Cors layer added

header, origin and method limitations

backend/src/env.rs

@@ -2,15 +2,18 @@
 pub struct Env {
     pub db_url: String,
     pub token_secret: String,
+    pub origin: String
 }
 
 impl Env {
     pub fn load() -> Env {
         let db_url = std::env::var("DATABASE_URL").expect("DATABASE_URL must be set");
         let token_secret = std::env::var("TOKEN_SECRET").expect("TOKEN_SECRET must be set");
+        let origin = std::env::var("ORIGIN").expect("ORIGIN must be set")
         Env {
             db_url,
             token_secret,
+            origin
         }
     }
 }