From bc3633e20b8dea2345454fc274f040b26cd69486 Mon Sep 17 00:00:00 2001
From: leandrofars <leandrofars@gmail.com>
Date: Fri, 13 Oct 2023 19:43:39 -0300
Subject: [PATCH] feat(controller): custom api cors trough env

---
 backend/services/controller/.env                |  3 ++-
 .../controller/internal/api/cors/cors.go        | 17 ++++++++++++++---
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/backend/services/controller/.env b/backend/services/controller/.env
index 60e39d7..de9d451 100644
--- a/backend/services/controller/.env
+++ b/backend/services/controller/.env
@@ -9,4 +9,5 @@ BROKER_USERNAME=""
 BROKER_PASSWORD=""
 BROKER_CLIENTID=""
 BROKER_QOS=""
-REST_API_PORT=""
\ No newline at end of file
+REST_API_PORT=""
+REST_API_CORS="" #addresses must be separated by commas example: "http://localhost:3000,http://myapp.com,app2.com"
\ No newline at end of file
diff --git a/backend/services/controller/internal/api/cors/cors.go b/backend/services/controller/internal/api/cors/cors.go
index 92e9205..2aed72a 100644
--- a/backend/services/controller/internal/api/cors/cors.go
+++ b/backend/services/controller/internal/api/cors/cors.go
@@ -3,13 +3,16 @@ package cors
 import (
 	"github.com/rs/cors"
 	"net/http"
+	"os"
+	"strings"
+	"fmt"
 )
 
 func GetCorsConfig() cors.Cors {
+	allowedOrigins := getCorsEnvConfig()
+	fmt.Println(allowedOrigins)
 	return *cors.New(cors.Options{
-		AllowedOrigins: []string{
-			"http://localhost:3000",
-		},
+		AllowedOrigins: allowedOrigins,
 		AllowedMethods: []string{
 			http.MethodGet,
 			http.MethodPost,
@@ -25,3 +28,11 @@ func GetCorsConfig() cors.Cors {
 		},
 	})
 }
+
+func getCorsEnvConfig() []string {
+	val, _ := os.LookupEnv("REST_API_CORS")
+	if val == "" {
+		return []string{"*"}
+	}
+	return strings.Split(val, ",")
+}
\ No newline at end of file