @@ -49,5 +49,7 @@ RUN chmod +x /start.sh USER nobody +ENV GO_ENV production + ENTRYPOINT ["./start.sh"] CMD ["./super-graph", "serv"] diff --git a/config/dev.yml b/config/dev.yml index c60310c..27c6b3d 100644 --- a/config/dev.yml +++ b/config/dev.yml @@ -36,6 +36,15 @@ migrations_path: ./config/migrations # encrypting the cursor data secret_key: supercalifajalistics +# CORS: A list of origins a cross-domain request can be executed from. +# If the special * value is present in the list, all origins will be allowed. +# An origin may contain a wildcard (*) to replace 0 or more +# characters (i.e.: http://*.domain.com). +cors_allowed_origins: ["*"] + +# Debug Cross Origin Resource Sharing requests +cors_debug: true + # Postgres related environment Variables # SG_DATABASE_HOST # SG_DATABASE_PORT diff --git a/go.mod b/go.mod index 5e22811..61bb37e 100644 --- a/go.mod +++ b/go.mod @@ -21,6 +21,7 @@ require ( github.com/magiconair/properties v1.8.1 // indirect github.com/pelletier/go-toml v1.4.0 // indirect github.com/pkg/errors v0.8.1 + github.com/rs/cors v1.7.0 github.com/rs/zerolog v1.15.0 github.com/spf13/afero v1.2.2 // indirect github.com/spf13/cobra v0.0.5 diff --git a/go.sum b/go.sum index 06e7978..e270702 100644 --- a/go.sum +++ b/go.sum @@ -180,6 +180,8 @@ github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/rs/cors v1.7.0 h1:+88SsELBHx5r+hZ8TCkggzSstaWNbDvThkVK8H6f9ik= +github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU= github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= github.com/rs/zerolog v1.15.0 h1:uPRuwkWF4J6fGsJ2R0Gn2jB1EQiav9k3S6CSdygQJXY= diff --git a/serv/config.go b/serv/config.go index b31be6c..ecdad6a 100644 --- a/serv/config.go +++ b/serv/config.go @@ -26,11 +26,13 @@ type config struct { EnableTracing bool `mapstructure:"enable_tracing"` UseAllowList bool `mapstructure:"use_allow_list"` Production bool - WatchAndReload bool `mapstructure:"reload_on_config_change"` - AuthFailBlock bool `mapstructure:"auth_fail_block"` - SeedFile string `mapstructure:"seed_file"` - MigrationsPath string `mapstructure:"migrations_path"` - SecretKey string `mapstructure:"secret_key"` + WatchAndReload bool `mapstructure:"reload_on_config_change"` + AuthFailBlock bool `mapstructure:"auth_fail_block"` + SeedFile string `mapstructure:"seed_file"` + MigrationsPath string `mapstructure:"migrations_path"` + SecretKey string `mapstructure:"secret_key"` + AllowedOrigins []string `mapstructure:"cors_allowed_origins"` + DebugCORS bool `mapstructure:"cors_debug"` Inflections map[string]string diff --git a/serv/http.go b/serv/http.go index 9675c93..2ed5011 100644 --- a/serv/http.go +++ b/serv/http.go @@ -8,6 +8,8 @@ import ( "net/http" "strings" "time" + + "github.com/rs/cors" ) const ( @@ -61,6 +63,20 @@ type resolver struct { Duration time.Duration `json:"duration"` } +func apiV1Handler() http.Handler { + h := withAuth(http.HandlerFunc(apiV1), conf.Auth) + + if len(conf.AllowedOrigins) != 0 { + c := cors.New(cors.Options{ + AllowedOrigins: conf.AllowedOrigins, + AllowCredentials: true, + Debug: conf.DebugCORS, + }) + h = c.Handler(h) + } + + return h +} func apiV1(w http.ResponseWriter, r *http.Request) { ctx := &coreContext{Context: r.Context()} diff --git a/serv/serv.go b/serv/serv.go index 865ba63..88957e6 100644 --- a/serv/serv.go +++ b/serv/serv.go @@ -154,7 +154,7 @@ func routeHandler() (http.Handler, error) { routes := map[string]http.Handler{ "/health": http.HandlerFunc(health), - "/api/v1/graphql": withAuth(http.HandlerFunc(apiV1), conf.Auth), + "/api/v1/graphql": apiV1Handler(), } if err := setActionRoutes(routes); err != nil { diff --git a/tmpl/dev.yml b/tmpl/dev.yml index c198c58..3ee4abc 100644 --- a/tmpl/dev.yml +++ b/tmpl/dev.yml @@ -36,6 +36,15 @@ migrations_path: ./config/migrations # encrypting the cursor data secret_key: supercalifajalistics +# CORS: A list of origins a cross-domain request can be executed from. +# If the special * value is present in the list, all origins will be allowed. +# An origin may contain a wildcard (*) to replace 0 or more +# characters (i.e.: http://*.domain.com). +cors_allowed_origins: ["*"] + +# Debug Cross Origin Resource Sharing requests +cors_debug: false + # Postgres related environment Variables # SG_DATABASE_HOST # SG_DATABASE_PORT diff --git a/tmpl/prod.yml b/tmpl/prod.yml index d571ecc..ca1ea41 100644 --- a/tmpl/prod.yml +++ b/tmpl/prod.yml @@ -36,6 +36,15 @@ enable_tracing: true # encrypting the cursor data # secret_key: supercalifajalistics +# CORS: A list of origins a cross-domain request can be executed from. +# If the special * value is present in the list, all origins will be allowed. +# An origin may contain a wildcard (*) to replace 0 or more +# characters (i.e.: http://*.domain.com). +# cors_allowed_origins: ["*"] + +# Debug Cross Origin Resource Sharing requests +# cors_debug: false + # Postgres related environment Variables # SG_DATABASE_HOST # SG_DATABASE_PORT