# Server Startup CORS Display ## 🎯 Γ–zellik Server başlarken **CORS Whitelist** ve **Blacklist** otomatik olarak console'da gΓΆsterilir. --- ## πŸ“Ί Γ–rnek Output ### Whitelist ve Blacklist Varsa: ``` ___ __ __ ___ ___ ___ _ __ ___ _ _ ___ | _ )| | / \| \ | _ ) / \| |/ / | __|| \| || \ | _ \| |_| () | |) || _ \| - | ' < | _| | . || |) | |___/|____\__/|___/ |___/|_| |_|_|\_\ |___||_|\_||___/ Go Backend | v1.0.0 | Running ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ CORS Configuration (Database-Driven) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ βœ… WHITELIST (Allowed Origins): ● 1. https://nextgo.beyhano.net.tr └─ Production Next.js frontend ● 2. http://localhost:3000 └─ Local development β—‹ 3. https://staging.beyhano.net.tr └─ Staging environment (inactive) 🚫 BLACKLIST (Blocked Origins): ● 1. https://spam-site.com └─ Reason: Spam attempts detected ● 2. https://malicious-domain.com └─ Reason: Security threat Legend: ● Active | β—‹ Inactive ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ [GIN-debug] [WARNING] Running in "debug" mode... [GIN-debug] GET /v1/auth/login --> ... Server running on port 8080 ``` ### Whitelist Boşsa (Δ°lk Kurulum): ``` ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ CORS Configuration (Database-Driven) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ βœ… WHITELIST (Allowed Origins): ⚠️ No origins whitelisted! Add origins via API. 🚫 BLACKLIST (Blocked Origins): βœ… No origins blacklisted. Legend: ● Active | β—‹ Inactive ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ``` ### Database Error: ``` ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ CORS Configuration (Database-Driven) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ❌ Failed to load whitelist: database connection error ❌ Failed to load blacklist: database connection error Legend: ● Active | β—‹ Inactive ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ``` --- ## 🎨 Renk KodlarΔ± | Sembol | AnlamΔ± | Renk | |--------|--------|------| | `●` | Active (Aktif) | Yeşil | | `β—‹` | Inactive (Pasif) | KΔ±rmΔ±zΔ±/SarΔ± | | `βœ…` | Success | Yeşil | | `❌` | Error | KΔ±rmΔ±zΔ± | | `⚠️` | Warning | SarΔ± | | `🚫` | Blocked | KΔ±rmΔ±zΔ± | --- ## πŸ“‹ Bilgiler ### Whitelist Display: ``` ● 1. https://example.com └─ Description here ``` - **Numara:** SΔ±ra numarasΔ± - **Origin:** CORS izinli domain - **Description:** Opsiyonel aΓ§Δ±klama - **Status:** - `●` (Yeşil) = Active (is_active = true) - `β—‹` (KΔ±rmΔ±zΔ±) = Inactive (is_active = false) ### Blacklist Display: ``` ● 1. https://spam.com └─ Reason: Spam attempts ``` - **Numara:** SΔ±ra numarasΔ± - **Origin:** CORS yasaklΔ± domain - **Reason:** Neden yasaklandığı - **Status:** - `●` (KΔ±rmΔ±zΔ±) = Active (is_active = true) - `β—‹` (SarΔ±) = Inactive (is_active = false) --- ## πŸ”§ Kod `main.go`: ```go func displayCorsConfiguration(settingsService *services.SettingsService) { fmt.Println("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━") fmt.Println(" CORS Configuration (Database-Driven)") fmt.Println("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━") // Get Whitelist from database whitelists, err := settingsService.GetAllCorsWhitelist() // Display each whitelist entry for i, w := range whitelists { status := "●" // Active if !w.IsActive { status = "β—‹" // Inactive } fmt.Printf(" %s %d. %s\n", status, i+1, w.Origin) if w.Description != "" { fmt.Printf(" └─ %s\n", w.Description) } } // Same for blacklist... } ``` --- ## πŸš€ KullanΔ±m ### 1. Server'Δ± Başlat ```bash ./main ``` ### 2. CORS Listelerini GΓΆr Server başlarken otomatik olarak gΓΆsterilir! ### 3. Origin Ekle/Sil ```bash # Whitelist'e ekle curl -X POST http://localhost:8080/v1/settings/cors/whitelist \ -H "Authorization: Bearer $TOKEN" \ -d '{"origin":"https://newdomain.com","description":"New app"}' # Server'Δ± restart et ./main # Yeni origin liste de gΓΆrΓΌnΓΌr! ``` --- ## πŸ’‘ Avantajlar βœ… **GΓΆrΓΌnΓΌrlΓΌk** - Hangi origin'lerin izinli olduğunu hemen gΓΆrΓΌrsΓΌnΓΌz - Blacklist'te hangi domain'ler var anΔ±nda belli βœ… **Debug** - CORS 403 hatalarΔ±nΔ± anΔ±nda anlarsΔ±nΔ±z - Eksik origin'leri hemen tespit edebilirsiniz βœ… **Audit** - Server startup loglarΔ±nda CORS config kayΔ±tlΔ± kalΔ±r - Production'da hangi origin'lerin kullanΔ±ldığı belli βœ… **Security** - Blacklist'teki tehdit origin'leri gΓΆrebilirsiniz - Beklenmeyen origin'leri tespit edebilirsiniz --- ## 🎯 Production'da ### Beklenen Output: ``` ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ CORS Configuration (Database-Driven) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ βœ… WHITELIST (Allowed Origins): ● 1. https://nextgo.beyhano.net.tr └─ Production Next.js frontend ● 2. https://app.beyhano.net.tr └─ Production React app 🚫 BLACKLIST (Blocked Origins): βœ… No origins blacklisted. Legend: ● Active | β—‹ Inactive ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ``` ### Δ°lk Deploy (Whitelist Boş): ``` ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ CORS Configuration (Database-Driven) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ βœ… WHITELIST (Allowed Origins): ⚠️ No origins whitelisted! Add origins via API. 🚫 BLACKLIST (Blocked Origins): βœ… No origins blacklisted. Legend: ● Active | β—‹ Inactive ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ``` **Hemen origin ekleyin:** ```bash ./fix-cors-403.sh ``` --- ## πŸ“ Notlar - βœ… **Database-driven:** Her server restart'ta database'den okunur - βœ… **Real-time:** Origin ekleme/silme sonrasΔ± restart gerekir - βœ… **Color-coded:** Aktif/Pasif origin'ler farklΔ± renkte - βœ… **Descriptive:** Her origin iΓ§in aΓ§Δ±klama gΓΆsterilir - βœ… **Error handling:** Database bağlantΔ± hatalarΔ± gΓΆsterilir --- ## βœ… SonuΓ§ **Server startup'ta CORS configuration artΔ±k gΓΆrΓΌnΓΌr!** - Whitelist ve blacklist otomatik gΓΆsterilir - Renk kodlarΔ± ile kolay okunur - Production'da hangi origin'lerin aktif olduğu belli - Debug ve troubleshooting kolaylaşır **TΓΌm değişiklikler `main.go` dosyasΔ±nda!**