Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CORE] Feat/issue 193 - Enable cors #201

Closed
wants to merge 116 commits into from
Closed

[CORE] Feat/issue 193 - Enable cors #201

wants to merge 116 commits into from

Conversation

iam-oov
Copy link
Contributor

@iam-oov iam-oov commented May 2, 2022
edited
Loading

Enable CORS.
Resolve issue 193.

@iam-oov
added to the gitignore the '.env' file and created the auth package
e133242
@iam-oov
added to the gitignore the '.env' file and created the auth package
107bc39
@iam-oov
base configuration of the endpoint '[GET] DOMAIN/auth/' in the api-ga…
775961b 
…teway module
@iam-oov
hardcode was moved to the constants file
9fca8ab
@iam-oov
installing, configuring and applying eslint to the auth package
2437715
@iam-oov
changes in the yarn.lock
549a711
@iam-oov
install fastify-auth0-verify
edebb1c
@iam-oov
added schema to auth-endpoint
9f40e42
@iam-oov
Merge branch 'master' into feat/issue_48-add_auth_package
61b8ab1
@iam-oov
fix/problems with the merge when merging the auth package
d6d9253
@iam-oov
Merge branch 'master' into feat/issue_48-add_auth_package
eee3ca8
@iam-oov
fix: repair problems with the merge
b93207f
@iam-oov
Merge branch 'master' of github.com:iam-oov/booking-services
2eb7cd9
@iam-oov
Merge branch 'Platzi-Master-C9:master' into feat/issue_48-add_auth_pa…
7f59da9 
…ckage
@iam-oov
fix: repair problems with the merge
565ecda
@iam-oov
fix: repair problems with the merge
d031907
@iam-oov
feat: settings and env variables added for auth library
7d24509
@iam-oov
bug(api-gateway/src/drivers/http/server.js): import fastify-auth0-ver…
d989c12 
…ify library
@iam-oov
feat: added 'private' folder in auth routes to test the access token
c11f295
@iam-oov
refactor: moves the validation of the acess_token from the adapters t…
99b7a1e 
…o the routes through a decorator
@iam-oov
fix: merge issues
e695964
@iam-oov
fix: linting issues in api-gateway
6529341
@iam-oov
Merge branch 'master' of github.com:iam-oov/booking-services
1558954
@iam-oov
Merge branch 'master' into feat/issue_48-add_auth_package
1f9d807
@iam-oov
fix: linting issues
515e57a
@iam-oov
feat: added fastify-auth0-verify and dotenv
0d73cb6
@iam-oov
feat: yarn.lock modified
6f80aac
@iam-oov
fix: linting issues and rename the 'private' function to 'getprivate'
8ab7cfa
@iam-oov
fix: linting issues and rename the 'private' function to 'getprivate'
d732c08
@iam-oov
fix: merge issues
a8b20cc
iam-oov added 22 commits May 10, 2022 18:31
@iam-oov
fix: delete unnecessary files
e381e6f
@iam-oov
fix: delete unnecessary files
3af1aee
@iam-oov
fix: linting issues
c14eaa9
@iam-oov
fix: linting issues
94cc53d
@iam-oov
fix: linting issues
516a24b
@iam-oov
fix: linting issues
94cd5dd
@iam-oov
feat: add decorators in the hooks of routes
bf0936d
@iam-oov
feat: add decorators in the hooks of routes
5f65727
@iam-oov
fix: some variable names were renamed
27253ff
@iam-oov
fix: merge problems
7ee123a
@iam-oov
fix: merge problems
649a977
@iam-oov
fix: remove duplicate file
128ac1c
@iam-oov
fix: merge problems
04b125a
@iam-oov
fix: created nonexistent file
8c11625
@iam-oov
fix: created nonexistent file
6d68c84
@iam-oov
fix: created nonexistent file
408f8b7
@iam-oov
fix: typo errors
454beb0
@iam-oov
fix: typo errors
e6909b2
@iam-oov
fix: update the yarn.lock file
6acaca3
@iam-oov
fix: linting bugs fixed
b6df4a2
@iam-oov
Merge branch 'Platzi-Master-C9:master' into master
e5ce7c9
@iam-oov
fix: linting bugs fixed and merge problems
7657fa1
@iam-oov iam-oov added the feature This is a feature label May 16, 2022
essau-net
essau-net reviewed May 17, 2022
View reviewed changes
packages/api-gateway/src/drivers/http/server.js
@@ -18,6 +19,11 @@ const fastify = Fastify({
logger: !isTestEnv,
});

// Enable cors
fastify.register(require('@fastify/cors'), {
origin: configCORS.domain,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would like to add these options

  • credentials: this enables to share cookies in requests, I suggest to talk with other teams and know if that's the case this should set to true. Here more information
  • methods: fastify-cors doesn't say how will behave if this parameter is omitted, so I think we should add it
    allowHeaders: the default behavior is

reflecting the headers specified in the request's Access-Control-Request-Headers header.
Here you can find more information about it.
Is that what you want?

  • optionSuccessStatus: to avoid to having conflict with default 204 code with legacy browsers
  • exposedHeaders: this just if we create custom headers. Do you talk with the rest of cohort if someone is going to need that?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the comments. i will read all the documentation to make a configuration closer to production.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was searching about optionSuccesStatus, I think you can omit that value since almost all browsers accept 204 value (default value). Here you can see 204 code compatibility with browsers

Copy link
Contributor Author

@iam-oov iam-oov May 19, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the moment I only set the credentials to true to activate the cookies.
But the other keys I think it is better that they stay like this so as not to put more barriers and interrupt the progress of the other squads.

I don't think it's feasible to change the key "domain" to list because our requirement is to use only one domain and not several.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay, the documentation doesn't say about default behavior in that field, so I would recommend to add all the methods (to make a fast solution)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ready!

essau-net
essau-net reviewed May 17, 2022
View reviewed changes
packages/api-gateway/config/cors.js
const prefix = require('./environment');

module.exports = {
domain: process.env[`${prefix}CORS_DOMAIN`],
Copy link
Contributor

@essau-net essau-net May 17, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you talk with our cohort about third services needed? If we need more that one, this value should be an array. In order to accomplish that we need to separate values with commas and use split function.
Here more information about creating an array using env vars

@iam-oov iam-oov closed this May 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@essau-net essau-net essau-net left review comments

Assignees

@iam-oov iam-oov

Labels
feature This is a feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[CORE] feat: Enable CORS
2 participants
@iam-oov @essau-net