modified: serv_nginx/api_bb/internal/handlers/auth.go

modified: serv_nginx/api_bb/pkg/middleware/middleware.go set Access-Controll-Allow-Origin Origin Allow-Credentials true
2025-10-10 03:18:34 +05:00
parent 0e067c7477
commit b7252c7900
2 changed files with 58 additions and 18 deletions
@@ -28,6 +28,12 @@ func NewAuthHandler(authService service.AuthService, jwtService service.JWTServi

 func (h *AuthHandler) Routes() chi.Router {
 	r := chi.NewRouter()
+
+		// Обработка OPTIONS запросов для CORS
+	r.Options("/register", h.handleOptions)
+	r.Options("/login", h.handleOptions)
+	r.Options("/logout", h.handleOptions)
+	r.Options("/profile", h.handleOptions)
 	
 	r.Post("/register", h.Register)
 	r.Post("/login", h.Login)
@@ -37,6 +43,15 @@ func (h *AuthHandler) Routes() chi.Router {
 	return r
 }

+// Обработчик для OPTIONS запросов
+func (h *AuthHandler) handleOptions(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
+	w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
+	w.Header().Set("Access-Control-Max-Age", "300")
+	w.WriteHeader(http.StatusOK)
+}
+
+
 type RegisterRequest struct {
 	Email       string `json:"email"`
 	Password    string `json:"password"`
@@ -66,6 +81,10 @@ type UserResponse struct {
 }

 func (h *AuthHandler) Register(w http.ResponseWriter, r *http.Request) {
+	// Устанавливаем CORS заголовки
+	w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
+
 	var req RegisterRequest
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		utils.RespondWithError(w, http.StatusBadRequest, "Invalid request payload")
@@ -95,6 +114,10 @@ func (h *AuthHandler) Register(w http.ResponseWriter, r *http.Request) {
 }

 func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
+	// Устанавливаем CORS заголовки
+	w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
+	
 	var req LoginRequest
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		utils.RespondWithError(w, http.StatusBadRequest, "Invalid request payload")
@@ -126,6 +149,10 @@ func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
 }

 func (h *AuthHandler) Logout(w http.ResponseWriter, r *http.Request) {
+	// Устанавливаем CORS заголовки
+	w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
+
 	// Удаляем куку
 	http.SetCookie(w, &http.Cookie{
 		Name:     "auth_token",
@@ -144,6 +171,10 @@ func (h *AuthHandler) Logout(w http.ResponseWriter, r *http.Request) {
 }

 func (h *AuthHandler) GetProfile(w http.ResponseWriter, r *http.Request) {
+	// Устанавливаем CORS заголовки
+	w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
+	
 	user, ok := middleware.GetUserFromContext(r.Context())
 	if !ok {
 		utils.RespondWithError(w, http.StatusUnauthorized, "Authentication required")