|
@@ -11,7 +11,7 @@ require('./config/db')()
|
|
|
|
|
|
|
|
app.use(logger('dev'))
|
|
app.use(logger('dev'))
|
|
|
app.use(express.json())
|
|
app.use(express.json())
|
|
|
-app.use(cors({ origin: true, credentials: true }))
|
|
|
|
|
|
|
+app.use(cors({ origin: 'https://dev-sidali.kemdiktisaintek.go.id', credentials: true }))
|
|
|
app.use(express.urlencoded({ extended: false }))
|
|
app.use(express.urlencoded({ extended: false }))
|
|
|
app.use(cookieParser(process.env.SRU51))
|
|
app.use(cookieParser(process.env.SRU51))
|
|
|
// app.use(csrf( ['GET', 'HEAD', 'OPTIONS'], ['/v1/auth/login', /\/v1\/auto\//i, /v2/i]))
|
|
// app.use(csrf( ['GET', 'HEAD', 'OPTIONS'], ['/v1/auth/login', /\/v1\/auto\//i, /v2/i]))
|
|
@@ -26,7 +26,6 @@ app.use((req, res) =>
|
|
|
response.error(res, { code: 404, message: 'request not found' })
|
|
response.error(res, { code: 404, message: 'request not found' })
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
-
|
|
|
|
|
app.use((err, req, res, next) => {
|
|
app.use((err, req, res, next) => {
|
|
|
if (err.code === 'EBADCSRFTOKEN') {
|
|
if (err.code === 'EBADCSRFTOKEN') {
|
|
|
response.error(res, { code: 403, message: 'invalid csrf token' })
|
|
response.error(res, { code: 403, message: 'invalid csrf token' })
|
