From d4b782964e8aa4f335daf57e66619eaeb637ccfb Mon Sep 17 00:00:00 2001
From: Heryan Djaruma <heryandjaruma@gmail.com>
Date: Fri, 16 May 2025 18:32:13 +0700
Subject: [PATCH] add cors; exempt logout from cors

---
 functions/src/middlewares/csrf_middleware.ts | 1 +
 functions/src/server.ts                      | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/functions/src/middlewares/csrf_middleware.ts b/functions/src/middlewares/csrf_middleware.ts
index a00c3ed..84185fe 100644
--- a/functions/src/middlewares/csrf_middleware.ts
+++ b/functions/src/middlewares/csrf_middleware.ts
@@ -6,6 +6,7 @@ const csrfExemptRoutes = [
   "/auth/login",
   "/auth/register",
   "/auth/session-login",
+  "/auth/logout",
   // "/auth/reset-password",
 ];
 
diff --git a/functions/src/server.ts b/functions/src/server.ts
index 35e802a..0d4852c 100644
--- a/functions/src/server.ts
+++ b/functions/src/server.ts
@@ -15,6 +15,8 @@ const corsOptions: CorsOptions = {
     "http://localhost:5173",
     "https://garudahacks.com",
     "https://www.garudahacks.com",
+    "https://portal.garudahacks.com",
+    "https://www.portal.garudahacks.com",
   ],
   credentials: true,
   allowedHeaders: ["Content-Type", "Authorization", "X-XSRF-TOKEN"],