No way to configure corsica for releases via env vars

Question

No way to configure corsica for releases via env vars

hanrelan opened this issue 8 years ago · 2 comments

Because corsica configuration happens in the endpoint, there's no way to configure corsica for releases (using distillery for example) via env vars.

If corsica used config.exs for configuration, then someone could use the standard mechanisms (REPLACE_OS_VARS) to do so.

Example:
Suppose you want to have different origins for production vs staging. You might do something like:

in staging.exs:
config :myapp, :cors, origins: ["https://staging.myapp.com"]
in prod.exs
config :myapp, :cors, origins: ["https://production.myapp.com"]
in endpoint.ex 
plug Corsica, origins: Application.get_env(:aegis, :cors)[:origins]

And this would work. However, for releases you'd use one environment and set env vars to switch between production and staging. So you'd do something like:

in release.exs:
config :myapp, :cors, origins: ["${ORIGIN}"]
in endpoint.ex 
plug Corsica, origins: Application.get_env(:aegis, :cors)[:origins]

However, this fails because the endpoint is evaluated at compile time so the origin gets set to ${ORIGIN} instead of being run through REPLACE_OS_VARS at run time.

As far as I can tell, there's no way to configure corsica for releases via env vars (I could be wrong though)

Answer 1 · 2017-03-10T08:57:32.000Z

As the documentation states, :origins accepts {module, function} tuples to enable dynamic checking of origins.

plug Corsica, origins: {__MODULE__, :check_corsica_origin}

def check_corsica_origin(origin) do
  origin in Application.get_env(:aegis, :cors)[:origins[
end

Would this work?

Answer 2 · 2017-03-10T21:33:54.000Z

Whoops, sorry missed that in the docs. That should work, thanks!