From 0100b8b6c5bdcb35a60fc339f66ba7498f7565f4 Mon Sep 17 00:00:00 2001
From: Ada Conway <ada@conway.engineer>
Date: Wed, 19 Nov 2025 18:38:17 -0700
Subject: [PATCH] fix: CORS Origin

---
 api/corsmiddleware/cors_middleware.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/api/corsmiddleware/cors_middleware.go b/api/corsmiddleware/cors_middleware.go
index aaa23cc..bb4e8f6 100644
--- a/api/corsmiddleware/cors_middleware.go
+++ b/api/corsmiddleware/cors_middleware.go
@@ -2,13 +2,14 @@ package corsmiddleware
 
 import (
 	"log"
+	"os"
 
 	"github.com/gin-gonic/gin"
 )
 
 func CORSMiddleware(c *gin.Context) {
 	log.Printf("%s", c.Request.Method)
-	c.Writer.Header().Set("Access-Control-Allow-Origin", "http://localhost:3000")
+	c.Writer.Header().Set("Access-Control-Allow-Origin", os.Getenv("ALLOWED_ORIGIN"))
 	c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
 	c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
 	c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE")