modified: begushiybashkir/bbvue/.env

modified: serv_nginx/api_bb/pkg/middleware/cors.go modified: serv_nginx/api_bb/pkg/middleware/middleware.go change middleware
2025-10-13 04:05:04 +05:00
parent af9dc82c58
commit bea819f81a
3 changed files with 14 additions and 18 deletions
@@ -1 +1,2 @@
 VITE_APP_DEBUG=true
+VITE_API_BASE_URL=https://begushiybashkir.ru/api/v1
@@ -1,25 +1,20 @@
+
 // pkg/middleware/cors.go
 package middleware

 import (
 	"net/http"
+
+	"github.com/go-chi/cors"
 )

-// CORS middleware для обработки preflight запросов
-func CORS(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		// Устанавливаем CORS заголовки
-		w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
-		w.Header().Set("Access-Control-Allow-Credentials", "true")
-		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
-		w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Requested-With")
-
-		// Если это OPTIONS запрос (preflight), сразу отвечаем
-		if r.Method == "OPTIONS" {
-			w.WriteHeader(http.StatusOK)
-			return
-		}
-
-		next.ServeHTTP(w, r)
+func CORS() func(http.Handler) http.Handler {
+	return cors.Handler(cors.Options{
+		AllowedOrigins:   []string{"http://localhost:3001", "https://begushiybashkir.ru"},
+		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"},
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "X-Requested-With"},
+		ExposedHeaders:   []string{"Link", "Content-Length"},
+		AllowCredentials: true,
+		MaxAge:           300,
 	})
 }
@@ -10,7 +10,7 @@ import (
 func CommonMiddleware() []func(http.Handler) http.Handler {
 	return []func(http.Handler) http.Handler{
 		HandleOptions,
-		CORS,
+		CORS(),
 		ZapLogger,
 		middleware.Recoverer,
 		middleware.RequestID,