Merged from main.

This commit is contained in:
Andrew Lalis 2023-01-31 22:24:35 +01:00
parent 7583e48fb0
commit 2dae2bb905
3 changed files with 6 additions and 16 deletions

View File

@ -1,5 +1,6 @@
package nl.andrewlalis.gymboard_api.config; package nl.andrewlalis.gymboard_api.config;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order; import org.springframework.core.annotation.Order;
@ -60,6 +61,9 @@ public class SecurityConfig {
return http.build(); return http.build();
} }
@Value("${app.web-origin}")
private String webOrigin;
/** /**
* Defines the CORS configuration for this API, which is to say that we * Defines the CORS configuration for this API, which is to say that we
* allow cross-origin requests ONLY from the web app for the vast majority * allow cross-origin requests ONLY from the web app for the vast majority
@ -73,7 +77,7 @@ public class SecurityConfig {
final CorsConfiguration config = new CorsConfiguration(); final CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true); config.setAllowCredentials(true);
// Don't do this in production, use a proper list of allowed origins // Don't do this in production, use a proper list of allowed origins
config.addAllowedOriginPattern("*"); config.addAllowedOriginPattern(webOrigin);
config.addAllowedHeader("*"); config.addAllowedHeader("*");
config.addAllowedMethod("*"); config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config); source.registerCorsConfiguration("/**", config);

View File

@ -6,21 +6,6 @@ import org.springframework.context.annotation.Configuration;
@Configuration @Configuration
public class WebConfig { public class WebConfig {
@Value("${app.web-origin}")
private String webOrigin;
@Bean
public CorsFilter corsFilter() {
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
final CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOriginPattern(webOrigin);
config.setAllowedHeaders(Arrays.asList("Origin", "Content-Type", "Accept"));
config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "OPTIONS", "DELETE", "PATCH"));
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
@Bean @Bean
public ULID ulid() { public ULID ulid() {
return new ULID(); return new ULID();

View File

@ -25,6 +25,7 @@ const i18n = useI18n({ useScope: 'global' });
const localeOptions = [ const localeOptions = [
{ value: 'en-US', label: 'English' }, { value: 'en-US', label: 'English' },
{ value: 'nl-NL', label: 'Nederlands' }, { value: 'nl-NL', label: 'Nederlands' },
{ value: 'de', label: 'Deutsch' }
]; ];
</script> </script>