Open Sidharth-Singh10 opened 2 days ago
Hi @Sidharth-Singh10! I think this feature for configuring CORS allowed origins from a .env file is a great idea! It would definitely enhance flexibility for deployments across different environments.
Here’s how I’d approach implementing this:
.env Configuration: Add support to read a comma-separated list of allowed origins from the .env file, like you suggested:
makefile Copy code ALLOWED_ORIGINS="http://example.com,http://another-example.com,http://localhost:3000" Code Modification: Update the backend code to parse the ALLOWED_ORIGINS variable, splitting the string by commas to create a list of allowed origins.
CORS Layer Setup: Modify the CorsLayer configuration to use the dynamically parsed origins, ensuring that it works seamlessly across development, staging, and production environments.
I’m excited to work on this! Let me know if there are any additional details you’d like me to consider.
@faresbouzayen Go ahead with your approach. Heads up: If you want to your PR to count as a Hacktoberfest Contribution. Open up the PR from 1st of October
Summary
It would be useful to add support for configuring the CORS allowed origins dynamically from the
.env
file. This is particularly useful when running the backend in different environments (development, staging, production) with multiple origins.Current Behavior
Currently, allowed origins need to be manually set in the code using
CorsLayer
. This works, but it’s less flexible when deploying across multiple environments with different origins.Expected Behavior
The backend should be able to read a list of allowed origins from the
.env
file. The list would be defined as a comma-separated string in the.env
file, which would then be parsed in the code and passed toCorsLayer
.Proposed Solution
Define allowed origins in the
.env
file as a comma-separated list of origins,e.g.:ALLOWED_ORIGINS="http://example.com,http://another-example.com,http://localhost:3000"
Load and parse the origins in the backend code, split the string by commas, and create a vector of allowed origins.
Configure the
CorsLayer
using the parsed origins,