From 37906219074193c342638ce009ebcd800fa0f7b7 Mon Sep 17 00:00:00 2001
From: yassinedorbozgithub <yassine.dorboz.2022@gmail.com>
Date: Tue, 24 Jun 2025 11:21:51 +0100
Subject: [PATCH] fix(api): update enableCors logic

---
 api/src/main.ts | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/api/src/main.ts b/api/src/main.ts
index 7b38a68e..3279d806 100644
--- a/api/src/main.ts
+++ b/api/src/main.ts
@@ -50,17 +50,21 @@ async function bootstrap() {
 
   const settingService = app.get<SettingService>(SettingService);
   app.enableCors({
-    origin: async (origin, callback) => {
-      await settingService
-        .getAllowedOrigins()
-        .then((allowedOrigins) => {
-          if (!origin || allowedOrigins.includes(origin)) {
-            callback(null, true);
-          } else {
-            callback(new Error('Not allowed by CORS'));
-          }
-        })
-        .catch(callback);
+    origin: (origin, callback) => {
+      if (!origin) {
+        callback(null, true);
+      } else {
+        settingService
+          .getAllowedOrigins()
+          .then((allowedOrigins) => {
+            if (allowedOrigins.includes(origin)) {
+              callback(null, true);
+            } else {
+              callback(new Error(`Not allowed by CORS : ${origin}`));
+            }
+          })
+          .catch(callback);
+      }
     },
     methods: config.security.cors.methods,
     credentials: config.security.cors.allowCredentials,