spacedeck-open/middlewares/cors.js

'use strict';

require('../models/schema');
const config = require('config');
const url = require('url');

function respond(origin, req, res, next) {
  res.header('Access-Control-Allow-Origin', origin);
  res.header('Access-Control-Allow-Credentials', true);
  res.header('Access-Control-Max-Age', 60 * 60 * 24);
  res.header('Access-Control-Expose-Headers', 'Accepts, Content-Type, X-Spacedeck-Space-Role, X-Spacedeck-Channel, X-Spacedeck-Spacepassword, X-Spacedeck-Auth, X-Spacedeck-Space-Auth');
  res.header('Access-Control-Allow-Headers', 'Accepts, Accept-Language, Accept-Encoding, Accept-Language, Content-Type, X-Spacedeck-Space-Auth, X-Spacedeck-Space-Role, X-Spacedeck-Channel, X-Spacedeck-Spacepassword, X-Spacedeck-Auth');
  res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');

  if (req.method == 'OPTIONS') {
    res.sendStatus(204);
  } else {
    next();
  }
}

module.exports = (req, res, next) => {
  const origin = req.headers.origin;

  if (origin) {
    const parsedUrl = url.parse(origin, true, true);

    // FIXME
    if (parsedUrl.hostname == "cdn.spacedeck.com") {      
      res.header('Cache-Control', "max-age");
      res.header('Expires', "30d");
      res.removeHeader("Pragma");

      respond(origin, req, res, next);
    } else {
      Team.getTeamForHost(parsedUrl.hostname, (err, team, subdomain) => {
        if (team) {
          respond(origin, req, res, next);
        } else {
          next();
        }
      });
    }

  } else {
    next();
  }
}
initial commit. 2017-04-07 01:29:05 +02:00			`'use strict';`

			`require('../models/schema');`
			`const config = require('config');`
			`const url = require('url');`

			`function respond(origin, req, res, next) {`
			`res.header('Access-Control-Allow-Origin', origin);`
			`res.header('Access-Control-Allow-Credentials', true);`
			`res.header('Access-Control-Max-Age', 60 * 60 * 24);`
			`res.header('Access-Control-Expose-Headers', 'Accepts, Content-Type, X-Spacedeck-Space-Role, X-Spacedeck-Channel, X-Spacedeck-Spacepassword, X-Spacedeck-Auth, X-Spacedeck-Space-Auth');`
			`res.header('Access-Control-Allow-Headers', 'Accepts, Accept-Language, Accept-Encoding, Accept-Language, Content-Type, X-Spacedeck-Space-Auth, X-Spacedeck-Space-Role, X-Spacedeck-Channel, X-Spacedeck-Spacepassword, X-Spacedeck-Auth');`
			`res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');`

			`if (req.method == 'OPTIONS') {`
			`res.sendStatus(204);`
			`} else {`
			`next();`
			`}`
			`}`

			`module.exports = (req, res, next) => {`
			`const origin = req.headers.origin;`

			`if (origin) {`
			`const parsedUrl = url.parse(origin, true, true);`

			`// FIXME`
			`if (parsedUrl.hostname == "cdn.spacedeck.com") {`
			`res.header('Cache-Control', "max-age");`
			`res.header('Expires', "30d");`
			`res.removeHeader("Pragma");`

			`respond(origin, req, res, next);`
			`} else {`
			`Team.getTeamForHost(parsedUrl.hostname, (err, team, subdomain) => {`
			`if (team) {`
			`respond(origin, req, res, next);`
			`} else {`
			`next();`
			`}`
			`});`
			`}`

			`} else {`
			`next();`
			`}`
			`}`