import { NestFactory } from '@nestjs/core'; import { ValidationPipe } from '@nestjs/common'; import { ConfigService } from '@nestjs/config'; import { AppModule } from './app.module'; async function bootstrap() { const app = await NestFactory.create(AppModule); const configService = app.get(ConfigService); // Configuration globale des pipes de validation app.useGlobalPipes( new ValidationPipe({ whitelist: true, transform: true, forbidNonWhitelisted: true, }), ); // Configuration CORS selon l'environnement const environment = configService.get('NODE_ENV', 'development'); const frontendUrl = configService.get('FRONTEND_URL', 'http://localhost:3001'); if (environment === 'development') { // En développement, on autorise toutes les origines avec credentials app.enableCors({ origin: true, methods: 'GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS', credentials: true, }); console.log('CORS configured for development environment (all origins allowed)'); } else { // En production, on restreint les origines autorisées const allowedOrigins = [frontendUrl]; // Ajouter d'autres origines si nécessaire (ex: sous-domaines, CDN, etc.) const additionalOrigins = configService.get('ADDITIONAL_CORS_ORIGINS'); if (additionalOrigins) { allowedOrigins.push(...additionalOrigins.split(',')); } app.enableCors({ origin: (origin, callback) => { // Permettre les requêtes sans origine (comme les appels d'API mobile) if (!origin || allowedOrigins.includes(origin)) { callback(null, true); } else { callback(new Error(`Origin ${origin} not allowed by CORS`)); } }, methods: 'GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS', credentials: true, maxAge: 86400, // 24 heures de mise en cache des résultats preflight }); console.log(`CORS configured for production environment with allowed origins: ${allowedOrigins.join(', ')}`); } // Préfixe global pour les routes API app.setGlobalPrefix(configService.get('API_PREFIX', 'api')); const port = configService.get('PORT', 3000); await app.listen(port); console.log(`Application is running on: http://localhost:${port}`); } bootstrap();