Merge pull request #14 from m-mattia-m/develop

parse host, change taraget-host with referer, remove CORS-Origin

internal/api/router.go

@@ -34,10 +34,7 @@ func Router(svc service.Service) *gin.Engine {
 	r.RedirectTrailingSlash = false
 
 	corsPolicy := cors.DefaultConfig()
-	corsPolicy.AllowOrigins = []string{
-		viper.GetString("frontend.url"),
-		fmt.Sprintf("%s://%s:%s", viper.GetString("server.scheme"), viper.GetString("server.domain"), viper.GetString("server.port")),
-	}
+	corsPolicy.AllowOrigins = []string{"*"}
 	corsPolicy.AllowHeaders = append(corsPolicy.AllowHeaders, "Authorization")
 
 	r.Use(cors.New(corsPolicy))

internal/api/v1/notification.go

@@ -43,8 +43,8 @@ func (nac *NotificationApiClient) SendNotification(c *gin.Context) {
 		return
 	}
 
-	host := c.Request.Host
-	successMessage, err := svc.SendNotification(host, notification)
+	referer := c.Request.Referer()
+	successMessage, err := svc.SendNotification(referer, notification)
 	if err != nil {
 		c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{
 			"message": helper.ValidateErrorResponse(err, "failed to send"),

internal/service/domain_notification.go

@@ -6,6 +6,7 @@ import (
 	"github.com/mailgun/mailgun-go/v4"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/viper"
+	"net/url"
 	"notify/internal/model"
 	"strings"
 	"time"
@@ -22,13 +23,18 @@ func (c *Client) SendNotification(host string, notification model.Notification)
 		return nil, err
 	}
 
+	validatedHost, err := url.Parse(host)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse host")
+	}
+
 	hosts, err := c.db.ListHosts(model.Host{ProjectId: notification.ProjectId})
 	if err != nil {
 		log.Error(err)
 		return nil, fmt.Errorf("failed to verify host")
 	}
 
-	if index := ifHostInHosts(host, hosts); hosts == nil || index == -1 || !hosts[index].Verified {
+	if index := ifHostInHosts(validatedHost.Host, hosts); hosts == nil || index == -1 || !hosts[index].Verified {
 		return nil, fmt.Errorf("failed to verify host")
 	}