Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions packages/services/octobot_services/constants.py
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@
ENV_WEB_ADDRESS = "WEB_ADDRESS"
ENV_CORS_ALLOWED_ORIGINS = "CORS_ALLOWED_ORIGINS"
ENV_BACKEND_CORS_ALLOWED_ORIGINS = "BACKEND_CORS_ALLOWED_ORIGINS"
ENV_BACKEND_CORS_ORIGIN_REGEX = "BACKEND_CORS_ORIGIN_REGEX"
ENV_AUTO_OPEN_IN_WEB_BROWSER = "AUTO_OPEN_IN_WEB_BROWSER"
DEFAULT_SERVER_IP = '0.0.0.0'
DEFAULT_SERVER_PORT = 5001
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,8 @@
build_api_router = _api_main.build_api_router

LOCALHOST_ORIGIN_REGEX = r"^https?://(localhost|127\.0\.0\.1)(:\d+)?$"
OCTOBOT_CLOUD_ORIGIN_REGEX = r"^https://([a-z0-9-]+\.)*octobot\.cloud$"
ALLOWED_ORIGIN_REGEX = f"({LOCALHOST_ORIGIN_REGEX}|{OCTOBOT_CLOUD_ORIGIN_REGEX})"


def custom_generate_unique_id(route: APIRoute) -> str:
Expand Down Expand Up @@ -96,10 +98,12 @@ async def _async_run(self) -> bool:
# Set CORS from service config
cors_origins_str = self.node_api_service.get_backend_cors_origins()
cors_origins = [i.strip() for i in cors_origins_str.split(",") if i.strip()] if cors_origins_str else []
extra_regex = self.node_api_service.get_backend_cors_origin_regex()
origin_regex = f"({ALLOWED_ORIGIN_REGEX}|{extra_regex})" if extra_regex else ALLOWED_ORIGIN_REGEX
self.app.add_middleware(
CORSMiddleware,
allow_origins=cors_origins,
allow_origin_regex=LOCALHOST_ORIGIN_REGEX,
allow_origin_regex=origin_regex,
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -176,3 +176,6 @@ def get_node_postgres_url(self):

def get_backend_cors_origins(self):
return os.getenv(services_constants.ENV_BACKEND_CORS_ALLOWED_ORIGINS, self.backend_cors_origins)

def get_backend_cors_origin_regex(self):
return os.getenv(services_constants.ENV_BACKEND_CORS_ORIGIN_REGEX, "")
Loading