Initial commit — Performance West telecom compliance platform
Includes: API (Express/TypeScript), Astro site, Python workers, document generators, FCC compliance tools, Canada CRTC formation, Ansible infrastructure, and deployment scripts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
commit
f8cd37ac8c
1823 changed files with 145167 additions and 0 deletions
41
api/src/middleware/cors.ts
Normal file
41
api/src/middleware/cors.ts
Normal file
|
|
@ -0,0 +1,41 @@
|
|||
import cors from "cors";
|
||||
import { config } from "../config.js";
|
||||
|
||||
const PRODUCTION_ORIGINS = [
|
||||
"https://performancewest.net",
|
||||
"https://www.performancewest.net",
|
||||
"https://dev.performancewest.net",
|
||||
"http://192.168.7.4:4322",
|
||||
];
|
||||
|
||||
const DEV_ORIGINS = [
|
||||
"http://localhost:4322",
|
||||
"http://localhost:3001",
|
||||
"http://127.0.0.1:4322",
|
||||
"http://127.0.0.1:3001",
|
||||
];
|
||||
|
||||
// In dev mode, also allow any origin on common dev ports (LAN access)
|
||||
const isDev = config.nodeEnv !== "production";
|
||||
|
||||
const allowedOrigins =
|
||||
config.nodeEnv === "production"
|
||||
? PRODUCTION_ORIGINS
|
||||
: [...PRODUCTION_ORIGINS, ...DEV_ORIGINS];
|
||||
|
||||
export const corsMiddleware = cors({
|
||||
origin: (origin, cb) => {
|
||||
// Allow requests with no origin (server-to-server, curl, etc.)
|
||||
if (!origin) { cb(null, true); return; }
|
||||
if (allowedOrigins.includes(origin)) { cb(null, true); return; }
|
||||
// In dev mode, allow any origin on known dev ports (LAN access from other machines)
|
||||
if (isDev && /^http:\/\/[\d.]+:(4322|3001)$/.test(origin)) { cb(null, true); return; }
|
||||
if (isDev && /^http:\/\/192\.168\./.test(origin)) { cb(null, true); return; }
|
||||
cb(new Error(`Origin ${origin} not allowed by CORS`));
|
||||
},
|
||||
methods: ["GET", "POST", "PATCH", "OPTIONS"],
|
||||
allowedHeaders: ["Content-Type", "Authorization"],
|
||||
exposedHeaders: ["RateLimit-Limit", "RateLimit-Remaining", "RateLimit-Reset"],
|
||||
credentials: true,
|
||||
maxAge: 86_400,
|
||||
});
|
||||
Loading…
Add table
Add a link
Reference in a new issue