add custom origin check

aayushmau5 · Jun 2, 2024 · caff5da · caff5da
1 parent 0dc104e
commit caff5da
Show file tree

Hide file tree

Showing 8 changed files with 14 additions and 7 deletions.
diff --git a/config/prod.exs b/config/prod.exs
@@ -15,11 +15,7 @@ config :accumulator, Accumulator.Mailer, adapter: Resend.Swoosh.Adapter
 # before starting your production server.
 config :accumulator, AccumulatorWeb.Endpoint,
   cache_static_manifest: "priv/static/cache_manifest.json",
-  check_origin: [
-    "https://aayushsahu.com",
-    "https://phoenix-aayushsahu-com.fly.dev",
-    "https://phoenix.aayushsahu.com/"
-  ]
+  check_origin: {Accumulator.Origin, :my_check_origin?, []}
 
 # Do not print debug messages in production
 config :logger, level: :info

diff --git a/lib/accumulator/origin.ex b/lib/accumulator/origin.ex
@@ -0,0 +1,12 @@
+defmodule Accumulator.Origin do
+  @allowed_hosts ["aayushsahu.com", "phoenix.aayushsahu.com"]
+
+  def my_check_origin?(%URI{scheme: scheme, host: host} = _uri) do
+    case scheme do
+      "moz-extension" -> true
+      "chrome-extension" -> true
+      "https" -> if host in @allowed_hosts, do: true, else: false
+      _ -> false
+    end
+  end
+end
diff --git a/lib/accumulator_web/endpoint.ex b/lib/accumulator_web/endpoint.ex
@@ -60,6 +60,5 @@ defmodule AccumulatorWeb.Endpoint do
 
   socket "/extension", AccumulatorWeb.ExtensionSocket,
     websocket: true,
-    longpoll: false,
-    check_origin: false
+    longpoll: false
 end
diff --git a/priv/static/fonts/OverpassMono-Bold.ttf b/priv/static/fonts/OverpassMono-Bold.ttf
diff --git a/priv/static/fonts/OverpassMono-Light.ttf b/priv/static/fonts/OverpassMono-Light.ttf
diff --git a/priv/static/fonts/OverpassMono-Medium.ttf b/priv/static/fonts/OverpassMono-Medium.ttf
diff --git a/priv/static/fonts/OverpassMono-Regular.ttf b/priv/static/fonts/OverpassMono-Regular.ttf
diff --git a/priv/static/fonts/OverpassMono-SemiBold.ttf b/priv/static/fonts/OverpassMono-SemiBold.ttf