#26 added cors policy to allows credentials on our UI origins

2024-04-21 13:49:13 -04:00
parent 425b3b11b6
commit 27819566f9
1 changed files with 20 additions and 2 deletions
--- a/src/Web/Program.cs
+++ b/src/Web/Program.cs
@@ -19,8 +19,24 @@ builder.Services.AddCors(options =>
        options.AddPolicy("AllowAll", builder =>
        {
            builder.AllowAnyOrigin()
-                   .AllowAnyMethod()
-                   .AllowAnyHeader();
+                .AllowAnyMethod()
+                .AllowAnyHeader();
+        });
+        
+        options.AddPolicy("AllowHutopyUi", builder =>
+        {
+            builder.WithOrigins("https://zealous-bay-08204590f.5.azurestaticapps.net")
+                .AllowAnyMethod()
+                .AllowAnyHeader()
+                .AllowCredentials();
+        });
+        
+        options.AddPolicy("AllowHutopyUiPreview", builder =>
+        {
+            builder.WithOrigins("https://zealous-bay-08204590f-preview.eastus2.5.azurestaticapps.net")
+                .AllowAnyMethod()
+                .AllowAnyHeader()
+                .AllowCredentials();
        });
    });

@@ -36,6 +52,8 @@ builder.Services.AddScoped<IUserService, UserService>();
 var app = builder.Build();

 app.UseCors("AllowAll");
+app.UseCors("AllowHutopyUi");
+app.UseCors("AllowHutopyUiPreview");

 // Initialize and seed the db.
 await app.InitialiseDatabaseAsync();