Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Dynamic CORS Configuration (Fixes #2) #10

Merged
merged 5 commits into from
Oct 2, 2024
Merged

Implement Dynamic CORS Configuration (Fixes #2) #10

merged 5 commits into from
Oct 2, 2024

Conversation

HarshitShukla-dev
Copy link
Contributor

This pull request addresses issue #2 by introducing dynamic CORS configuration to the backend. The changes allow the application to read allowed origins from an environment variable defined in the .env file, enhancing flexibility for different deployment environments (development, staging, production).

Key Changes:

  • Dynamic Configuration: Allowed CORS origins are now read from the .env file as a comma-separated string.
  • Parsing and Validation: The origins are parsed and validated as Uri types, with any invalid URLs logged as warnings.
  • Type Handling: Implemented conversion of Uri to HeaderValue for compatibility with the AllowOrigin::exact() method in the CORS configuration.
  • Error Handling: Added error handling for potential parsing issues, ensuring that the application does not crash on invalid inputs.

Reminder:

Please ensure to update the .env file with the ALLOWED_ORIGINS variable in the following format:

ALLOWED_ORIGINS="http://example.com,http://another-example.com,http://localhost:3000"

@HarshitShukla-dev
feat: Dynamic CORS configuration from .env with improved error handling
48d8f97 
- Added support for configuring allowed CORS origins dynamically from the .env file as a comma-separated list
- Parsed and validated origins as `Uri`, converting them to `HeaderValue` for CORS configuration
- Implemented error handling for invalid origins and failed conversions to `HeaderValue`
- Enhanced CORS flexibility for multiple environments (development, staging, production)
- Added logging for invalid or unparseable origins to assist in debugging
Sidharth-Singh10
Sidharth-Singh10 requested changes Oct 2, 2024
View reviewed changes
Copy link
Owner

@Sidharth-Singh10 Sidharth-Singh10 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@HarshitShukla-dev , load the environment variable in constants.rs. and then use the constant in main.rs.

@HarshitShukla-dev
- Updated .env.example file to have the ALLOWED_ORIGINS variable.
2c9dfb8 
- implemented the reading of cors origins from the .env file by loading the env file in constants.rs and then using the constants utility to read the value of ALLOWED_ORIGINS in main.rs
@HarshitShukla-dev
Improved formatting to pass the fmt tests
cf709fb
@HarshitShukla-dev
Copy link
Contributor Author

@HarshitShukla-dev , load the environment variable in constants.rs. and then use the constant in main.rs.

I’m sorry for the oversight. I've successfully loaded the environment variable in constants.rs and integrated the constant into main.rs. The ALLOWED_ORIGINS variable is now dynamically configured based on the values specified in the .env file. Additionally, I've added error handling to ensure that the application gracefully handles any issues related to the environment variable.

If you have any further suggestions or need additional changes, please let me know!

Thanks!

Sidharth-Singh10
Sidharth-Singh10 reviewed Oct 2, 2024
View reviewed changes
.env.example Outdated Show resolved Hide resolved
@Sidharth-Singh10
Copy link
Owner

Sidharth-Singh10 commented Oct 2, 2024
edited
Loading

If ALLOWED_ORIGINS is not set, do not default it to a empty list, exit the program gracefully with a warning.
Pointed out some minor faults please correct those.

@HarshitShukla-dev
- Updated .env.example file to have the correct spelling of ALLOWED_O…
ef159db 
…RIGINS

- Updated constants.rs to exit the program if the ALLOWED_ORIGINS environment variable is not set
@HarshitShukla-dev
Copy link
Contributor Author

@Sidharth-Singh10, Fixed the issues.

@Sidharth-Singh10
Copy link
Owner

@HarshitShukla-dev , thanks for the work!!!

@Sidharth-Singh10 Sidharth-Singh10 merged commit cc2214f into Sidharth-Singh10:main Oct 2, 2024
4 checks passed
@HarshitShukla-dev HarshitShukla-dev deleted the feature/dynamic-cors-config branch October 2, 2024 17:15
@HarshitShukla-dev
Copy link
Contributor Author

Hey @Sidharth-Singh10, it'll great if you assign the hacktoberfest and gssoc labels to both the pr and the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Sidharth-Singh10 Sidharth-Singh10 Sidharth-Singh10 requested changes

Assignees
No one assigned
Labels
gssoc-ext hacktoberfest-accepted level2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@HarshitShukla-dev @Sidharth-Singh10 @ShashwatAgrawal20