Added rack-cors gem and initial settings (#595)

* Added rack-cors gem and initial settings
fs · Jul 14, 2020 · 2f35cc6 · 2f35cc6
1 parent 36dbdda
commit 2f35cc6
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 0 deletions.
diff --git a/.env.example b/.env.example
@@ -4,6 +4,9 @@ PORT=5000
 # Host name of the application
 HOST=lvh.me
 
+# Enabled origins
+CORS_ORIGINS=127.0.0.1:5000,localhost:5000,lvh.me:5000
+
 # Current environment
 RACK_ENV=development
 

diff --git a/Gemfile b/Gemfile
@@ -39,6 +39,7 @@ gem "memory_profiler"
 gem "puma"
 gem "pundit"
 gem "rack-canonical-host"
+gem "rack-cors"
 gem "rack-mini-profiler", require: false, git: "https://github.com/MiniProfiler/rack-mini-profiler.git"
 gem "responders"
 gem "rollbar"

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -289,6 +289,8 @@ GEM
     rack-canonical-host (0.2.2)
       addressable (> 0, < 3)
       rack (>= 1.0.0, < 3)
+    rack-cors (1.1.1)
+      rack (>= 2.0.0)
     rack-proxy (0.6.5)
       rack
     rack-test (1.1.0)
@@ -525,6 +527,7 @@ DEPENDENCIES
   puma
   pundit
   rack-canonical-host
+  rack-cors
   rack-mini-profiler!
   rails (= 6.0.3.2)
   rails-erd

diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Avoid CORS issues when API is called from the frontend app.
+# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests.
+
+# Read more: https://github.com/cyu/rack-cors
+
+if ENV["CORS_ORIGINS"].present?
+  Rails.application.config.middleware.insert_before 0, Rack::Cors, debug: true, logger: (-> { Rails.logger }) do
+    allow do
+      origins(*ENV.fetch("CORS_ORIGINS").split(","))
+
+      resource "/assets/*", headers: :any, methods: :get
+    end
+  end
+end