From 6037c81cbef7de9cb9afaad2e6a446887a3c0793 Mon Sep 17 00:00:00 2001
From: Schneider Roland <roland.schneider@extern.a1.at>
Date: Wed, 18 Jan 2023 19:01:21 +0100
Subject: [PATCH] fix dev docker-compose env cors issues

---
 docker/fitness/.env                             |  1 +
 docker/fitness/docker-compose.yml               |  1 +
 docker/fitness/service/apache2/000-default.conf | 14 +++++++-------
 docker/fitness/service/apache2/index.html       |  4 ++--
 mobileapi.http                                  |  0
 mobileapi/components/CorsFilter.php             |  2 +-
 6 files changed, 12 insertions(+), 10 deletions(-)
 create mode 100644 docker/fitness/.env
 create mode 100644 mobileapi.http

diff --git a/docker/fitness/.env b/docker/fitness/.env
new file mode 100644
index 0000000..b7cf2f8
--- /dev/null
+++ b/docker/fitness/.env
@@ -0,0 +1 @@
+FITNESS_REST_ALLOW_VERIFY_ONLY=true
\ No newline at end of file
diff --git a/docker/fitness/docker-compose.yml b/docker/fitness/docker-compose.yml
index 89f0bd7..f35a0f5 100644
--- a/docker/fitness/docker-compose.yml
+++ b/docker/fitness/docker-compose.yml
@@ -22,6 +22,7 @@ services:
       FITNESS_MAIL_PORT: 1025
       FITNESS_MAIL_USERNAME: test
       FITNESS_MAIL_PASSWORD: test
+      FITNESS_REST_ALLOW_VERIFY_ONLY: $FITNESS_REST_ALLOW_VERIFY_ONLY
 
   cutlerdb:
     image: mariadb:10.1
diff --git a/docker/fitness/service/apache2/000-default.conf b/docker/fitness/service/apache2/000-default.conf
index da2537a..dc539ee 100644
--- a/docker/fitness/service/apache2/000-default.conf
+++ b/docker/fitness/service/apache2/000-default.conf
@@ -28,15 +28,15 @@
 	#Include conf-available/serve-cgi-bin.conf
 
 	 # Always set these headers.
-     Header always set Access-Control-Allow-Origin "*"
-     Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
-     Header always set Access-Control-Max-Age "1000"
-     Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
+     #Header always set Access-Control-Allow-Origin "*"
+     #Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
+     #Header always set Access-Control-Max-Age "1000"
+     #Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
 
      # Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
-     RewriteEngine On
-     RewriteCond %{REQUEST_METHOD} OPTIONS
-     RewriteRule ^(.*)$ $1 [R=200,L]
+     # RewriteEngine On
+     # RewriteCond %{REQUEST_METHOD} OPTIONS
+     # RewriteRule ^(.*)$ $1 [R=200,L]
 
 
 </VirtualHost>
diff --git a/docker/fitness/service/apache2/index.html b/docker/fitness/service/apache2/index.html
index 79f68f5..aef23d3 100644
--- a/docker/fitness/service/apache2/index.html
+++ b/docker/fitness/service/apache2/index.html
@@ -3,9 +3,9 @@
 
     </head>
     <body>
-    <a href="fitness_web/backend/web/index.php">Fitness Web Backend</a>
+    <a href="cutler/backend/web/index.php">Fitness Web Backend</a>
     <br>
-    <a href="fitness_web/frontend/web/index.php">Fitness Web Frontend</a>
+    <a href="cutler/frontend/web/index.php">Fitness Web Frontend</a>
     </body>
 
 </html>
\ No newline at end of file
diff --git a/mobileapi.http b/mobileapi.http
new file mode 100644
index 0000000..e69de29
diff --git a/mobileapi/components/CorsFilter.php b/mobileapi/components/CorsFilter.php
index 48330b5..702f084 100644
--- a/mobileapi/components/CorsFilter.php
+++ b/mobileapi/components/CorsFilter.php
@@ -33,7 +33,7 @@ class CorsFilter extends ActionFilter
         $this->request = \Yii::$app->getRequest();
         $this->response = \Yii::$app->getResponse();
         $origin = $this->request->headers->get('origin');
-        \Yii::error("origin", $origin);
+//        \Yii::error("origin is:". $origin);
 
         $isOriginAllowed = array_search($origin, $this->allowedOrigins, true);
         if ($isOriginAllowed >= 0) {