From 1fcdc59b63753cd834f0f2304a60a68e07056fd7 Mon Sep 17 00:00:00 2001
From: heimoshuiyu <heimoshuiyu@gmail.com>
Date: Fri, 15 Sep 2023 19:55:05 +0800
Subject: [PATCH] fix: cors in resp

---
 cors.go | 31 -------------------------------
 main.go | 15 ++++++++++++++-
 2 files changed, 14 insertions(+), 32 deletions(-)
 delete mode 100644 cors.go

diff --git a/cors.go b/cors.go
deleted file mode 100644
index ddae754..0000000
--- a/cors.go
+++ /dev/null
@@ -1,31 +0,0 @@
-package main
-
-import (
-	"github.com/gin-gonic/gin"
-)
-
-// Middleware function to handle CORS requests
-func handleCORS(c *gin.Context) {
-	if c.Request.Method == "OPTIONS" {
-		header := c.Writer.Header()
-		header.Set("Access-Control-Allow-Origin", "*")
-		header.Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, PATCH")
-		header.Set("Access-Control-Allow-Headers", "Origin, Authorization, Content-Type")
-
-		c.AbortWithStatus(200)
-		return
-	}
-
-	c.Next()
-
-	header := c.Writer.Header()
-
-	header.Del("Access-Control-Allow-Origin")
-	header.Del("Access-Control-Allow-Methods")
-	header.Del("Access-Control-Allow-Headers")
-
-	header.Set("Access-Control-Allow-Origin", "*")
-	header.Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, PATCH")
-	header.Set("Access-Control-Allow-Headers", "Origin, Authorization, Content-Type")
-
-}
diff --git a/main.go b/main.go
index d220661..7719da7 100644
--- a/main.go
+++ b/main.go
@@ -90,7 +90,13 @@ func main() {
 	})
 
 	// CORS handler
-	engine.Use(handleCORS)
+	engine.OPTIONS("/v1/*any", func(ctx *gin.Context) {
+		header := ctx.Writer.Header()
+		header.Set("Access-Control-Allow-Origin", "*")
+		header.Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, PATCH")
+		header.Set("Access-Control-Allow-Headers", "Origin, Authorization, Content-Type")
+		ctx.AbortWithStatus(200)
+	})
 
 	// get authorization config from db
 	db.Take(&authConfig, "key = ?", "authorization")
@@ -186,6 +192,13 @@ func main() {
 		var contentType string
 		proxy.ModifyResponse = func(r *http.Response) error {
 			record.Status = r.StatusCode
+			r.Header.Del("Access-Control-Allow-Origin")
+			r.Header.Del("Access-Control-Allow-Methods")
+			r.Header.Del("Access-Control-Allow-Headers")
+			r.Header.Set("Access-Control-Allow-Origin", "*")
+			r.Header.Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, PATCH")
+			r.Header.Set("Access-Control-Allow-Headers", "Origin, Authorization, Content-Type")
+
 			if r.StatusCode != 200 {
 				body, err := io.ReadAll(r.Body)
 				if err != nil {