From 378f96cb50f1331a850939e1ee527deb30004dcc Mon Sep 17 00:00:00 2001
From: gazev <goncalo.r.azevedo@tecnico.ulisboa.pt>
Date: Thu, 14 Nov 2024 21:20:16 +0000
Subject: [PATCH] feat: add CORS support

---
 .env.example        | 15 +++++++++------
 README.md           |  5 ++++-
 app/__init__.py     |  4 ++++
 app/config.py       | 17 ++++++++++-------
 docker-compose.yaml |  6 ++++--
 5 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/.env.example b/.env.example
index 3db1626..222a037 100644
--- a/.env.example
+++ b/.env.example
@@ -1,14 +1,17 @@
 # Please provided relative paths with ./ or things can break :)
 
-SESSION_DIR="./data/flask_sessions/"
-SESSION_LIFETIME="3600"
+SESSION_DIR="data/flask_sessions/"
+SESSION_LIFETIME="10800" # 3 hours
 
-DATABASE_PATH="./data/hackerschool.sqlite3"
-ROLES_PATH="./data/roles.json"
-PHOTOS_DIR="./data/photos/"
+DATABASE_PATH="data/hackerschool.sqlite3"
+ROLES_PATH="data/roles.json"
+PHOTOS_DIR="data/photos/"
+MAX_FILE_UPLOAD_LENGTH="16777216" # 16 MiB
 
 LOG_LEVEL="INFO"
-LOGS_PATH="./data/logs/app.log"
+LOGS_PATH="data/logs/app.log"
 
 ADMIN_USERNAME="admin"
 ADMIN_PASSWORD="admin"
+
+FRONTEND_URI="http://localhost:3000"
diff --git a/README.md b/README.md
index ab362c7..0e83922 100644
--- a/README.md
+++ b/README.md
@@ -52,6 +52,7 @@ source .venv/bin/activate
 pip install -r requirements.txt
 ```
 4. **Setup environment variables**: Create a `.env` file and add any necessary environment variables (see [Environment Variables](#environment-variables) section).
+
 5. **Setup the database and create an admin user**:
 ```bash
 flask init-db
@@ -64,7 +65,9 @@ flask run --debug
 
 
 ### Docker Setup (Optional)
-1. **Create all application-data folders**: `docker compose` will mount the database and required folders into the container. For this you need to initialize the database, please refer to the [installation steps 1 to 5](#installation) to set this up.
+1. **Create all application-data folders**: 
+`docker compose` will mount the database and required folders into the container. For this you need to initialize the database, please refer to the [installation steps 1 to 5](#installation) to set this up.
+
 1. **Build the docker image**:
 ```bash
 docker compose build
diff --git a/app/__init__.py b/app/__init__.py
index 1323d2f..3eba0f6 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -2,6 +2,7 @@
 import logging
 
 from flask import Flask
+from flask_cors import CORS
 
 from app.config import Config
 from app.extensions import session
@@ -23,6 +24,9 @@ def create_app(config_class=Config):
     register_error_handlers(flask_app)
     register_commands(flask_app)
 
+    if (frontend_uri := flask_app.config.get("FRONTEND_URI", "")) != "":
+        CORS(flask_app, origins=[frontend_uri], supports_credentials=True)
+
     setup_logger(flask_app)
 
     return flask_app
diff --git a/app/config.py b/app/config.py
index 583e2df..e1c97cf 100644
--- a/app/config.py
+++ b/app/config.py
@@ -27,20 +27,23 @@ class Config:
     SESSION_TYPE                 = "filesystem"
     PERMANENT_SESSION            = True 
     SESSION_REFRESH_EACH_REQUEST = False
-    PERMANENT_SESSION_LIFETIME   = _get_int_env_or_default("SESSION_LIFETIME", 12 * 60 * 60)
-    SESSION_KEY_PREFIX           = _get_env_or_default("SESSION_KEY_PREFIX", "hs_session_")
-    SESSION_FILE_DIR             = os.path.join(basedir, _get_env_or_default("SESSION_DIR", "data/flask_sessions/")).rstrip("/")
+    SESSION_KEY_PREFIX           = "hs_session_"
 
-    ROLES_PATH = os.path.join(basedir, _get_env_or_default("ROLES_PATH", "data/roles.json"))
+    PERMANENT_SESSION_LIFETIME   = _get_int_env_or_default("SESSION_LIFETIME", 3 * 60 * 60)
+    SESSION_FILE_DIR             = os.path.join(basedir, _get_env_or_default("SESSION_DIR", "data/flask_sessions/")).rstrip("/")
 
     DATABASE_PATH           = os.path.join(basedir, _get_env_or_default("DATABASE_PATH", "data/hackerschool.sqlite3"))
     SQLALCHEMY_DATABASE_URI = 'sqlite:///' + DATABASE_PATH
 
+    ROLES_PATH = os.path.join(basedir, _get_env_or_default("ROLES_PATH", "data/roles.json"))
+
     PHOTOS_DIR         = os.path.join(basedir, _get_env_or_default("PHOTOS_DIR", "data/photos/")).rstrip("/")
-    MAX_CONTENT_LENGTH = _get_int_env_or_default("MAX_PHOTO_SIZE", 16 * 1000 * 1000) ## max pohto size
+    MAX_CONTENT_LENGTH = _get_int_env_or_default("MAX_FILE_UPLOAD_LENGTH", 16 * 1024 * 1024)
 
     LOGS_PATH = os.path.join(basedir, _get_env_or_default("LOGS_PATH", ""))
     LOG_LEVEL = _get_env_or_default("LOG_LEVEL", "INFO")
 
-    ADMIN_USERNAME = _get_env_or_default("ADMIN_USERNAME", "")
-    ADMIN_PASSWORD = _get_env_or_default("ADMIN_PASSWORD", "")
\ No newline at end of file
+    FRONTEND_URI = _get_env_or_default("FRONTEND_URI", "http://localhost:3000")
+
+    ADMIN_USERNAME = _get_env_or_default("ADMIN_USERNAME", "admin")
+    ADMIN_PASSWORD = _get_env_or_default("ADMIN_PASSWORD", "admin")
\ No newline at end of file
diff --git a/docker-compose.yaml b/docker-compose.yaml
index f7b778c..346419f 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -15,6 +15,8 @@ services:
       - SESSION_DIR=/hs-api/data/flask_sessions/
       - PHOTOS_DIR=/hs-api/data/photos/
       - LOGS_PATH=/hs-api/data/logs/app.log
-      - LOG_LEVEL=INFO
-      - SESSION_LIFETIME=10800
+      - LOG_LEVEL=${LOG_LEVEL}
+      - SESSION_LIFETIME=${SESSION_LIFETIME}
+      - MAX_FILE_UPLOAD_LENGTH=${MAX_FILE_UPLOAD_LENGTH}
+      - FRONTEND_URI=${FRONTEND_URI}