From 2ccab0a17f155157f6e8bb986bc8995c9f1cff78 Mon Sep 17 00:00:00 2001 From: valitovgaziz Date: Sat, 11 Oct 2025 11:07:43 +0500 Subject: [PATCH] add middleware for perflite requests and delete cors from user and auth handlers --- serv_nginx/api_bb/internal/handlers/auth.go | 9 ------- .../{touserresponse.go => handler_util.go} | 6 +++++ serv_nginx/api_bb/internal/handlers/user.go | 16 ------------ serv_nginx/api_bb/pkg/middleware/cors.go | 25 +++++++++++++++++++ .../api_bb/pkg/middleware/middleware.go | 2 ++ 5 files changed, 33 insertions(+), 25 deletions(-) rename serv_nginx/api_bb/internal/handlers/{touserresponse.go => handler_util.go} (74%) create mode 100644 serv_nginx/api_bb/pkg/middleware/cors.go diff --git a/serv_nginx/api_bb/internal/handlers/auth.go b/serv_nginx/api_bb/internal/handlers/auth.go index 499204f..778c973 100644 --- a/serv_nginx/api_bb/internal/handlers/auth.go +++ b/serv_nginx/api_bb/internal/handlers/auth.go @@ -48,9 +48,6 @@ func (h *AuthHandler) Routes() chi.Router { // Обработчик для OPTIONS запросов func (h *AuthHandler) handleOptions(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS") - w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization") - w.Header().Set("Access-Control-Max-Age", "300") w.WriteHeader(http.StatusOK) } @@ -71,9 +68,6 @@ type LoginRequest struct { } func (h *AuthHandler) Register(w http.ResponseWriter, r *http.Request) { - // Устанавливаем CORS заголовки - w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin")) - w.Header().Set("Access-Control-Allow-Credentials", "true") h.logger.Info("handling register request", zap.String("method", r.Method), @@ -170,9 +164,6 @@ func (h *AuthHandler) Register(w http.ResponseWriter, r *http.Request) { } func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) { - // Устанавливаем CORS заголовки - w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin")) - w.Header().Set("Access-Control-Allow-Credentials", "true") h.logger.Info("handling login request", zap.String("method", r.Method), diff --git a/serv_nginx/api_bb/internal/handlers/touserresponse.go b/serv_nginx/api_bb/internal/handlers/handler_util.go similarity index 74% rename from serv_nginx/api_bb/internal/handlers/touserresponse.go rename to serv_nginx/api_bb/internal/handlers/handler_util.go index 161a7c8..7e59198 100644 --- a/serv_nginx/api_bb/internal/handlers/touserresponse.go +++ b/serv_nginx/api_bb/internal/handlers/handler_util.go @@ -2,6 +2,7 @@ package handlers import ( "api_bb/internal/models" + "net/http" ) // Общая функция для преобразования User в UserResponse @@ -20,3 +21,8 @@ func toUserResponse(user *models.User) UserResponse { UpdatedAt: user.UpdatedAt, } } + +// Обработчик для OPTIONS запросов +func (h *UserHandler) handleOptions(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) +} diff --git a/serv_nginx/api_bb/internal/handlers/user.go b/serv_nginx/api_bb/internal/handlers/user.go index 5061b74..0574b85 100644 --- a/serv_nginx/api_bb/internal/handlers/user.go +++ b/serv_nginx/api_bb/internal/handlers/user.go @@ -43,14 +43,6 @@ func (h *UserHandler) Routes() chi.Router { return r } -// Обработчик для OPTIONS запросов -func (h *UserHandler) handleOptions(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Methods", "PUT, GET, OPTIONS") - w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization") - w.Header().Set("Access-Control-Max-Age", "300") - w.WriteHeader(http.StatusOK) -} - type UserResponse struct { ID uint `json:"id"` Email string `json:"email"` @@ -66,9 +58,6 @@ type UserResponse struct { } func (h *UserHandler) GetProfile(w http.ResponseWriter, r *http.Request) { - // Устанавливаем CORS заголовки - w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin")) - w.Header().Set("Access-Control-Allow-Credentials", "true") h.logger.Info("handling get profile request", zap.String("method", r.Method), @@ -101,11 +90,6 @@ type UpdateProfileRequest struct { } func (h *UserHandler) UpdateProfile(w http.ResponseWriter, r *http.Request) { - // Устанавливаем CORS заголовки - w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin")) - w.Header().Set("Access-Control-Allow-Credentials", "true") - w.Header().Set("Access-Control-Allow-Methods", "PUT, OPTIONS") - w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization") h.logger.Info("handling update profile request", zap.String("method", r.Method), diff --git a/serv_nginx/api_bb/pkg/middleware/cors.go b/serv_nginx/api_bb/pkg/middleware/cors.go new file mode 100644 index 0000000..7d006ce --- /dev/null +++ b/serv_nginx/api_bb/pkg/middleware/cors.go @@ -0,0 +1,25 @@ +// pkg/middleware/cors.go +package middleware + +import ( + "net/http" +) + +// CORS middleware для обработки preflight запросов +func CORS(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // Устанавливаем CORS заголовки + w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin")) + w.Header().Set("Access-Control-Allow-Credentials", "true") + w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS") + w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Requested-With") + + // Если это OPTIONS запрос (preflight), сразу отвечаем + if r.Method == "OPTIONS" { + w.WriteHeader(http.StatusOK) + return + } + + next.ServeHTTP(w, r) + }) +} \ No newline at end of file diff --git a/serv_nginx/api_bb/pkg/middleware/middleware.go b/serv_nginx/api_bb/pkg/middleware/middleware.go index 265f6cc..7b3488f 100644 --- a/serv_nginx/api_bb/pkg/middleware/middleware.go +++ b/serv_nginx/api_bb/pkg/middleware/middleware.go @@ -9,6 +9,8 @@ import ( func CommonMiddleware() []func(http.Handler) http.Handler { return []func(http.Handler) http.Handler{ + CORS, + middleware.Logger, ZapLogger, middleware.Recoverer, middleware.RequestID,