modified: begushiybashkir/bbvue/.env

modified: serv_nginx/api_bb/pkg/middleware/cors.go modified: serv_nginx/api_bb/pkg/middleware/middleware.go change middleware
2025-10-13 04:05:04 +05:00
parent af9dc82c58
commit bea819f81a
3 changed files with 14 additions and 18 deletions
@@ -1 +1,2 @@
 VITE_APP_DEBUG=true
 VITE_API_BASE_URL=https://begushiybashkir.ru/api/v1
@@ -1,25 +1,20 @@
 // pkg/middleware/cors.go
 package middleware
 import (
 	"net/http"
 	"github.com/go-chi/cors"
 )
-// CORS middleware для обработки preflight запросов
+func CORS() func(http.Handler) http.Handler {
-func CORS(next http.Handler) http.Handler {
+	return cors.Handler(cors.Options{
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		AllowedOrigins:   []string{"http://localhost:3001", "https://begushiybashkir.ru"},
-		// Устанавливаем CORS заголовки
+		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"},
-		w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "X-Requested-With"},
-		w.Header().Set("Access-Control-Allow-Credentials", "true")
+		ExposedHeaders:   []string{"Link", "Content-Length"},
-		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
+		AllowCredentials: true,
-		w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Requested-With")
+		MaxAge:           300,
 		// Если это OPTIONS запрос (preflight), сразу отвечаем
 		if r.Method == "OPTIONS" {
 			w.WriteHeader(http.StatusOK)
 			return
 		}
 		next.ServeHTTP(w, r)
 	})
 }
@@ -10,7 +10,7 @@ import (
 func CommonMiddleware() []func(http.Handler) http.Handler {
 	return []func(http.Handler) http.Handler{
 		HandleOptions,
-		CORS,
+		CORS(),
 		ZapLogger,
 		middleware.Recoverer,
 		middleware.RequestID,
`@@ -1 +1,2 @@`
	`VITE_APP_DEBUG=true`	`VITE_APP_DEBUG=true`
		`VITE_API_BASE_URL=https://begushiybashkir.ru/api/v1`