From 4fbf9cc45b0d8bbc0341eb1f7f170d0e344ce507 Mon Sep 17 00:00:00 2001
From: Joe Banks <joseph@josephbanks.me>
Date: Mon, 14 Dec 2020 18:50:56 +0000
Subject: Change how the ALLOWED_HOSTS environment variable sets CORS

---
 backend/__init__.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'backend')

diff --git a/backend/__init__.py b/backend/__init__.py
index 0eddde0..f285166 100644
--- a/backend/__init__.py
+++ b/backend/__init__.py
@@ -9,13 +9,14 @@ from backend.authentication import JWTAuthenticationBackend
 from backend.route_manager import create_route_map
 from backend.middleware import DatabaseMiddleware
 
+HOSTS_REGEX = r"https://(?:(?:(?:.*--)?pydis-forms\.netlify\.app)|forms\.pythondiscord\.com)"
+HAS_CUSTOM_HOST = os.getenv("ALLOWED_URL") is not None
+
 middleware = [
     Middleware(
         CORSMiddleware,
-        allow_origins=[
-            os.getenv("ALLOWED_URL", "https://forms.pythondiscord.com"),
-        ],
-        allow_origin_regex=r"https://(?:.*--)?pydis-forms\.netlify\.app/",
+        allow_origins=[os.getenv("ALLOWED_URL")] if HAS_CUSTOM_HOST else None,
+        allow_origin_regex=HOSTS_REGEX if not HAS_CUSTOM_HOST else None,
         allow_headers=[
             "Authorization",
             "Content-Type"
-- 
cgit v1.2.3