Update CORS configuration to restrict origin to specific domain

app.js

@@ -11,7 +11,12 @@ require('./config/db')()
 
 app.use(logger('dev'))
 app.use(express.json())
-app.use(cors({ origin: true, credentials: true }))
+app.use(
+  cors({
+    origin: 'https://sidali.kemdiktisaintek.go.id',
+    credentials: true,
+  })
+)
 app.use(express.urlencoded({ extended: false }))
 app.use(cookieParser(process.env.SRU51))
 // app.use(csrf( ['GET', 'HEAD', 'OPTIONS'], ['/v1/auth/login', /\/v1\/auto\//i, /v2/i]))