diff --git a/src/server/guild/ws.rs b/src/server/guild/ws.rs index e1c0b10..5c3b1fe 100644 --- a/src/server/guild/ws.rs +++ b/src/server/guild/ws.rs @@ -6,7 +6,7 @@ use mongodb::bson::oid::ObjectId; use serde::{Deserialize, Serialize}; use tokio::sync::mpsc::UnboundedSender; use tokio_stream::wrappers::UnboundedReceiverStream; -use tracing::{error, info, warn}; +use tracing::{error, info}; use twilight_model::id::Id; use twilight_model::id::marker::UserMarker; use twilight_model::user::CurrentUserGuild; diff --git a/src/server/mod.rs b/src/server/mod.rs index 0aff6a0..03cd6d5 100644 --- a/src/server/mod.rs +++ b/src/server/mod.rs @@ -31,10 +31,14 @@ pub mod guild { #[cfg(any(feature = "api", feature = "http-interactions"))] mod http_server { + use std::env; use std::net::{IpAddr, Ipv4Addr, SocketAddr}; + use std::str::FromStr; use std::sync::Arc; + use tracing::warn; use twilight_http::Client; use warp::Filter; + use warp::http::{HeaderName, Method}; use crate::context::Context; #[macro_export] @@ -57,9 +61,29 @@ mod http_server { discord_http: Arc, #[cfg(feature = "http-interactions")] public_key: ed25519_dalek::VerifyingKey ) { + let cors_allow = if let Ok(origin) = env::var("ALLOWED_ORIGIN") { + warp::cors() + .allow_origin(origin.as_str()) + } else { + warn!( + "There is no ALLOWED_ORIGIN environment variable, CORS Headers are set to accept all requests" + ); + warp::cors().allow_any_origin() + }; + let cors_allow = cors_allow + .allow_headers([ + HeaderName::from_str("Authorization").unwrap(), + HeaderName::from_str("User-Id").unwrap() + ]) + .allow_methods([Method::GET, Method::POST]) + .allow_credentials(true) + .build(); + let routes = crate::server::routes::get_all_routes( discord_http, context, #[cfg(feature = "http-interactions")] public_key - ).recover(crate::server::error::handle_rejection); + ) + .recover(crate::server::error::handle_rejection) + .with(cors_allow); const ALL_SOCKETS: IpAddr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)); warp::serve(routes).run(SocketAddr::new(ALL_SOCKETS, port)).await;