faresbouzayen
commented
1 day ago Hi @Sidharth-Singh10! I think this feature for configuring CORS allowed origins from a .env file is a great idea! It would definitely enhance flexibility for deployments across different environments.
Here’s how I’d approach implementing this:
.env Configuration: Add support to read a comma-separated list of allowed origins from the .env file, like you suggested:
makefile Copy code ALLOWED_ORIGINS="http://example.com,http://another-example.com,http://localhost:3000" Code Modification: Update the backend code to parse the ALLOWED_ORIGINS variable, splitting the string by commas to create a list of allowed origins.
CORS Layer Setup: Modify the CorsLayer configuration to use the dynamically parsed origins, ensuring that it works seamlessly across development, staging, and production environments.
I’m excited to work on this! Let me know if there are any additional details you’d like me to consider.
Sidharth-Singh10
Summary
It would be useful to add support for configuring the CORS allowed origins dynamically from the
.envfile. This is particularly useful when running the backend in different environments (development, staging, production) with multiple origins.Current Behavior
Currently, allowed origins need to be manually set in the code using
CorsLayer. This works, but it’s less flexible when deploying across multiple environments with different origins.Expected Behavior
The backend should be able to read a list of allowed origins from the
.envfile. The list would be defined as a comma-separated string in the.envfile, which would then be parsed in the code and passed toCorsLayer.Proposed Solution
Define allowed origins in the
.envfile as a comma-separated list of origins,e.g.:ALLOWED_ORIGINS="http://example.com,http://another-example.com,http://localhost:3000"Load and parse the origins in the backend code, split the string by commas, and create a vector of allowed origins.
Configure the
CorsLayerusing the parsed origins,