Deathbot545 · Deathbot545 · Feb 1, 2026 · Feb 1, 2026 · chatgpt-codex-connector · Feb 1, 2026
diff --git a/.env b/.env
@@ -0,0 +1,18 @@
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=postgres
+
+APPLICATION_DB_CONNECTION=Host=postgres;Port=5432;Database=ApplicationDb;Username=postgres;Password=postgres
+OUTLET_DB_CONNECTION=Host=postgres;Port=5432;Database=OutletDb;Username=postgres;Password=postgres
+MENU_DB_CONNECTION=Host=postgres;Port=5432;Database=MenuDb;Username=postgres;Password=postgres
+
+MONGO_CONNECTION_STRING=mongodb://mongo:27017
+MONGO_DATABASE=FoodOrdering
+
+JWT_KEY=dev-super-secret-key
+JWT_ISSUER=dev
+JWT_AUDIENCE=dev
+
+FOOD_ORDERING_API_BASE_URL=http://food-ordering-api/
+RESTAURANT_API_BASE_URL=http://restaurant-api/
+
+ALLOWED_ORIGINS=http://localhost:8088,http://localhost:8089
diff --git a/.env.example b/.env.example
@@ -0,0 +1,20 @@
+# Local defaults - copy to .env and tweak for production/AWS
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=postgres
+
+APPLICATION_DB_CONNECTION=Host=postgres;Port=5432;Database=ApplicationDb;Username=postgres;Password=postgres
+OUTLET_DB_CONNECTION=Host=postgres;Port=5432;Database=OutletDb;Username=postgres;Password=postgres
+MENU_DB_CONNECTION=Host=postgres;Port=5432;Database=MenuDb;Username=postgres;Password=postgres
+
+MONGO_CONNECTION_STRING=mongodb://mongo:27017
+MONGO_DATABASE=FoodOrdering
+
+JWT_KEY=dev-super-secret-key
+JWT_ISSUER=dev
+JWT_AUDIENCE=dev
+
+FOOD_ORDERING_API_BASE_URL=http://food-ordering-api/
+RESTAURANT_API_BASE_URL=http://restaurant-api/
+
+# Comma-separated list of allowed origins for APIs and Kitchen_Web
+ALLOWED_ORIGINS=http://localhost:8088,http://localhost:8089
diff --git a/Food_Ordering_API/Food_Ordering_API_appsettings.Development.json b/Food_Ordering_API/Food_Ordering_API_appsettings.Development.json
@@ -2,6 +2,15 @@
   "ConnectionStrings": {
     "ApplicationDbConnection": "Host=localhost;Port=5432;Database=ApplicationDb;User ID=postgres;Password=postgres;"
   },
+  "Cors": {
+    "AllowedOrigins": [
+      "http://localhost:5002",
+      "http://localhost:5003",
+      "http://localhost:5173",
+      "http://localhost:8088",
+      "http://localhost:8089"
+    ]
+  },
   "Jwt": {
     "Key": "dev-super-secret-key-change-me",
     "Issuer": "dev",

diff --git a/Food_Ordering_API/Food_Ordering_API_appsettings.json b/Food_Ordering_API/Food_Ordering_API_appsettings.json
@@ -15,18 +15,23 @@
     }
   },
   "ConnectionStrings": {
-    "ApplicationDbConnection": "Host=restroapi.cz0qqo02m0na.eu-west-1.rds.amazonaws.com;Port=5432;Database=ApplicationDb;User ID=postgres;Password=NxPostgrsql;"
+    "ApplicationDbConnection": "Host=your-db-host;Port=5432;Database=ApplicationDb;Username=postgres;Password=change-me;"
+  },
+  "Cors": {
+    "AllowedOrigins": [
+      "https://your-domain.example"
+    ]
   },
   "Authentication": {
     "Google": {
-      "ClientId": "247244252156-cqtuh8m6k4s6mcumhkri2grnkf5g5a8d.apps.googleusercontent.com",
-      "ClientSecret": "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"
+      "ClientId": "change-me",
+      "ClientSecret": "change-me"
     }
   },
   "Jwt": {
-    "Key": "YourSecretKeyHere",
-    "Issuer": "YourIssuer",
-    "Audience": "YourAudience"
+    "Key": "change-me",
+    "Issuer": "change-me",
+    "Audience": "change-me"
   },
   "AllowedHosts": "*"
 }
diff --git a/Food_Ordering_API/Program.cs b/Food_Ordering_API/Program.cs
@@ -79,37 +79,20 @@
 // CORS
 builder.Services.AddCors(options =>
 {
+    var allowedOrigins = GetAllowedOrigins(builder.Configuration);
     options.AddPolicy("AllowMyOrigins", policy =>
     {
-        if (env.IsDevelopment())
-        {
-            policy.WithOrigins(
-                    "http://localhost:5002",
-                    "http://localhost:5003",
-                    "http://localhost:5173"
-                )
-                .AllowAnyMethod()
-                .AllowAnyHeader()
-                .AllowCredentials();
-        }
-        else
-        {
-            policy.WithOrigins(
-                    "https://restosolutionssaas.com:8443",
-                    "https://restosolutionssaas.com"
-                )
-                .AllowAnyMethod()
-                .AllowAnyHeader()
-                .AllowCredentials();
-        }
+        policy.WithOrigins(allowedOrigins)
+            .AllowAnyMethod()
+            .AllowAnyHeader()
+            .AllowCredentials();
     });
 });
 
 var app = builder.Build();
 
