From a2cd9693a31eeb44f8fc7f569251e403503ed99e Mon Sep 17 00:00:00 2001
From: Julien Calixte <julienc@bam.tech>
Date: Sun, 11 Jan 2026 23:00:47 +0100
Subject: [PATCH] feat: add localhost to cors

---
 src/main.ts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main.ts b/src/main.ts
index 7b7863a..409a58f 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -5,7 +5,7 @@ const DEEPL_API_KEY = Deno.env.get("DEEPL_AUTH_KEY");
 const BEARER_TOKEN = Deno.env.get("BEARER_TOKEN");
 const PORT = parseInt(Deno.env.get("PORT") || "8000");
 const DEEPL_API_BASE = "https://api-free.deepl.com/v2";
-const FRONTEND_URL = "https://deep-lite.netlify.app";
+const FRONTEND_URLS = ["http://localhost", "https://deep-lite.netlify.app"];
 
 if (!DEEPL_API_KEY) {
   console.error("ERROR: DEEPL_AUTH_KEY environment variable is required");
@@ -23,7 +23,7 @@ const router = new Router();
 // CORS middleware - only allow requests from the PWA frontend
 app.use(
   oakCors({
-    origin: FRONTEND_URL,
+    origin: FRONTEND_URLS,
     credentials: true,
   }),
 );
@@ -135,7 +135,7 @@ app.use(router.routes());
 app.use(router.allowedMethods());
 
 console.log(`🚀 DeepLite BFF server running on http://localhost:${PORT}`);
-console.log(`📝 CORS enabled for: ${FRONTEND_URL}`);
+console.log(`📝 CORS enabled for: ${FRONTEND_URLS}`);
 console.log(`🔒 Bearer token authentication enabled`);
 
 await app.listen({ port: PORT });