Add ability to set CORS headers
This commit is contained in:
parent
cc687b1b2b
commit
7930719eaa
|
@ -49,5 +49,7 @@ RUN chmod +x /start.sh
|
||||||
|
|
||||||
USER nobody
|
USER nobody
|
||||||
|
|
||||||
|
ENV GO_ENV production
|
||||||
|
|
||||||
ENTRYPOINT ["./start.sh"]
|
ENTRYPOINT ["./start.sh"]
|
||||||
CMD ["./super-graph", "serv"]
|
CMD ["./super-graph", "serv"]
|
||||||
|
|
|
@ -36,6 +36,15 @@ migrations_path: ./config/migrations
|
||||||
# encrypting the cursor data
|
# encrypting the cursor data
|
||||||
secret_key: supercalifajalistics
|
secret_key: supercalifajalistics
|
||||||
|
|
||||||
|
# CORS: A list of origins a cross-domain request can be executed from.
|
||||||
|
# If the special * value is present in the list, all origins will be allowed.
|
||||||
|
# An origin may contain a wildcard (*) to replace 0 or more
|
||||||
|
# characters (i.e.: http://*.domain.com).
|
||||||
|
cors_allowed_origins: ["*"]
|
||||||
|
|
||||||
|
# Debug Cross Origin Resource Sharing requests
|
||||||
|
cors_debug: true
|
||||||
|
|
||||||
# Postgres related environment Variables
|
# Postgres related environment Variables
|
||||||
# SG_DATABASE_HOST
|
# SG_DATABASE_HOST
|
||||||
# SG_DATABASE_PORT
|
# SG_DATABASE_PORT
|
||||||
|
|
1
go.mod
1
go.mod
|
@ -21,6 +21,7 @@ require (
|
||||||
github.com/magiconair/properties v1.8.1 // indirect
|
github.com/magiconair/properties v1.8.1 // indirect
|
||||||
github.com/pelletier/go-toml v1.4.0 // indirect
|
github.com/pelletier/go-toml v1.4.0 // indirect
|
||||||
github.com/pkg/errors v0.8.1
|
github.com/pkg/errors v0.8.1
|
||||||
|
github.com/rs/cors v1.7.0
|
||||||
github.com/rs/zerolog v1.15.0
|
github.com/rs/zerolog v1.15.0
|
||||||
github.com/spf13/afero v1.2.2 // indirect
|
github.com/spf13/afero v1.2.2 // indirect
|
||||||
github.com/spf13/cobra v0.0.5
|
github.com/spf13/cobra v0.0.5
|
||||||
|
|
2
go.sum
2
go.sum
|
@ -180,6 +180,8 @@ github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R
|
||||||
github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
|
github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
|
||||||
github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
|
github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
|
||||||
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
|
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
|
||||||
|
github.com/rs/cors v1.7.0 h1:+88SsELBHx5r+hZ8TCkggzSstaWNbDvThkVK8H6f9ik=
|
||||||
|
github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
|
||||||
github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
|
github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
|
||||||
github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
|
github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
|
||||||
github.com/rs/zerolog v1.15.0 h1:uPRuwkWF4J6fGsJ2R0Gn2jB1EQiav9k3S6CSdygQJXY=
|
github.com/rs/zerolog v1.15.0 h1:uPRuwkWF4J6fGsJ2R0Gn2jB1EQiav9k3S6CSdygQJXY=
|
||||||
|
|
|
@ -26,11 +26,13 @@ type config struct {
|
||||||
EnableTracing bool `mapstructure:"enable_tracing"`
|
EnableTracing bool `mapstructure:"enable_tracing"`
|
||||||
UseAllowList bool `mapstructure:"use_allow_list"`
|
UseAllowList bool `mapstructure:"use_allow_list"`
|
||||||
Production bool
|
Production bool
|
||||||
WatchAndReload bool `mapstructure:"reload_on_config_change"`
|
WatchAndReload bool `mapstructure:"reload_on_config_change"`
|
||||||
AuthFailBlock bool `mapstructure:"auth_fail_block"`
|
AuthFailBlock bool `mapstructure:"auth_fail_block"`
|
||||||
SeedFile string `mapstructure:"seed_file"`
|
SeedFile string `mapstructure:"seed_file"`
|
||||||
MigrationsPath string `mapstructure:"migrations_path"`