 // Logging + migrations
 var logger = app.Services.GetRequiredService<ILogger<Program>>();
-var cs = builder.Configuration.GetConnectionString("ApplicationDbConnection");
 logger.LogInformation("ApplicationDbConnection configured.");
 
 using (var scope = app.Services.CreateScope())
@@ -148,3 +131,20 @@
 app.MapControllers();
 
 app.Run();
+
+static string[] GetAllowedOrigins(IConfiguration configuration)
+{
+    var origins = configuration.GetSection("Cors:AllowedOrigins").Get<string[]>();
+    if (origins is { Length: > 0 })
+    {
+        return origins;
+    }
+
+    var rawOrigins = configuration["Cors:AllowedOrigins"];
+    if (!string.IsNullOrWhiteSpace(rawOrigins))
+    {
+        return rawOrigins.Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries);
+    }
+
+    throw new InvalidOperationException("Cors:AllowedOrigins is missing. Configure it in appsettings or env vars.");
+}
diff --git a/Food_Ordering_Web/appsettings.json b/Food_Ordering_Web/appsettings.json
@@ -1,28 +1,28 @@
 {
   "ConnectionStrings": {
-    "DefaultConnection": "Host=database-1.cmnkfdahsas3.eu-north-1.rds.amazonaws.com;Port=5432;Database=Food_Ordering;User Id=postgres;Password=NxPostgrsql;"
+    "DefaultConnection": "Host=your-db-host;Port=5432;Database=Food_Ordering;Username=postgres;Password=change-me;"
   },
 
   "Jwt": {
-    "Key": "YourSecretKeyHere",
-    "Issuer": "YourIssuer",
-    "Audience": "YourAudience"
+    "Key": "change-me",
+    "Issuer": "change-me",
+    "Audience": "change-me"
   },
 
   "StripeSettings": {
-    "ApiKey": "sk_test_51NjhBQFU6tKdw4REQ4sdK5t4EUN3aNkvW7Z3v9e41eXjEgfHwcnFztdPvwrRIFeGgwuMpzvkrcn8CSghhoCbJS9S006L3W13JP",
-    "WebhookSecret": "pk_test_51NjhBQFU6tKdw4RE8kO4funmhbcbtQur1zsSD3YNbNBBAYQRZqR1omJtSp4KesSL3eHKPr03uZnuCoWUK233DYvD00wd9n7wfQ"
+    "ApiKey": "change-me",
+    "WebhookSecret": "change-me"
   },
   "EmailSettings": {
     "Host": "smtp.gmail.com",
     "Port": 587,
-    "Email": "sitewebsite73@gmail.com",
-    "Password": "otrzdbifusqsiuoc"
+    "Email": "change-me@example.com",
+    "Password": "change-me"
   },
   "Authentication": {
     "Google": {
-      "ClientId": "247244252156-cqtuh8m6k4s6mcumhkri2grnkf5g5a8d.apps.googleusercontent.com",
-      "ClientSecret": "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"
+      "ClientId": "change-me",
+      "ClientSecret": "change-me"
     }
   },
   "Logging": {
@@ -33,7 +33,7 @@
     }
   },
   "ShowDetailedErrors": true,
-  "ApiBaseUrl": "https://restosolutionssaas.com/",
-  "RestaurantApiBaseUrl": "https://restosolutionssaas.com/",
+  "ApiBaseUrl": "https://your-domain.example/",
+  "RestaurantApiBaseUrl": "https://your-domain.example/",
   "AllowedHosts": "*"
 }
diff --git a/Kitchen_Web/Kitchen_Web_appsettings.Development.json b/Kitchen_Web/Kitchen_Web_appsettings.Development.json
@@ -1,5 +1,14 @@
 {
   "ApiBaseUrl": "http://localhost:5000/",
+  "Cors": {
+    "AllowedOrigins": [
+      "http://localhost:5002",
+      "http://localhost:5003",
+      "http://localhost:5173",
+      "http://localhost:8088",
+      "http://localhost:8089"
+    ]
+  },
   "Jwt": {
     "Key": "dev-super-secret-key",
     "Issuer": "dev",

