Parameterize docker-compose, centralize CORS, and replace secrets with placeholders for local/AWS readiness

[Deathbot545]

Motivation

• Allow the project to be run locally via docker compose with sensible defaults while making production (AWS) configuration a small env-only change.
• Remove hardcoded production URLs, credentials and secrets from code/config so sensitive values can be supplied at deploy time.
• Centralize CORS configuration so origins can be controlled by configuration/env rather than repeated hardcoded values across services.

Description

• Parameterized docker-compose.yml to read connection strings, JWT values, service base URLs and allowed origins from environment variables and added .env and .env.example with local defaults for easy local runs.
• Replaced hardcoded production DB/URL/secret values in service appsettings files (for example Food_Ordering_API/*, Menu_API/*, Order_API/*, Restaurant_API/*, Kitchen_Web/*, Food_Ordering_Web/*) with placeholders (e.g. your-db-host, change-me, https://your-domain.example).
• Added Cors:AllowedOrigins entries to appsettings.json and *Development.json files and wired the Cors__AllowedOrigins env variable into docker-compose so CORS origins are configurable at runtime.
• Updated service startup code (Program.cs in Food_Ordering_API, Restaurant_API, Menu_API, Order_API, Kitchen_Web) to use a shared static helper GetAllowedOrigins(IConfiguration) that reads Cors:AllowedOrigins (array or comma list) and to apply the resulting origins in AddCors, plus small logging simplifications for clarity.

Testing

• No automated tests were run on these changes.

---

Codex Task

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 92e47c04a8

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Split comma-separated CORS env var before returning

When Cors:AllowedOrigins is set via env (as in docker-compose.yml/.env with a comma-separated list), Get<string[]>() binds it as a single-element array containing the entire string (e.g., "http://localhost:8088,http://localhost:8089"). Because the code returns early on Length > 0, the comma-split fallback never runs, and WithOrigins(...) receives an invalid origin containing a comma, which throws at startup in the default docker-compose configuration. Consider checking for a single entry that contains commas and splitting before returning, or prefer the raw string split when the value comes from env.

Useful? React with 👍 / 👎.