diff --git a/gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/config/SecurityConfig.java b/gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/config/SecurityConfig.java index 9697285..322b02f 100644 --- a/gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/config/SecurityConfig.java +++ b/gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/config/SecurityConfig.java @@ -1,5 +1,6 @@ package nl.andrewlalis.gymboard_api.config; +import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.annotation.Order; @@ -60,6 +61,9 @@ public class SecurityConfig { return http.build(); } + @Value("${app.web-origin}") + private String webOrigin; + /** * Defines the CORS configuration for this API, which is to say that we * allow cross-origin requests ONLY from the web app for the vast majority @@ -73,7 +77,7 @@ public class SecurityConfig { final CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // Don't do this in production, use a proper list of allowed origins - config.addAllowedOriginPattern("*"); + config.addAllowedOriginPattern(webOrigin); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); diff --git a/gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/config/WebConfig.java b/gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/config/WebConfig.java index b59b493..f78f351 100644 --- a/gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/config/WebConfig.java +++ b/gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/config/WebConfig.java @@ -6,21 +6,6 @@ import org.springframework.context.annotation.Configuration; @Configuration public class WebConfig { - @Value("${app.web-origin}") - private String webOrigin; - - @Bean - public CorsFilter corsFilter() { - final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); - final CorsConfiguration config = new CorsConfiguration(); - config.setAllowCredentials(true); - config.addAllowedOriginPattern(webOrigin); - config.setAllowedHeaders(Arrays.asList("Origin", "Content-Type", "Accept")); - config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "OPTIONS", "DELETE", "PATCH")); - source.registerCorsConfiguration("/**", config); - return new CorsFilter(source); - } - @Bean public ULID ulid() { return new ULID(); diff --git a/gymboard-app/src/components/LocaleSelect.vue b/gymboard-app/src/components/LocaleSelect.vue index 956cd59..f69212d 100644 --- a/gymboard-app/src/components/LocaleSelect.vue +++ b/gymboard-app/src/components/LocaleSelect.vue @@ -25,6 +25,7 @@ const i18n = useI18n({ useScope: 'global' }); const localeOptions = [ { value: 'en-US', label: 'English' }, { value: 'nl-NL', label: 'Nederlands' }, + { value: 'de', label: 'Deutsch' } ];