Skip to content

Commit

Permalink
cors update
Browse files Browse the repository at this point in the history
  • Loading branch information
Haik committed Mar 26, 2024
1 parent dceb260 commit 4d332ae
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 49 deletions.
100 changes: 51 additions & 49 deletions src/Pandatech.CleanArchitecture.Api/Extensions/CorsExtension.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,54 +4,56 @@ namespace Pandatech.CleanArchitecture.Api.Extensions;

public static class CorsExtension
{
public static WebApplicationBuilder AddCors(this WebApplicationBuilder builder)
{
var configuration = builder.Configuration;
if (builder.Environment.IsProduction())
{
var allowedOrigins = configuration["CorsSettings:AllowedOrigins"];

ValidateCorsOrigins(allowedOrigins!);

builder.Services.AddCors(options => options.AddPolicy("AllowSpecific", p => p
.WithOrigins(allowedOrigins!)
.AllowAnyMethod()
.AllowAnyHeader()));
}
else
{
builder.Services.AddCors(options => options.AddPolicy("AllowAll", p => p
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()));
}

return builder;
}

public static WebApplication UseCors(this WebApplication app)
{
app.UseCors(app.Environment.IsProduction() ? "AllowSpecific" : "AllowAll");
return app;
}

private static void ValidateCorsOrigins(string allowedOrigins)
{
var originsArray = allowedOrigins.Split(',', StringSplitOptions.RemoveEmptyEntries);

if (originsArray.Length == 0)
{
public static WebApplicationBuilder AddCors(this WebApplicationBuilder builder)
{
var configuration = builder.Configuration;
if (builder.Environment.IsProduction())
{
var allowedOrigins = configuration["CorsSettings:AllowedOrigins"];

ValidateCorsOrigins(allowedOrigins!);

builder.Services.AddCors(options => options.AddPolicy("AllowSpecific", p => p
.WithOrigins(allowedOrigins!)
.AllowCredentials()
.AllowAnyMethod()
.AllowAnyHeader()));
}
else
{
builder.Services.AddCors(options => options.AddPolicy("AllowAll", p => p
.SetIsOriginAllowed(_ => true)
.AllowCredentials()
.AllowAnyMethod()
.AllowAnyHeader()));
}

return builder;
}

public static WebApplication UseCors(this WebApplication app)
{
app.UseCors(app.Environment.IsProduction() ? "AllowSpecific" : "AllowAll");
return app;
}

private static void ValidateCorsOrigins(string allowedOrigins)
{
var originsArray = allowedOrigins.Split(',', StringSplitOptions.RemoveEmptyEntries);

if (originsArray.Length == 0)
{
throw new InvalidOperationException(
"The Cors origins are empty or incorrectly formatted.");
}

foreach (var origin in originsArray)
{
if (!PandaValidator.IsUri(origin, true, false))
{
throw new InvalidOperationException(
"The ORIGINS environment variable is empty or incorrectly formatted.");
}

foreach (var origin in originsArray)
{
if (!PandaValidator.IsUri(origin, true, false))
{
throw new InvalidOperationException(
$"The origin {origin} in the ORIGINS environment variable is not valid.");
}
}
}
$"The origin {origin} is not valid URI.");
}
}
}
}
1 change: 1 addition & 0 deletions ...andatech.CleanArchitecture.Application/Features/User/Create/CreateUserV1CommandHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ public async Task Handle(CreateUserV1Command request, CancellationToken cancella
}

var passwordHash = argon.HashPassword(request.Password);

var user = new UserEntity
{
Username = request.Username.ToLower(),
Expand Down
1 change: 1 addition & 0 deletions src/Pandatech.CleanArchitecture.Core/Entities/UserEntity.cs
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
using Microsoft.EntityFrameworkCore;
using Pandatech.CleanArchitecture.Core.EntityFilters;
using Pandatech.CleanArchitecture.Core.Enums;
using PandaTech.IEnumerableFilters.Attributes;
Expand Down

0 comments on commit 4d332ae

Please sign in to comment.