From c440b09a9f00a79e2c196f7744842b723b4acbf2 Mon Sep 17 00:00:00 2001
From: "beetles-ai[bot]" <221859081+beetles-ai[bot]@users.noreply.github.com>
Date: Thu, 2 Oct 2025 13:35:01 +0000
Subject: [PATCH] Patch for src/server.ts

---
 src/server.ts | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/server.ts b/src/server.ts
index a4dbee2..9b0168c 100644
--- a/src/server.ts
+++ b/src/server.ts
@@ -41,9 +41,16 @@ app.use(
 console.log(process.env.MENTOR_FRONTEND_URL!, process.env.STUDENT_FRONTEND_URL!)
 
 app.use(express.json());
+const allowedOrigins = ['http://localhost:3000', 'https://example.com']; // Replace with your actual origins
 app.use(cors({
-  origin:  "*",
-  credentials: true
+origin: (origin, callback) => {
+if (allowedOrigins.includes(origin) || !origin) {
+callback(null, true);
+} else {
+callback(new Error('Not allowed by CORS'));
+}
+},
+credentials: true
 }));
 
 const server = http.createServer(app);