fix(striker-ui-api): enable credentials in cors middleware

2 years ago · 4bbdcc1687
parent dc765b3719
commit 4bbdcc1687
1 changed files with 11 additions and 1 deletions
--- a/striker-ui-api/src/app.ts
+++ b/striker-ui-api/src/app.ts
@ -6,13 +6,23 @@ import passport from './passport';
 import routes from './routes';
 import { rrouters } from './lib/rrouters';
 import session from './session';
+import { stdout } from './lib/shell';

 export default (async () => {
  const app = express();

  app.use(json());

-  app.use(cors());
+  app.use(
+    cors({
+      origin: (requestOrigin, done) => {
+        stdout(`Request header: Origin=${requestOrigin}`);
+
+        done(null, requestOrigin);
+      },
+      credentials: true,
+    }),
+  );

  // Add session handler to the chain **after** adding other handlers that do
  // not depend on session(s).