feat: enhance CORS configuration and implement throttling for API endpoints; add admin role checks in controllers

2026-04-21 08:17:44 +02:00
parent 7748ad311f
commit e370062b5c
10 changed files with 44 additions and 24 deletions
@@ -43,6 +43,7 @@ services:
      DATABASE_URL: "mysql://root:${MARIADB_ROOT_PASSWORD}@recipe-db:3306/${MARIADB_DATABASE}"
      MISTRAL_API_KEY: "${MISTRAL_API_KEY:-}"
      JWT_SECRET: "${JWT_SECRET}"
+      ALLOWED_ORIGIN: "${NEXT_PUBLIC_APP_URL}"
      ADMIN_NADMIN_PASSWORD: "${ADMIN_NADMIN_PASSWORD}"
      ADMIN_PADMIN_PASSWORD: "${ADMIN_PADMIN_PASSWORD}"
      SEED_USER1_PASSWORD: "${SEED_USER1_PASSWORD}"