From be83f900a24ab95c95d77a30033ffac22b4a47fe Mon Sep 17 00:00:00 2001
From: me3za <medkrix1@gmail.com>
Date: Sat, 30 Mar 2024 01:46:34 +0000
Subject: [PATCH] Stricter cors policy

---
 backend/app.ts | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/backend/app.ts b/backend/app.ts
index 1eb84dd..1cab014 100644
--- a/backend/app.ts
+++ b/backend/app.ts
@@ -10,7 +10,18 @@ import path from 'path';
 
 const app = express();
 
-app.use(cors());
+const allowedOrigins = ["https://dtboard.tech", "https://www.dtboard.tech"]
+
+app.use(cors({
+  origin: function(origin, callback) {
+    if (!origin || allowedOrigins.includes(origin)) {
+      callback(null, true);
+    } else {
+      callback(new Error('Not allowed by CORS'));
+    }
+  }
+}));
+
 app.use(express.json());
 app.use(middleware.requestLogger);
 
@@ -36,8 +47,6 @@ app.use(
 	taskRouter,
 );
 
-console.log('dirname', __dirname);
-
 app.get('*', (req, res) => {
 	res.sendFile(path.join(__dirname, 'build/index.html'));
 });