modified: serv_nginx/api_bb/internal/handlers/auth.go

modified:   serv_nginx/api_bb/pkg/middleware/middleware.go
set Access-Controll-Allow-Origin Origin
Allow-Credentials true

serv_nginx/api_bb/pkg/middleware/middleware.go

@@ -1,24 +1,33 @@
 package middleware
 
 import (
-    "net/http"
-    
-    "github.com/go-chi/chi/v5/middleware"
-    "github.com/go-chi/cors"
+	"net/http"
+
+	"github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/cors"
 )
 
 func CommonMiddleware() []func(http.Handler) http.Handler {
-    return []func(http.Handler) http.Handler{
-        middleware.Logger,
-        middleware.Recoverer,
-        middleware.RequestID,
-        cors.Handler(cors.Options{
-            AllowedOrigins:   []string{"https://*", "http://*"},
-            AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
-            AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
-            ExposedHeaders:   []string{"Link"},
-            AllowCredentials: false,
-            MaxAge:           300,
-        }),
-    }   
-}
+	return []func(http.Handler) http.Handler{
+		middleware.Logger,
+		middleware.Recoverer,
+		middleware.RequestID,
+		cors.Handler(cors.Options{
+			AllowedOrigins: []string{
+				"https://xn--80abahjtcfl5d0a8di.xn--p1ai",
+				"https://begushiybashkir.ru",
+				"http://localhost:3000",
+				"http://localhost:3001",
+				"http://localhost:5173"},
+			AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
+			AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "X-Requested-With"},
+			ExposedHeaders:   []string{
+                "Link",
+                "Content-Length",
+                "Set-Cookie",
+            },
+			AllowCredentials: true,
+			MaxAge:           300,
+		}),
+	}
+}