fix(api): resolve allowed_domains redis bug

2025-05-05 13:24:37 +00:00 · 2025-04-12 04:58:56 +01:00 · 2025-04-12 04:58:56 +01:00 · 36fa34b303
commit 36fa34b303
parent 66a8b1b940
4 changed files with 9 additions and 9 deletions
--- a/api/src/main.ts
+++ b/api/src/main.ts
@ -50,11 +50,11 @@ async function bootstrap() {
  const settingService = app.get<SettingService>(SettingService);
  app.enableCors({
-    origin: (origin, callback) => {
+    origin: async (origin, callback) => {
-      settingService
+      await settingService
        .getAllowedOrigins()
        .then((allowedOrigins) => {
-          if (!origin || allowedOrigins.has(origin)) {
+          if (!origin || allowedOrigins.includes(origin)) {
            callback(null, true);
          } else {
            callback(new Error('Not allowed by CORS'));
--- a/api/src/setting/services/setting.service.spec.ts
+++ b/api/src/setting/services/setting.service.spec.ts
@ -195,7 +195,7 @@ describe('SettingService', () => {
      expect(settingService.find).toHaveBeenCalledWith({
        label: 'allowed_domains',
      });
-      expect(result).toEqual(new Set(['*', 'https://example.com']));
+      expect(result).toEqual(['*', 'https://example.com']);
    });
  });
 });
--- a/api/src/setting/services/setting.service.ts
+++ b/api/src/setting/services/setting.service.ts
@ -135,7 +135,7 @@ export class SettingService extends BaseService<Setting> {
   * @returns A promise that resolves to a set of allowed origins
   */
  @Cacheable(ALLOWED_ORIGINS_CACHE_KEY)
-  async getAllowedOrigins() {
+  async getAllowedOrigins(): Promise<string[]> {
    const settings = (await this.find({
      label: 'allowed_domains',
    })) as TextSetting[];
@ -150,7 +150,7 @@ export class SettingService extends BaseService<Setting> {
      ...allowedDomains,
    ]);
-    return uniqueOrigins;
+    return Array.from(uniqueOrigins);
  }
  /**
--- a/api/src/websocket/utils/gateway-options.ts
+++ b/api/src/websocket/utils/gateway-options.ts
@ -54,15 +54,15 @@ export const buildWebSocketGatewayOptions = (): Partial<ServerOptions> => {
    ...(config.sockets.cookie && { cookie: config.sockets.cookie }),
    ...(config.sockets.onlyAllowOrigins && {
      cors: {
-        origin: (origin, cb) => {
+        origin: async (origin, cb) => {
          // Retrieve the allowed origins from the settings
          const app = AppInstance.getApp();
          const settingService = app.get<SettingService>(SettingService);
-          settingService
+          await settingService
            .getAllowedOrigins()
            .then((allowedOrigins) => {
-              if (origin && allowedOrigins.has(origin)) {
+              if (origin && allowedOrigins.includes(origin)) {
                cb(null, true);
              } else {
                // eslint-disable-next-line no-console