b0esche/b0esche_cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CORS support for user profile and account routes in the API

Browse Source
This commit is contained in:
Leon Bösche
2026-01-29 00:59:22 +01:00
parent fcfcc3e127
commit b6a9e2aa54
3 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
go_cloud/internal/http/routes.go
View File

@@ -241,15 +241,39 @@ func NewRouter(cfg *config.Config, db *database.DB, jwtManager *jwt.Manager, aut
r.Put("/user/profile", func(w http.ResponseWriter, req *http.Request) {
updateUserProfileHandler(w, req, db, auditLogger)
})
r.Options("/user/profile", func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "GET, PUT, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.WriteHeader(http.StatusOK)
})
r.Post("/user/change-password", func(w http.ResponseWriter, req *http.Request) {
changePasswordHandler(w, req, db, auditLogger)
})
r.Options("/user/change-password", func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.WriteHeader(http.StatusOK)
})
r.Post("/user/avatar", func(w http.ResponseWriter, req *http.Request) {
uploadUserAvatarHandler(w, req, db, auditLogger, cfg)
})
r.Options("/user/avatar", func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.WriteHeader(http.StatusOK)
})
r.Delete("/user/account", func(w http.ResponseWriter, req *http.Request) {
deleteUserAccountHandler(w, req, db, auditLogger, cfg)
})
r.Options("/user/account", func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "DELETE, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.WriteHeader(http.StatusOK)
})
// Org routes
r.Get("/orgs", func(w http.ResponseWriter, req *http.Request) {