Fixed CORS not updating when client list changes.

shrihari-prakash · Dec 10, 2024 · 4a43c14 · 4a43c14
1 parent 543567f
commit 4a43c14
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 1 deletion.
diff --git a/src/service/api/client/admin-api/create.post.ts b/src/service/api/client/admin-api/create.post.ts
@@ -11,6 +11,7 @@ import Role from "../../../../enum/role.js";
 import ClientModel from "../../../../model/mongo/client.js";
 import { hasErrors } from "../../../../utils/api.js";
 import { Configuration } from "../../../../singleton/configuration.js";
+import { CORS } from "../../../../singleton/cors.js";
 
 export const POST_CreateValidator = [
   body("id").exists().isString().isLength({ min: 8, max: 30 }).matches(new RegExp(Configuration.get("client.id-validation-regex"), "i")),
@@ -42,6 +43,7 @@ const POST_Create = async (req: Request, res: Response) => {
     log.debug("Client created successfully.");
     log.debug(inserted);
     res.status(statusCodes.success).json(new SuccessResponse({ client: inserted }));
+    CORS.scanOrigins();
   } catch (err) {
     log.error(err);
     return res.status(statusCodes.internalError).json(new ErrorResponse(errorMessages.internalError));

diff --git a/src/service/api/client/admin-api/delete.delete.ts b/src/service/api/client/admin-api/delete.delete.ts
@@ -11,6 +11,7 @@ import { ScopeManager } from "../../../../singleton/scope-manager.js";
 import ClientModel from "../../../../model/mongo/client.js";
 import { hasErrors } from "../../../../utils/api.js";
 import Role from "../../../../enum/role.js";
+import { CORS } from "../../../../singleton/cors.js";
 
 export const DELETE_DeleteValidator = [
   body("target").exists().isString().isLength({ max: 64 }).custom(isValidObjectId),
@@ -30,6 +31,7 @@ const DELETE_Delete = async (req: Request, res: Response) => {
     log.debug("Client deleted successfully.");
     log.debug(deleted);
     res.status(statusCodes.success).json(new SuccessResponse());
+    CORS.scanOrigins();
   } catch (err) {
     log.error(err);
     return res.status(statusCodes.internalError).json(new ErrorResponse(errorMessages.internalError));

diff --git a/src/service/api/client/admin-api/update.patch.ts b/src/service/api/client/admin-api/update.patch.ts
@@ -12,6 +12,7 @@ import Role from "../../../../enum/role.js";
 import { errorMessages, statusCodes } from "../../../../utils/http-status.js";
 import { ErrorResponse, SuccessResponse } from "../../../../utils/response.js";
 import { Configuration } from "../../../../singleton/configuration.js";
+import { CORS } from "../../../../singleton/cors.js";
 
 export const PATCH_UpdateValidator = [
   body("target").exists().isString().isLength({ max: 64 }).custom(isValidObjectId),
@@ -52,6 +53,7 @@ const PATCH_Update = async (req: Request, res: Response) => {
     await ClientModel.updateOne({ _id: target }, req.body);
     log.debug("Client updated successfully.");
     res.status(statusCodes.success).json(new SuccessResponse());
+    CORS.scanOrigins();
   } catch (err) {
     log.error(err);
     return res.status(statusCodes.internalError).json(new ErrorResponse(errorMessages.internalError));

diff --git a/src/service/cors/cors.ts b/src/service/cors/cors.ts
@@ -5,7 +5,7 @@ import ClientModel from "../../model/mongo/client.js";
 import { Configuration } from "../../singleton/configuration.js";
 
 export class CORS {
-  allowedOrigins = new Set(Configuration.get("cors.allowed-origins"));
+  allowedOrigins = new Set();
 
   extractOrigin(uri: string): string {
     const url = new URL(uri);
@@ -14,6 +14,7 @@ export class CORS {
   }
 
   public async scanOrigins() {
+    this.allowedOrigins = new Set(Configuration.get("cors.allowed-origins"));
     const clients = await ClientModel.find();
     if (!clients) {
       log.warn("No clients found. Skipping origin scan.");