Clivern / Beaver

💨 A real time messaging system to build a scalable in-app notifications, multiplayer games, chat apps in web and mobile apps.

Home Page:https://clivern.github.io/Beaver/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CORS headers middleware

OlegBabkin opened this issue · comments

commented

Right now all requests forbidden do to cors restriction, when using the beaver from the browser. Is it possible to add cors middleware that will add required headers to the requests? All needed data can be described in the config file.

For example, the middleware may be something like that:

func Cors(allowedMethods, allowedHeaders []string, allowedOriginPattern string) gin.HandlerFunc {
	return func(c *gin.Context) {
		r := c.Request
		w := c.Writer

		w.Header().Set("Content-Type", "application/json; charset=utf-8")
		w.Header().Set("Access-Control-Allow-Methods", strings.Join(allowedMethods, ", "))
		w.Header().Set("Access-Control-Allow-Headers", strings.Join(allowedHeaders, ", "))

		reqOrigin := r.Header.Get("Origin")

		switch allowedOriginPattern {
		case "*", ".*", "/*":
			w.Header().Set("Access-Control-Allow-Origin", "*")
		default:
			if ok, _ := regexp.MatchString(allowedOriginPattern, reqOrigin); ok {
				w.Header().Set("Access-Control-Allow-Origin", reqOrigin)
			}
		}

		if r.Method == "OPTIONS" {
			c.AbortWithStatus(http.StatusOK)
		} else {
			c.Next()
		}
	}
}
commented

Or maybe better to use gin cors middleware.

commented

Cors middleware added here https://github.com/Clivern/Beaver/blob/feature/node/core/middleware/cors.go. once v2 released, this issue will get solved.

commented

cors middleware added so closing this issue