Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
communications-backbone communications-backbone
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 25
    • Issues 25
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge requests 1
    • Merge requests 1
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Metrics
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Package Registry
  • Analytics
    • Analytics
    • CI/CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Communications Backbone System
  • communications-backbonecommunications-backbone
  • Issues
  • #28

Closed
Open
Created Feb 14, 2023 by Dan Jones@danjonOwner5 of 5 tasks completed5/5 tasks

Make API CORS settings configurable in config settings

At present the API CORS config is hard-coded.

  • Move into config
  • Enable global config and per route config settings
    • For dev keep API addressable from named list of client origins
    • For live make API addressable from anywhere
    • Limit POST /client endpoint to localhost

At present POST /client is unauthenticated. The idea is that only we do this which also allows us to make everyone's client ids unique/sensible/consistent. So for the trials we can just ssh onto the box, curl a client and send out the credentials. Ultimately we could do something like add an initialisation step where if there are no clients it generates an admin account and does something to notify the user about the creds.

Edited Feb 15, 2023 by Dan Jones
Assignee
Assign to
SoAR-2023W07
Milestone
SoAR-2023W07
Assign milestone
Time tracking