Skip to content

Commit

Permalink
fix: temporary remove domain check (#14)
Browse files Browse the repository at this point in the history
  • Loading branch information
@amosmachora
amosmachora authored Sep 12, 2024
1 parent cdf4405 commit 3add5b1
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 11 deletions.
6 changes: 4 additions & 2 deletions app/api/mpesa/check-payment-state/route.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ export const POST = async (req: NextRequest) => {
}

const origin = req.headers.get("origin") ?? "";
const isAllowedOrigin = allowedOrigins.includes(origin);
// const isAllowedOrigin = allowedOrigins.includes(origin);
const isAllowedOrigin = true;

if (isAllowedOrigin) {
response.headers.set("Access-Control-Allow-Origin", origin);
Expand All @@ -59,7 +60,8 @@ export const POST = async (req: NextRequest) => {

export const OPTIONS = async (request: NextRequest) => {
const origin = request.headers.get("origin") ?? "";
const isAllowedOrigin = allowedOrigins.includes(origin);
// const isAllowedOrigin = allowedOrigins.includes(origin);
const isAllowedOrigin = true;

const preflightHeaders = {
...(isAllowedOrigin && { "Access-Control-Allow-Origin": origin }),
Expand Down
3 changes: 2 additions & 1 deletion app/api/mpesa/stk-push/route.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ type RequestBody = {

export const OPTIONS = async (request: NextRequest) => {
const origin = request.headers.get("origin") ?? "";
const isAllowedOrigin = allowedOrigins.includes(origin);
// const isAllowedOrigin = allowedOrigins.includes(origin);
const isAllowedOrigin = true;

const preflightHeaders = {
...(isAllowedOrigin && { "Access-Control-Allow-Origin": origin }),
Expand Down
10 changes: 5 additions & 5 deletions app/api/stk-push-callback/route.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,13 +37,13 @@ export const POST = async (req: NextRequest, res: NextResponse) => {
const received: STKPushSuccessfulCallbackBody = await req.json();

const origin = req.headers.get("origin") ?? "";
const isAllowedOrigin = [...allowedOrigins, ...safaricomOrigins].includes(
origin
);
// const isAllowedOrigin = [...allowedOrigins, ...safaricomOrigins].includes(
// origin
// );

const tempIsAllowedOrigin = true;
const isAllowedOrigin = true;

if (!tempIsAllowedOrigin) {
if (!isAllowedOrigin) {
return NextResponse.json({ message: "NOT-ALLOWED" }, { status: 401 });
}

Expand Down
5 changes: 2 additions & 3 deletions utils/cors.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
import { NextResponse } from "next/server";

//TODO find the URL used in production and add it here

export const allowedOrigins = [
"https://dev.kenyahmis.org",
"http://localhost:8700",
Expand All @@ -14,7 +12,8 @@ export const corsOptions = {
};

export const setCorsHeaders = (response: NextResponse, origin: string) => {
const isAllowedOrigin = allowedOrigins.includes(origin);
// const isAllowedOrigin = allowedOrigins.includes(origin);
const isAllowedOrigin = true;

if (isAllowedOrigin) {
response.headers.set("Access-Control-Allow-Origin", origin);
Expand Down

0 comments on commit 3add5b1

Please sign in to comment.