[#0] Allow CORS from the known FE client

backend/config/local.yml

@@ -1,6 +1,10 @@
 server:
   port: 5913
 
+client:
+  url: http://localhost
+  port: 8080
+
 db:
   url: localhost
   port: 27017

backend/config/release.yml

@@ -1,6 +1,10 @@
 server:
   port: 443
 
+client:
+  url: TBD
+  port: TBD
+
 db:
   url: TBD
   port: 27017

backend/package.json

@@ -16,6 +16,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "@koa/cors": "^3.1.0",
     "@koa/router": "^9.4.0",
     "@types/pino": "^6.3.4",
     "axios": "^0.19.2",

backend/src/app/index.ts

@@ -1,6 +1,7 @@
 import 'reflect-metadata';
 import Koa from 'koa';
 import Router from '@koa/router';
+import cors from '@koa/cors';
 import config from 'config';
 import { Connection } from 'mongoose';
 import { Server } from 'http';
@@ -29,8 +30,10 @@ const makeRouter = (apiRouterList: Router[]): Router => {
 };
 
 const makeApp = (router: Router): Koa => {
+  const { url: clientUrl, port: clientPort } = config.get('client');
   const app = new Koa();
   app
+    .use(cors({ origin: `${clientUrl}:${clientPort}` }))
     .use(async (ctx, next) => {
       const { ip } = ctx.request;
       const rt = ctx.response.get('X-Response-Time');