Configure CORS localhost origin via CORS_ALLOW_LOCALHOST env var

2020-05-03 13:20:14 +02:00 · 2020-05-03 13:20:14 +02:00 · 0b5180d26c
parent edc0e6ffb3
commit 0b5180d26c
2 changed files with 6 additions and 1 deletions
--- a/.env.example
+++ b/.env.example
@ -2,6 +2,7 @@ API_URL=/editor
 AWS_ACCESS_KEY=<your-aws-access-key>
 AWS_REGION=<your-aws-region>
 AWS_SECRET_KEY=<your-aws-secret-key>
+CORS_ALLOW_LOCALHOST=true
 EMAIL_SENDER=<transactional-email-sender>
 EMAIL_VERIFY_SECRET_TOKEN=whatever_you_want_this_to_be_it_only_matters_for_production
 EXAMPLE_USER_EMAIL=examples@p5js.org
--- a/server/server.js
+++ b/server/server.js
@ -48,9 +48,13 @@ if (process.env.BASIC_USERNAME && process.env.BASIC_PASSWORD) {

 const allowedCorsOrigins = [
  /p5js\.org$/,
-  /localhost/ // to allow client-only development
 ];

+// to allow client-only development
+if (process.env.CORS_ALLOW_LOCALHOST === 'true') {
+  allowedCorsOrigins.push(/localhost/);
+}
+
 // Run Webpack dev server in development mode
 if (process.env.NODE_ENV === 'development') {
  const compiler = webpack(config);