apps/gateway/src/middleware/security.ts

Metadata

Purpose: Gateway middleware for cross-cutting concerns.
Domain: applications
Language: ts
Bytes: 2923
Lines: 78
Content hash (short): c809a686
Source (start): apps/gateway/src/middleware/security.ts:1
Source (end): apps/gateway/src/middleware/security.ts:78

Indexed Symbols

isProductionLike (line 9, function) - Implements is production like for module behavior.
isOriginAllowed (line 13, function) - Implements is origin allowed for module behavior.
getAllowedOrigins (line 20, function) - Implements get allowed origins for module behavior.

Markdown Headings (if applicable)

No markdown headings detected.

Source Preview

import type { FastifyPluginAsync } from "fastify";
import { env } from "../config/env.js";
import { getEffectivePlatformSettings } from "../services/runtime-config.js";

const ALLOWED_METHODS = "GET,POST,PUT,PATCH,DELETE,OPTIONS";
const ALLOWED_HEADERS =
  "Authorization,Content-Type,Idempotency-Key,X-Correlation-Id,x-workspace-id,x-agentfield-signature,x-agentfield-delivery,x-hub-signature-256,x-github-delivery";

function isProductionLike(): boolean {
  return env.nodeEnv === "production" || env.nodeEnv === "staging";
}

function isOriginAllowed(origin: string, allowedOrigins: string[]): boolean {
  if (allowedOrigins.length === 0) {
    return true;
  }
  return allowedOrigins.includes(origin);
}

async function getAllowedOrigins(): Promise<string[]> {
  try {
    const runtime = await getEffectivePlatformSettings();
    return runtime.value.runtime.corsOrigins;
  } catch {
    return env.corsOrigins;

Metadata​

Indexed Symbols​

Markdown Headings (if applicable)​

Source Preview​

Metadata

Indexed Symbols

Markdown Headings (if applicable)

Source Preview