From 83ac69ac711642cbeae83f20c8bf535de4807c88 Mon Sep 17 00:00:00 2001
From: faisolavolut <faisol@avolut.com>
Date: Tue, 11 Nov 2025 11:02:22 +0700
Subject: [PATCH] fix: simplify cache key handling in CORS middleware

---
 src/app.ts | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index 6ccdfd6..62a27de 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -56,16 +56,7 @@ app.use((req, res, next) => {
       // being present on OPTIONS. To improve reliability we also accept a
       // clientKey via query parameter and fall back to matching the origin
       // against the `whitelistcors` table below.
-      const clientKey = (
-        req.header("x-tenant-key") ||
-        req.header("X-TENANT-KEY") ||
-        req.header("X-Tenant-Key") ||
-        (req.query && (req.query.clientKey || req.query.client_key)) ||
-        ""
-      )
-        .toString()
-        .trim();
-      const cacheKey = clientKey || "__default__";
+      const cacheKey = "__default__";
 
       (async () => {
         try {
@@ -77,7 +68,7 @@ app.use((req, res, next) => {
             .filter(Boolean);
 
           const originCors = await db.whitelistcors.findFirst({
-            where: { origin: origin, is_active: "Y" },
+            where: { is_active: "Y" },
           });
           if (originCors) {
             allowedOrigins.push(originCors.origin);