add CORS configuration

joseph0x45 · Jan 26, 2024 · a5de63c · a5de63c
1 parent db87b37
commit a5de63c
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 10 deletions.
diff --git a/go.mod b/go.mod
@@ -31,6 +31,7 @@ require (
 	github.com/docker/go-connections v0.4.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
 	github.com/go-chi/chi/v5 v5.0.11 // indirect
+	github.com/go-chi/cors v1.2.1 // indirect
 	github.com/gofiber/template v1.8.2 // indirect
 	github.com/gofiber/utils v1.1.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect

diff --git a/go.sum b/go.sum
@@ -35,6 +35,8 @@ github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4
 github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
 github.com/go-chi/chi/v5 v5.0.11 h1:BnpYbFZ3T3S1WMpD79r7R5ThWX40TaFB7L31Y8xqSwA=
 github.com/go-chi/chi/v5 v5.0.11/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
+github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4=
+github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
 github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/gofiber/fiber/v2 v2.51.0 h1:JNACcZy5e2tGApWB2QrRpenTWn0fq0hkFm6k0C86gKQ=

diff --git a/internal/store/users_test.go b/internal/store/users_test.go
@@ -3,17 +3,16 @@ package store
 import (
 	"errors"
 	"fmt"
-	"log"
-	"os"
-	"testing"
-	"time"
-	"visio/internal/types"
-
 	"github.com/jmoiron/sqlx"
 	"github.com/lib/pq"
 	_ "github.com/lib/pq"
 	"github.com/ory/dockertest/v3"
 	"github.com/stretchr/testify/require"
+	"log"
+	"os"
+	"testing"
+	"time"
+	"visio/internal/types"
 )
 
 const (
@@ -82,9 +81,6 @@ func TestMain(m *testing.M) {
 	os.Exit(code)
 }
 
-// TODO: As an improvement, we might consider to use a migration folder
-//
-// github.com/golang-migrate/migrate
 func migrateTestDB(db *sqlx.DB) error {
 	q := `
 create table if not exists users (

diff --git a/main.go b/main.go
@@ -6,6 +6,7 @@ import (
 	"github.com/Kagami/go-face"
 	"github.com/go-chi/chi/v5"
 	chiMiddleware "github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/cors"
 	"github.com/joho/godotenv"
 	"log/slog"
 	"net/http"
@@ -49,6 +50,14 @@ func main() {
 	uploadMiddleware := middlewares.NewUploadMiddleware(appLogger)
 
 	r := chi.NewRouter()
+	r.Use(cors.Handler(cors.Options{
+		AllowedOrigins:   []string{"https://*", "http://*"},
+		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
+		ExposedHeaders:   []string{"Link"},
+		AllowCredentials: false,
+		MaxAge:           300,
+	}))
 	r.Use(chiMiddleware.RequestID)
 
 	r.Get("/public/output.css", func(w http.ResponseWriter, r *http.Request) {
@@ -72,7 +81,7 @@ func main() {
 		r.Post("/auth", authHandler.Authenticate)
 	})
 
-  r.With(authMiddleware.CookieAuth).Delete("/keys", appHandler.RevokeKey)
+	r.With(authMiddleware.CookieAuth).Delete("/keys", appHandler.RevokeKey)
 
 	r.Route("/faces", func(r chi.Router) {
 		r.With(authMiddleware.KeyAuth).With(uploadMiddleware.HandleUploads(1)).Post("/", faceHandler.SaveFace)