CORS headers for nodebalancer

2023-06-05 10:28:03 +00:00 · 2023-06-05 10:28:03 +00:00 · 1e1f1ef2c2
commit 1e1f1ef2c2
--- a/nodes/node_balancer/cmd/nodebalancer/configs.go
+++ b/nodes/node_balancer/cmd/nodebalancer/configs.go
@ -30,10 +30,11 @@ var (
 	NB_BUGOUT_TIMEOUT_SECONDS_RAW = os.Getenv("NB_BUGOUT_TIMEOUT_SECONDS")

 	// Bugout and application configuration
-	BUGOUT_AUTH_CALL_TIMEOUT  = time.Second * 5
-	MOONSTREAM_APPLICATION_ID = os.Getenv("MOONSTREAM_APPLICATION_ID")
-	NB_CONTROLLER_TOKEN       = os.Getenv("NB_CONTROLLER_TOKEN")
-	NB_CONTROLLER_ACCESS_ID   = os.Getenv("NB_CONTROLLER_ACCESS_ID")
+	BUGOUT_AUTH_CALL_TIMEOUT        = time.Second * 5
+	MOONSTREAM_APPLICATION_ID       = os.Getenv("MOONSTREAM_APPLICATION_ID")
+	NB_CONTROLLER_TOKEN             = os.Getenv("NB_CONTROLLER_TOKEN")
+	NB_CONTROLLER_ACCESS_ID         = os.Getenv("NB_CONTROLLER_ACCESS_ID")
+	MOONSTREAM_CORS_ALLOWED_ORIGINS = os.Getenv("MOONSTREAM_CORS_ALLOWED_ORIGINS")

 	NB_CONNECTION_RETRIES          = 2
 	NB_CONNECTION_RETRIES_INTERVAL = time.Millisecond * 10
--- a/nodes/node_balancer/cmd/nodebalancer/middleware.go
+++ b/nodes/node_balancer/cmd/nodebalancer/middleware.go
@ -356,6 +356,24 @@ func panicMiddleware(next http.Handler) http.Handler {
 	})
 }

+// CORS middleware
+func corsMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		for _, allowedOrigin := range strings.Split(MOONSTREAM_CORS_ALLOWED_ORIGINS, ",") {
+			if r.Header.Get("Origin") == allowedOrigin {
+				w.Header().Set("Access-Control-Allow-Origin", allowedOrigin)
+			}
+		}
+		if r.Method == "OPTIONS" {
+			w.Header().Set("Access-Control-Allow-Methods", "GET,OPTIONS")
+			// Credentials are cookies, authorization headers, or TLS client certificates
+			w.Header().Set("Access-Control-Allow-Credentials", "true")
+			w.Header().Set("Access-Control-Allow-Headers", "Authorization")
+		}
+		next.ServeHTTP(w, r)
+	})
+}
+
 // Split JSON RPC request to object and slice and return slice of requests
 func jsonrpcRequestParser(body []byte) ([]JSONRPCRequest, error) {
 	var jsonrpcRequest []JSONRPCRequest
--- a/nodes/node_balancer/cmd/nodebalancer/server.go
+++ b/nodes/node_balancer/cmd/nodebalancer/server.go
@ -225,7 +225,8 @@ func Server() {
 	serveMux.HandleFunc("/ping", pingRoute)

 	// Set common middlewares, from bottom to top
-	commonHandler := logMiddleware(serveMux)
+	commonHandler := corsMiddleware(serveMux)
+	commonHandler = logMiddleware(serveMux)
 	commonHandler = panicMiddleware(commonHandler)

 	server := http.Server{
--- a/nodes/node_balancer/sample.env
+++ b/nodes/node_balancer/sample.env
@ -2,6 +2,7 @@
 export BUGOUT_BROOD_URL="https://auth.bugout.dev"
 export NB_BUGOUT_TIMEOUT_SECONDS=15
 export MOONSTREAM_APPLICATION_ID="<application_id_to_controll_access>"
+export MOONSTREAM_CORS_ALLOWED_ORIGINS="http://localhost:3000,https://moonstream.to,https://portal.moonstream.to"
 export NB_CONTROLLER_TOKEN="<token_of_controller_user>"
 export NB_CONTROLLER_ACCESS_ID="<controller_access_id_for_internal_usage>"