From ffaf58f274161673e1f83eada71489d5ed7193b0 Mon Sep 17 00:00:00 2001
From: koderOP <harshita.24562@sscbs.du.ac.in>
Date: Fri, 22 May 2026 02:50:51 +0530
Subject: [PATCH] configure dynamic port and cors middleware for production

---
 backend/server.js | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/backend/server.js b/backend/server.js
index e9b43f83..48d6ccfb 100644
--- a/backend/server.js
+++ b/backend/server.js
@@ -14,7 +14,17 @@ const logger = require('./logger');
 const app = express();
 
 // CORS configuration
-app.use(cors('*'));
+const allowedOrigins = ['http://localhost:5173', 'https://github-spy.etlify.app'];
+app.use(cors({
+    origin: function (origin, callback) {
+        if (!origin || allowedOrigins.indexOf(origin) !== -1) {
+            callback(null, true);
+        } else{
+            callback(new Error('Blocked by CORS policy'));
+        }
+    },
+    credentials: true
+}));
 
 // Middleware
 app.use(bodyParser.json());
@@ -33,8 +43,10 @@ app.use('/api/auth', authRoutes);
 // Connect to MongoDB
 mongoose.connect(process.env.MONGO_URI, {}).then(() => {
     logger.info('Connected to MongoDB');
-    app.listen(process.env.PORT, () => {
-        logger.info(`Server running on port ${process.env.PORT}`);
+
+    const PORT = process.env.PORT || 5000;
+    app.listen(PORT, () => {
+        logger.info(`Server running on port ${PORT}`);
     });
 }).catch((err) => {
     logger.error('MongoDB connection error', err);