hyungi/tk-factory-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
48e3b58865aed535ae2054aeccb43ca4fcc9da13
tk-factory-services/system2-report/api/index.js
Hyungi Ahn 48e3b58865 fix(cors): 인앱 브라우저 CORS 차단 해결 — 카톡 WebView 대응 
- new Error() → cb(null, false): 500 에러 대신 CORS 헤더 미포함으로 거부
- *.technicalkorea.net 와일드카드 추가: 서브도메인 간 통신 보장

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-01 15:15:49 +09:00

89 lines
2.5 KiB
JavaScript
Raw Blame History

/**
* System 2 - 신고 시스템 API Server
*
* TK-FB-Project에서 추출한 workIssue(신고) 전용 서비스
*/
require('dotenv').config();
const express = require('express');
const cors = require('cors');
const rateLimit = require('express-rate-limit');
const path = require('path');
const logger = require('./utils/logger');
const { AuthenticationError, ForbiddenError } = require('./utils/errors');
const app = express();
const PORT = process.env.PORT || 3005;
app.set('trust proxy', 1);
// CORS
const allowedOrigins = [
'https://tkfb.technicalkorea.net',
'https://tkreport.technicalkorea.net',
'https://tkqc.technicalkorea.net',
'https://tkuser.technicalkorea.net',
];
if (process.env.NODE_ENV === 'development') {
allowedOrigins.push('http://localhost:30080', 'http://localhost:30180', 'http://localhost:30280');
}
app.use(cors({
origin: function(origin, cb) {
if (!origin || allowedOrigins.includes(origin) || /^https?:\/\/[a-z0-9-]+\.technicalkorea\.net$/.test(origin) || /^http:\/\/192\.168\.\d+\.\d+(:\d+)?$/.test(origin)) return cb(null, true);
cb(null, false);
},
credentials: true
}));
// Body parser
app.use(express.json({ limit: '10mb' }));
app.use(express.urlencoded({ extended: true }));
// Static files (uploads)
app.use('/uploads', express.static(path.join(__dirname, 'uploads')));
// Rate limiter
const apiLimiter = rateLimit({
windowMs: 1 * 60 * 1000,
max: 500,
message: 'API 요청 한도를 초과했습니다.',
standardHeaders: true,
legacyHeaders: false
});
app.use('/api/', apiLimiter);
// Health check
app.get('/api/health', (req, res) => {
res.json({ status: 'ok', service: 'system2-report', timestamp: new Date().toISOString() });
});
// JWT Auth middleware (middlewares/auth.js 사용)
const { requireAuth } = require('./middlewares/auth');
// Routes
const workIssueRoutes = require('./routes/workIssueRoutes');
// 인증이 필요한 API
app.use('/api/work-issues', requireAuth, workIssueRoutes);
// 404 (에러 핸들러보다 먼저 등록)
app.use((req, res) => {
res.status(404).json({ success: false, error: 'Not Found', path: req.originalUrl });
});
// Error handler
app.use((err, req, res, next) => {
const statusCode = err.statusCode || 500;
logger.error('API Error:', { error: err.message, path: req.path });
res.status(statusCode).json({
success: false,
error: '서버 오류가 발생했습니다'
});
});
app.listen(PORT, () => {
console.log(`System 2 (신고) API running on port ${PORT}`);
});
module.exports = app;
Reference in New Issue View Git Blame Copy Permalink