|
MigrationsPath string `mapstructure:"migrations_path"`
|
||||||
SecretKey string `mapstructure:"secret_key"`
|
SecretKey string `mapstructure:"secret_key"`
|
||||||
|
AllowedOrigins []string `mapstructure:"cors_allowed_origins"`
|
||||||
|
DebugCORS bool `mapstructure:"cors_debug"`
|
||||||
|
|
||||||
Inflections map[string]string
|
Inflections map[string]string
|
||||||
|
|
||||||
|
|
16
serv/http.go
16
serv/http.go
|
@ -8,6 +8,8 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/rs/cors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -61,6 +63,20 @@ type resolver struct {
|
||||||
Duration time.Duration `json:"duration"`
|
Duration time.Duration `json:"duration"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func apiV1Handler() http.Handler {
|
||||||
|
h := withAuth(http.HandlerFunc(apiV1), conf.Auth)
|
||||||
|
|
||||||
|
if len(conf.AllowedOrigins) != 0 {
|
||||||
|
c := cors.New(cors.Options{
|
||||||
|
AllowedOrigins: conf.AllowedOrigins,
|
||||||
|
AllowCredentials: true,
|
||||||
|
Debug: conf.DebugCORS,
|
||||||
|
})
|
||||||
|
h = c.Handler(h)
|
||||||
|
}
|
||||||
|
|
||||||
|
return h
|
||||||
|
}
|
||||||
func apiV1(w http.ResponseWriter, r *http.Request) {
|
func apiV1(w http.ResponseWriter, r *http.Request) {
|
||||||
ctx := &coreContext{Context: r.Context()}
|
ctx := &coreContext{Context: r.Context()}
|
||||||
|
|
||||||
|
|
|
@ -154,7 +154,7 @@ func routeHandler() (http.Handler, error) {
|
||||||
|
|
||||||
routes := map[string]http.Handler{
|
routes := map[string]http.Handler{
|
||||||
"/health": http.HandlerFunc(health),
|
"/health": http.HandlerFunc(health),
|
||||||
"/api/v1/graphql": withAuth(http.HandlerFunc(apiV1), conf.Auth),
|
"/api/v1/graphql": apiV1Handler(),
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := setActionRoutes(routes); err != nil {
|
if err := setActionRoutes(routes); err != nil {
|
||||||
|
|
|
@ -36,6 +36,15 @@ migrations_path: ./config/migrations
|
||||||
# encrypting the cursor data
|
# encrypting the cursor data
|
||||||
secret_key: supercalifajalistics
|
secret_key: supercalifajalistics
|
||||||
|
|
||||||
|
# CORS: A list of origins a cross-domain request can be executed from.
|
||||||
|
# If the special * value is present in the list, all origins will be allowed.
|
||||||
|
# An origin may contain a wildcard (*) to replace 0 or more
|
||||||
|
# characters (i.e.: http://*.domain.com).
|
||||||
|
cors_allowed_origins: ["*"]
|
||||||
|
|
||||||
|
# Debug Cross Origin Resource Sharing requests
|
||||||
|
cors_debug: false
|
||||||
|
|
||||||
# Postgres related environment Variables
|
# Postgres related environment Variables
|
||||||
# SG_DATABASE_HOST
|
# SG_DATABASE_HOST
|
||||||
# SG_DATABASE_PORT
|
# SG_DATABASE_PORT
|
||||||
|
|
|
@ -36,6 +36,15 @@ enable_tracing: true
|
||||||
# encrypting the cursor data
|
# encrypting the cursor data
|
||||||
# secret_key: supercalifajalistics
|
# secret_key: supercalifajalistics
|
||||||
|
|
||||||
|
# CORS: A list of origins a cross-domain request can be executed from.
|
||||||
|
# If the special * value is present in the list, all origins will be allowed.
|
||||||
|
# An origin may contain a wildcard (*) to replace 0 or more
|
||||||
|
# characters (i.e.: http://*.domain.com).
|
||||||
|
# cors_allowed_origins: ["*"]
|
||||||
|
|
||||||
|
# Debug Cross Origin Resource Sharing requests
|
||||||
|
# cors_debug: false
|
||||||
|
|
||||||
# Postgres related environment Variables
|
# Postgres related environment Variables
|
||||||
# SG_DATABASE_HOST
|
# SG_DATABASE_HOST
|
||||||
# SG_DATABASE_PORT
|
# SG_DATABASE_PORT
|
||||||
|
|
Loading…
Reference in New Issue