diff --git a/api/Cargo.lock b/api/Cargo.lock index 586f2e6..3f6befa 100644 --- a/api/Cargo.lock +++ b/api/Cargo.lock @@ -207,9 +207,9 @@ dependencies = [ [[package]] name = "crates_io_api" -version = "0.8.2" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0346712abc6ffc5b287637815c838f6126ff62df37f12806fa029e66c0ec285c" +checksum = "cb0122a67287f6795360b83a542cf2fbb3eb57a42729966c9ac792598c909902" dependencies = [ "chrono", "futures", diff --git a/api/Cargo.toml b/api/Cargo.toml index 6c26e35..c59290b 100644 --- a/api/Cargo.toml +++ b/api/Cargo.toml @@ -17,7 +17,7 @@ rust-version = "1.71" [dependencies] anyhow = "1" axum = "0.7.2" -crates_io_api = "0.8" +crates_io_api = "0.9" env_logger = "0.10" http-body-util = "0.1.0" serde_json = "1.0.107" diff --git a/api/src/main.rs b/api/src/main.rs index e2c4a13..c494727 100644 --- a/api/src/main.rs +++ b/api/src/main.rs @@ -11,14 +11,17 @@ use axum::{ extract::Path, http::{ header::{ACCEPT, AUTHORIZATION}, - HeaderValue, Method, StatusCode, + request, HeaderValue, Method, StatusCode, }, response::IntoResponse, routing::get, Json, Router, }; use std::time::Duration; -use tower_http::{cors::CorsLayer, trace::TraceLayer}; +use tower_http::{ + cors::{AllowOrigin, CorsLayer}, + trace::TraceLayer, +}; use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt}; #[tokio::main] @@ -58,7 +61,12 @@ fn app() -> Router { ) .layer( CorsLayer::new() - .allow_origin("http://localhost:3000".parse::().unwrap()) + .allow_origin(AllowOrigin::predicate( + |origin: &HeaderValue, _request_parts: &request::Parts| { + origin.as_bytes() == b"http://localhost:3000" + || origin.as_bytes().ends_with(b".vercel.app") + }, + )) .allow_methods([Method::GET]) .allow_headers([AUTHORIZATION, ACCEPT]) .max_age(Duration::from_secs(60) * 5),