foxerBN/crm-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add internal chat system and network access support

Browse Source 
- Add messages table schema with soft delete support
- Add message service, controller and routes
- Update CORS to allow local network IPs
- Update server to listen on 0.0.0.0
- Fix cookie sameSite for local network development

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
richardtekula
2026-01-15 10:13:14 +01:00
parent 70fa080455
commit 2a9377ce3d
7 changed files with 470 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/app.js
View File

@@ -27,6 +27,7 @@ import timeTrackingRoutes from './routes/time-tracking.routes.js';
import noteRoutes from './routes/note.routes.js';
import auditRoutes from './routes/audit.routes.js';
import eventRoutes from './routes/event.routes.js';
import messageRoutes from './routes/message.routes.js';
const app = express();
@@ -53,9 +54,33 @@ app.use(
})
);
// CORS configuration
// CORS configuration - allow local network access
const corsOptions = {
origin: process.env.CORS_ORIGIN || 'http://localhost:5173',
origin: (origin, callback) => {
// Allow requests with no origin (mobile apps, curl, etc.)
if (!origin) return callback(null, true);
// Allow localhost and local network IPs
const allowedPatterns = [
/^http:\/\/localhost(:\d+)?$/,
/^http:\/\/127\.0\.0\.1(:\d+)?$/,
/^http:\/\/192\.168\.\d{1,3}\.\d{1,3}(:\d+)?$/,
/^http:\/\/10\.\d{1,3}\.\d{1,3}\.\d{1,3}(:\d+)?$/,
/^http:\/\/172\.(1[6-9]|2\d|3[01])\.\d{1,3}\.\d{1,3}(:\d+)?$/,
];
// Check if origin matches allowed patterns or CORS_ORIGIN env
const corsOrigin = process.env.CORS_ORIGIN;
if (corsOrigin && origin === corsOrigin) {
return callback(null, true);
}
if (allowedPatterns.some(pattern => pattern.test(origin))) {
return callback(null, true);
}
callback(new Error('Not allowed by CORS'));
},
credentials: true,
optionsSuccessStatus: 200,
};
@@ -96,6 +121,7 @@ app.use('/api/time-tracking', timeTrackingRoutes);
app.use('/api/notes', noteRoutes);
app.use('/api/audit-logs', auditRoutes);
app.use('/api/events', eventRoutes);
app.use('/api/messages', messageRoutes);
// Basic route
app.get('/', (req, res) => {