fix(server): use cors lib (#7)

* fix(server): use cors lib * chore: lint
cryptape · Jan 17, 2025 · e359919 · e359919
1 parent 5b66b8d
commit e359919
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 15 deletions.
diff --git a/frontend/vite.config.ts b/frontend/vite.config.ts
@@ -8,7 +8,7 @@ export default defineConfig({
     },
     define: {
         "import.meta.env.VITE_HTTP_API_URL": JSON.stringify(
-            "http://13.251.229.198:3000", //"http://localhost:3000",
+            "https://ckb-tx-elevator-api.ckbapp.dev", //"http://13.251.229.198:3000", //"http://localhost:3000",
         ),
     },
 });
diff --git a/package.json b/package.json
@@ -22,6 +22,7 @@
     "license": "ISC",
     "devDependencies": {
         "@biomejs/biome": "^1.9.4",
+        "@types/cors": "^2.8.17",
         "@types/express": "^5.0.0",
         "@types/node": "^22.10.2",
         "@types/ws": "^8.5.13",
@@ -33,6 +34,7 @@
         "@ckb-ccc/core": "^1.2.1",
         "@types/better-sqlite3": "^7.6.12",
         "better-sqlite3": "^11.7.2",
+        "cors": "^2.8.5",
         "dotenv": "^16.4.7",
         "express": "^4.21.2",
         "winston": "^3.17.0",

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/src/api/sever.ts b/src/api/sever.ts
@@ -1,4 +1,5 @@
 import type { Hex } from "@ckb-ccc/core";
+import cors from "cors";
 import express, { type Request, type Response } from "express";
 import { Config } from "../core/config";
 import type { DB } from "../db";
@@ -7,20 +8,13 @@ import { logger } from "../util/logger";
 export function createServer(db: DB) {
     const app = express();
 
-    app.use((_req, res, next) => {
-        for (const origin of Config.allowOrigin) {
-            res.header("Access-Control-Allow-Origin", origin);
-        }
-        if (Config.allowOrigin.length > 0) {
-            res.header(
-                "Access-Control-Allow-Methods",
-                "GET, POST, PUT, DELETE",
-            );
-            res.header("Access-Control-Allow-Headers", "Content-Type");
-        }
-
-        next();
-    });
+    app.use(
+        cors({
+            origin: Config.allowOrigin,
+            methods: "GET, POST, PUT, DELETE",
+            allowedHeaders: "Content-Type",
+        }),
+    );
 
     app.get("/pending-txs", async (_req: Request, res: Response) => {
         const transactions = db.getPendingTransactions();