diff --git a/Kitchen_Web/Kitchen_Web_appsettings.json b/Kitchen_Web/Kitchen_Web_appsettings.json
@@ -1,21 +1,26 @@
 {
   "ConnectionStrings": {
-    "DefaultConnection": "Host=database-1.cmnkfdahsas3.eu-north-1.rds.amazonaws.com;Port=5432;Database=Food_Ordering;User Id=postgres;Password=NxPostgrsql;"
+    "DefaultConnection": "Host=your-db-host;Port=5432;Database=Food_Ordering;Username=postgres;Password=change-me;"
+  },
+  "Cors": {
+    "AllowedOrigins": [
+      "https://your-domain.example"
+    ]
   },
   "StripeSettings": {
-    "ApiKey": "sk_test_51NjhBQFU6tKdw4REQ4sdK5t4EUN3aNkvW7Z3v9e41eXjEgfHwcnFztdPvwrRIFeGgwuMpzvkrcn8CSghhoCbJS9S006L3W13JP",
-    "WebhookSecret": "pk_test_51NjhBQFU6tKdw4RE8kO4funmhbcbtQur1zsSD3YNbNBBAYQRZqR1omJtSp4KesSL3eHKPr03uZnuCoWUK233DYvD00wd9n7wfQ"
+    "ApiKey": "change-me",
+    "WebhookSecret": "change-me"
   },
   "EmailSettings": {
     "Host": "smtp.gmail.com",
     "Port": 587,
-    "Email": "sitewebsite73@gmail.com",
-    "Password": "otrzdbifusqsiuoc"
+    "Email": "change-me@example.com",
+    "Password": "change-me"
   },
   "Authentication": {
     "Google": {
-      "ClientId": "247244252156-cqtuh8m6k4s6mcumhkri2grnkf5g5a8d.apps.googleusercontent.com",
-      "ClientSecret": "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"
+      "ClientId": "change-me",
+      "ClientSecret": "change-me"
     }
   },
   "Logging": {
@@ -26,7 +31,7 @@
     }
   },
   "ShowDetailedErrors": true,
-  "ApiBaseUrl": "https://restosolutionssaas.com/",
-  "RestaurantApiBaseUrl": "https://restosolutionssaas.com/",
+  "ApiBaseUrl": "https://your-domain.example/",
+  "RestaurantApiBaseUrl": "https://your-domain.example/",
   "AllowedHosts": "*"
 }
diff --git a/Kitchen_Web/Program.cs b/Kitchen_Web/Program.cs
@@ -97,26 +97,13 @@
 // CORS (env-aware)
 builder.Services.AddCors(options =>
 {
+    var allowedOrigins = GetAllowedOrigins(builder.Configuration);
     options.AddPolicy("AllowMyOrigins", policy =>
     {
-        if (env.IsDevelopment())
-        {
-            policy.WithOrigins(
-                    "http://localhost:5002",
-                    "http://localhost:5003",
-                    "http://localhost:5173"
-                )
-                .AllowAnyMethod()
-                .AllowAnyHeader()
-                .AllowCredentials();
-        }
-        else
-        {
-            policy.WithOrigins("https://restosolutionssaas.com")
-                .AllowAnyMethod()
-                .AllowAnyHeader()
-                .AllowCredentials();
-        }
+        policy.WithOrigins(allowedOrigins)
+            .AllowAnyMethod()
+            .AllowAnyHeader()
+            .AllowCredentials();
     });
 });
 
@@ -156,3 +143,20 @@
 app.MapControllers();
 
 app.Run();
+
+static string[] GetAllowedOrigins(IConfiguration configuration)
+{
+    var origins = configuration.GetSection("Cors:AllowedOrigins").Get<string[]>();
+    if (origins is { Length: > 0 })
+    {
+        return origins;
+    }
+
+    var rawOrigins = configuration["Cors:AllowedOrigins"];
+    if (!string.IsNullOrWhiteSpace(rawOrigins))
+    {
+        return rawOrigins.Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries);
+    }
+
+    throw new InvalidOperationException("Cors:AllowedOrigins is missing. Configure it in appsettings or env vars.");
+}
diff --git a/Menu_API/Menu_API_appsettings.Development.json b/Menu_API/Menu_API_appsettings.Development.json
@@ -2,6 +2,15 @@
   "ConnectionStrings": {
     "MenuDbConnection": "Host=localhost;Port=5432;Database=MenuDb;User Id=postgres;Password=postgres;"
   },
+  "Cors": {
+    "AllowedOrigins": [
+      "http://localhost:5002",
+      "http://localhost:5003",
+      "http://localhost:5173",
+      "http://localhost:8088",
+      "http://localhost:8089"
+    ]
+  },
   "Logging": {
     "LogLevel": {
       "Default": "Information",

diff --git a/Menu_API/Menu_API_appsettings.json b/Menu_API/Menu_API_appsettings.json
@@ -6,7 +6,12 @@
     }
   },
   "ConnectionStrings": {
-    "MenuDbConnection": "Host=menuapi.cz0qqo02m0na.eu-west-1.rds.amazonaws.com;Port=5432;Database=MenuDb;User Id=postgres;Password=NxPostgrsql;"
+    "MenuDbConnection": "Host=your-db-host;Port=5432;Database=MenuDb;Username=postgres;Password=change-me;"
+  },
+  "Cors": {
+    "AllowedOrigins": [
+      "https://your-domain.example"
+    ]
   },
   "AllowedHosts": "*"
-}
+}