make using CORS configurable by environment var, defaults to false

2019-03-09 14:42:08 +01:00 · 2019-03-09 14:42:08 +01:00 · 9f75bf6a5d
commit 9f75bf6a5d
parent bc565a4008
4 changed files with 7 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -69,6 +69,7 @@ EMAIL_SMTP_USER | string || email smtp username
 EMAIL_SMTP_PASSWORD | string || email smtp password
 EMAIL_FROM_ADDRESS | string || from address used in sending emails
 EMAIL_FROM_NAME | string || from name used in sending emails
 ENABLE_CORS | bool | false | enable CORS requests
 ### Contributing
--- a/api/api.go
+++ b/api/api.go
@ -22,7 +22,7 @@ import (
 )
 // New configures application resources and routes.
-func New() (*chi.Mux, error) {
+func New(enableCORS bool) (*chi.Mux, error) {
 	logger := logging.NewLogger()
 	db, err := database.DBConn()
@ -67,7 +67,9 @@ func New() (*chi.Mux, error) {
 	r.Use(render.SetContentType(render.ContentTypeJSON))
 	// use CORS middleware if client is not served by this api, e.g. from other domain or CDN
-	// r.Use(corsConfig().Handler)
+	if enableCORS {
 		r.Use(corsConfig().Handler)
 	}
 	r.Mount("/auth", authResource.Router())
 	r.Group(func(r chi.Router) {
--- a/api/server.go
+++ b/api/server.go
@ -19,7 +19,7 @@ type Server struct {
 // NewServer creates and configures an APIServer serving all application routes.
 func NewServer() (*Server, error) {
 	log.Println("configuring server...")
-	api, err := New()
+	api, err := New(viper.GetBool("enable_cors"))
 	if err != nil {
 		return nil, err
 	}
--- a/cmd/gendoc.go
+++ b/cmd/gendoc.go
@ -47,7 +47,7 @@ func init() {
 }
 func genRoutesDoc() {
-	api, _ := api.New()
+	api, _ := api.New(false)
 	fmt.Print("generating routes markdown file: ")
 	md := docgen.MarkdownRoutesDoc(api, docgen.MarkdownOpts{
 		ProjectPath: "github.com/dhax/go-base",