restrict CORS to env defined origin

2020-01-07 13:43:20 -08:00 · 2020-01-07 13:43:20 -08:00 · 8a203cb096
commit 8a203cb096
parent c94c64b106
3 changed files with 10 additions and 1 deletions
--- a/packages/server/server/package-lock.json
+++ b/packages/server/server/package-lock.json
@ -269,6 +269,11 @@
      "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.0.4.tgz",
      "integrity": "sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA="
    },
+    "dotenv": {
+      "version": "8.2.0",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.2.0.tgz",
+      "integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw=="
+    },
    "ee-first": {
      "version": "1.1.1",
      "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
--- a/packages/server/server/package.json
+++ b/packages/server/server/package.json
@ -11,6 +11,7 @@
    "cookie-parser": "~1.4.4",
    "cors": "^2.8.5",
    "debug": "~2.6.9",
+    "dotenv": "^8.2.0",
    "express": "~4.16.1",
    "http-errors": "~1.6.3",
    "morgan": "~1.9.1",
--- a/packages/server/server/server.js
+++ b/packages/server/server/server.js
@ -6,13 +6,16 @@ const path = require('path');
 const cookieParser = require('cookie-parser');
 const logger = require('morgan');

+const dotenv = require('dotenv');
+dotenv.config();
+
 const indexRouter = require('./routes/index');
 const usersRouter = require('./routes/users');

 const app = express();

 const corsOptions = {
-  origin: '*'
+  origin: process.env.REACT_ADDRESS
 }

 app.options('*', cors(corsOptions));