Ft/frontend url

README.md

@@ -175,4 +175,3 @@ Remember that this project is licensed under the MIT license, and by submitting
 ### Attribution
 
 These contribution guidelines have been adapted from [this good-Contributing.md-template](https://gist.github.com/PurpleBooth/b24679402957c63ec426).
-

api/controllers/user.js

@@ -77,7 +77,6 @@ module.exports = {
         return response.success(res, 200, newUser);
       }
       return response.success(res, 200, user);
-
     } catch (error) {
       return response.error(res, 500, error.message);
     }

config/secret.js

@@ -28,5 +28,6 @@ module.exports = {
   jwtSecret: process.env.JWT_SECRET,
   frontEndUrl: process.env.FRONT_END_URL,
   USER_MAIL: process.env.USER_MAIL,
-  PASSWORD_MAIL: process.env.PASSWORD_MAIL
+  PASSWORD_MAIL: process.env.PASSWORD_MAIL,
+  API_CONSUME_URL: process.env.API_CONSUME_URL
 };

server.js

@@ -4,14 +4,21 @@ const cors = require('cors');
 const helmet = require('helmet');
 const logger = require('morgan');
 const apiRouter = require('./api');
-// const keys = require('./config/secret');
+const keys = require('./config/secret');
 // const jwt = require('./api/helpers/jwt');
 const socialStrategies = require('./api/middleware/authStrategies');
 
 const server = express();
 
 server.use(helmet());
-server.use(cors());
+
+server.use(
+  cors({
+    origin: keys.API_CONSUME_URL,
+    credentials: true
+  })
+);
+
 server.use(logger('dev'));
 server.use(express.json());
 
@@ -34,9 +41,13 @@ server.all('*', (req, res) => {
 // eslint-disable-next-line no-unused-vars
 server.use(function errors(err, req, res, next) {
   if (err.message === 'An unknown file format not allowed') {
-    return res.status(400).json({ message: 'File type must be jpg or png' });
+    return res.status(400).json({
+      message: 'File type must be jpg or png'
+    });
   }
-  return res.status(500).json({ err });
+  return res.status(500).json({
+    err
+  });
 });
 
 module.exports = server;