enable CORS on web - allowing to connect by client app

web/Gemfile.alt

@@ -157,6 +157,8 @@ gem 'elasticsearch'
 
 gem 'logging', '1.7.2'
 
+gem 'rack-cors'
+
 
 if ENV['FASTER_PATH'] == '1'
   # https://github.com/danielpclark/faster_path

web/config/application.rb

@@ -512,5 +512,7 @@ if defined?(Bundler)
       config.latency_data_host = "http://localhost:4001"
       config.latency_data_host_auth_code = "c2VydmVyOnBhc3N3b3Jk"
       config.manual_override_installer_ends_with = "JamKazam-1.0.3776.dmg"
+      config.spa_origin = "http://beta.jamkazam.local:3000"
+      config.session_cookie_domain = ".jamkazam.local"
   end
 end

web/config/environments/development.rb

@@ -116,4 +116,8 @@ SampleApp::Application.configure do
   config.use_video_conferencing_server = true
   config.latency_data_host = "http://localhost:4001/local"
   config.latency_data_host_auth_code = "c2VydmVyOnBhc3N3b3Jk"
+
+  config.spa_origin = "http://beta.jamkazam.local:3000"
+
+  config.session_cookie_domain = ".jamkazam.local"
 end

web/config/initializers/cors.rb

@@ -0,0 +1,10 @@
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+  allow do
+    origins Rails.configuration.spa_origin
+
+    resource '*',
+      headers: :any,
+      methods: [:get, :post, :options],
+      credentials: true
+  end
+end

web/config/initializers/session_store.rb

@@ -1,6 +1,7 @@
 # Be sure to restart your server when you modify this file.
 
-SampleApp::Application.config.session_store :cookie_store, key: '_jamkazam_session'
+domain = Rails.env.production? ? ".jamkazam.com" : ".jamkazam.local"
+SampleApp::Application.config.session_store :cookie_store, key: '_jamkazam_session', domain: domain
 
 # Use the database for sessions instead of the cookie-based default,
 # which shouldn't be used to store highly confidential information