modified: main_dc/yalarba/api_es/go.mod

modified:   main_dc/yalarba/api_es/go.sum
	modified:   main_dc/yalarba/api_es/internal/router/router.go
	new file:   main_dc/yalarba/api_es/internal/router/setMiddleware.go
add middlewares, loggers, cors

main_dc/yalarba/api_es/go.mod

@@ -18,6 +18,7 @@ require (
 )
 
 require (
+	github.com/go-chi/cors v1.2.2
 	github.com/go-playground/validator/v10 v10.28.0
 	github.com/golang-jwt/jwt/v4 v4.5.2
 	github.com/jackc/pgpassfile v1.0.0 // indirect

main_dc/yalarba/api_es/go.sum

@@ -5,6 +5,8 @@ github.com/gabriel-vasile/mimetype v1.4.10 h1:zyueNbySn/z8mJZHLt6IPw0KoZsiQNszIp
 github.com/gabriel-vasile/mimetype v1.4.10/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
 github.com/go-chi/chi/v5 v5.2.3 h1:WQIt9uxdsAbgIYgid+BpYc+liqQZGMHRaUwp0JUcvdE=
 github.com/go-chi/chi/v5 v5.2.3/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops=
+github.com/go-chi/cors v1.2.2 h1:Jmey33TE+b+rB7fT8MUy1u0I4L+NARQlK6LhzKPSyQE=
+github.com/go-chi/cors v1.2.2/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
 github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=

main_dc/yalarba/api_es/internal/router/router.go

@@ -21,6 +21,8 @@ func SetupRouter(db *gorm.DB, config *config.Config) http.Handler {
 	// Initialize logger
 	baseLogger := logger.NewWrapper(logger.Get())
 
+	setupMiddlewares(r)
+
 	// Health check
 	r.Get("/health", func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Content-Type", "application/json")

main_dc/yalarba/api_es/internal/router/setMiddleware.go

@@ -0,0 +1,41 @@
+package router
+
+import (
+	"time"
+
+
+	"github.com/go-chi/chi/v5"
+	"github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/cors"
+)
+
+// setupMiddlewares — устанавливает общие middleware для роутера.
+func setupMiddlewares(r *chi.Mux) {
+	// Логирование всех запросов
+	r.Use(middleware.Logger)
+
+	// Восстановление после паник
+	r.Use(middleware.Recoverer)
+
+	// Удаление завершающих слешей
+	r.Use(middleware.StripSlashes)
+
+	// Установка реального IP из заголовков (X-Forwarded-For, X-Real-IP)
+	r.Use(middleware.RealIP)
+
+	// Таймаут обработки запроса
+	r.Use(middleware.Timeout(30 * time.Second))
+
+	// Поддержка CORS
+	r.Use(cors.Handler(cors.Options{
+		AllowedOrigins:   []string{"https://*", "http://*"},
+		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"},
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
+		ExposedHeaders:   []string{"Link"},
+		AllowCredentials: true,
+		MaxAge:           300, // 5 минут
+	}))
+
+
+	// Можно добавить и другие кастомные middleware при необходимости
+}