projects / vchess.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Small fix
[vchess.git] / server / app.js
diff --git a/server/app.js b/server/app.js
index aa8cade..f97d925 100644 (file)
--- a/server/app.js
+++ b/server/app.js
@@ -4,10 +4,11 @@ var path = require('path');
 var cookieParser = require('cookie-parser');
 var logger = require('morgan');
 var favicon = require('serve-favicon');
+var params = require('./config/parameters');
 
 var app = express();
 
-app.use(favicon(path.join(__dirname, "favicon", "favicon.ico")));
+app.use(favicon(path.join(__dirname, "static", "favicon.ico")));
 
 if (app.get('env') === 'development')
 {
@@ -27,16 +28,18 @@ else
 app.use(express.json());
 app.use(express.urlencoded({ extended: false }));
 app.use(cookieParser());
-app.use(express.static(path.join(__dirname, 'serve'))); //client "prod" files
+app.use(express.static(path.join(__dirname, 'static'))); //client "prod" files
 
 // In development stage the client side has its own server
-if (app.get('env') === 'development')
+if (params.cors.enable)
 {
        app.use(function(req, res, next) {
-               res.header("Access-Control-Allow-Origin", "*");
-               res.header("Access-Control-Allow-Headers",
-                       "Origin, X-Requested-With, Content-Type, Accept");
-               next();
+               res.header("Access-Control-Allow-Origin", params.cors.allowedOrigin);
+               res.header("Access-Control-Allow-Credentials", true); //for cookies
+    res.header("Access-Control-Allow-Headers",
+      "Origin, X-Requested-With, Content-Type, Accept");
+         res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE");
+    next();
        });
 }
 
Website to play original chess variants