Add configurable cors options to worker

hosting/docker-compose.yaml

@@ -51,6 +51,8 @@ services:
       INTERNAL_API_KEY: ${INTERNAL_API_KEY}
       REDIS_URL: redis-service:6379
       REDIS_PASSWORD: ${REDIS_PASSWORD}
+      CORS_ORIGIN: ${CORS_ORIGIN}
+      CORS_CREDENTIALS: ${CORS_CREDENTIALS}
     volumes:
       - ./logs:/logs
     depends_on:

packages/worker/scripts/dev/manage.js

@@ -21,6 +21,9 @@ async function init() {
       COUCH_DB_PASSWORD: "budibase",
       // empty string is false
       MULTI_TENANCY: "",
+      // account portal cors configuration
+      CORS_ORIGIN: "http://localhost:3001",
+      CORS_CREDENTIALS: true,
     }
     let envFile = ""
     Object.keys(envFileJson).forEach(key => {

packages/worker/src/environment.js

@@ -33,6 +33,8 @@ module.exports = {
   INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
   MULTI_TENANCY: process.env.MULTI_TENANCY,
   SANDBOX: process.env.SANDBOX,
+  CORS_ORIGIN: process.env.CORS_ORIGIN,
+  CORS_CREDENTIALS: process.env.CORS_CREDENTIALS,
   _set(key, value) {
     process.env[key] = value
     module.exports[key] = value

packages/worker/src/index.js

@@ -16,12 +16,14 @@ const redis = require("./utilities/redis")
 const app = new Koa()
 
 // TODO: Remove this when using envoy / nginx
-const accountPortalCors = {
+if (env.CORS_ORIGIN) {
-  origin: "http://localhost:3001",
+  const corsConfig = {
-  credentials: true,
+    origin: env.CORS_ORIGIN,
-}
+    credentials: !!env.CORS_CREDENTIALS,
+  }
 
-app.use(cors(accountPortalCors))
+  app.use(cors(corsConfig))
+}
 
 app.keys = ["secret", "key"]