feat: add API_DOMAIN environment variable for production configuration

- Add API_DOMAIN env var to set domain/IP for API in production - Update swagger.config.js to use dynamic server URLs - Update server.js CORS configuration to use API_DOMAIN - Update env.example with new API_DOMAIN field - Add comprehensive documentation in README.md - Fixes CORS issues in Swagger docs for production deployments
2025-07-15 21:45:40 +00:00
parent ba36f96f4c
commit 91259e98c6
4 changed files with 48 additions and 8 deletions
--- a/README.md
+++ b/README.md
@@ -176,6 +176,9 @@ Edit `.env` file:
 PORT=3000
 NODE_ENV=development

+# API Domain/IP Configuration (for Swagger docs and CORS)
+API_DOMAIN=localhost:3000
+
 # Security Configuration
 ALLOW_REDEEM_DOMAINS=ln.tips,getalby.com,wallet.mutinywallet.com
 API_SECRET=your-secret-key-here
@@ -199,6 +202,34 @@ npm run dev
 npm start
 ```

+### Environment Variables
+
+#### API_DOMAIN Configuration
+The `API_DOMAIN` environment variable is used to configure the correct domain/IP for your API in production. This affects:
+
+- **Swagger Documentation**: The "Try it out" feature will use the correct server URL
+- **CORS Configuration**: Default CORS origins will use the correct protocol and domain
+- **API Documentation**: Server URLs in the documentation will be accurate
+
+**Examples:**
+```bash
+# Development
+API_DOMAIN=localhost:3000
+
+# Production with domain
+API_DOMAIN=api.yourdomain.com
+
+# Production with IP
+API_DOMAIN=192.168.1.100:3000
+
+# Production with custom port
+API_DOMAIN=yourdomain.com:8080
+```
+
+**Note**: The protocol (http/https) is automatically determined based on `NODE_ENV`:
+- `NODE_ENV=development` → `http://`
+- `NODE_ENV=production` → `https://`
+
 The API will be available at `http://localhost:3000`

 ## 🔧 Configuration
--- a/env.example
+++ b/env.example
@@ -2,10 +2,12 @@
 PORT=3000
 NODE_ENV=development

+# API Domain/IP Configuration (for Swagger docs and CORS)
+API_DOMAIN=localhost:3000
+
 # Security Configuration
 ALLOW_REDEEM_DOMAINS=*

-
 # Default Lightning Address (used when no address is provided in redeem requests)
 DEFAULT_LIGHTNING_ADDRESS=admin@your-domain.com

--- a/server.js
+++ b/server.js
@@ -10,12 +10,17 @@ const redemptionService = require('./services/redemption');
 const app = express();
 const PORT = process.env.PORT || 3000;

+// Get API domain for CORS configuration
+const apiDomain = process.env.API_DOMAIN || 'localhost:3000';
+const isProduction = process.env.NODE_ENV === 'production';
+const protocol = isProduction ? 'https' : 'http';
+
 // Middleware
 app.use(express.json({ limit: '10mb' }));
 app.use(cors({
  origin: process.env.ALLOWED_ORIGINS 
    ? process.env.ALLOWED_ORIGINS.split(',').map(o => o.trim())
-    : ['http://localhost:3000'],
+    : [`${protocol}://${apiDomain}`],
  methods: ['GET', 'POST'],
  allowedHeaders: ['Content-Type', 'Authorization']
 }));
--- a/swagger.config.js
+++ b/swagger.config.js
@@ -1,5 +1,11 @@
+require('dotenv').config();
 const swaggerJsdoc = require('swagger-jsdoc');

+// Get the API domain from environment variable, default to localhost:3000
+const apiDomain = process.env.API_DOMAIN || 'localhost:3000';
+const isProduction = process.env.NODE_ENV === 'production';
+const protocol = isProduction ? 'https' : 'http';
+
 const options = {
  definition: {
    openapi: '3.0.0',
@@ -18,12 +24,8 @@ const options = {
    },
    servers: [
      {
-        url: 'http://localhost:3000',
-        description: 'Development server'
-      },
-      {
-        url: 'https://api.example.com',
-        description: 'Production server'
+        url: `${protocol}://${apiDomain}`,
+        description: isProduction ? 'Production server' : 'Development server'
      }
    ],
    components: {