b0esche/b0esche_cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CORS support for user profile and account routes in the API

Browse Source
This commit is contained in:
Leon Bösche
2026-01-29 00:59:22 +01:00
parent fcfcc3e127
commit b6a9e2aa54
3 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
b0esche_cloud/lib/widgets/account_settings_dialog.dart
View File

@@ -102,7 +102,9 @@ class _AccountSettingsDialogState extends State<AccountSettingsDialog> {
} }
Future<void> _updateProfile() async { Future<void> _updateProfile() async {
if (_currentUser == null) return; if (_currentUser == null) {
return;
}
setState(() => _isLoading = true); setState(() => _isLoading = true);
try { try {

BIN
go_cloud/bin/api
View File

Binary file not shown.

24
go_cloud/internal/http/routes.go
View File

@@ -241,15 +241,39 @@ func NewRouter(cfg *config.Config, db *database.DB, jwtManager *jwt.Manager, aut
r.Put("/user/profile", func(w http.ResponseWriter, req *http.Request) { r.Put("/user/profile", func(w http.ResponseWriter, req *http.Request) {
updateUserProfileHandler(w, req, db, auditLogger) updateUserProfileHandler(w, req, db, auditLogger)
}) })
r.Options("/user/profile", func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "GET, PUT, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.WriteHeader(http.StatusOK)
})
r.Post("/user/change-password", func(w http.ResponseWriter, req *http.Request) { r.Post("/user/change-password", func(w http.ResponseWriter, req *http.Request) {
changePasswordHandler(w, req, db, auditLogger) changePasswordHandler(w, req, db, auditLogger)
}) })
r.Options("/user/change-password", func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.WriteHeader(http.StatusOK)
})
r.Post("/user/avatar", func(w http.ResponseWriter, req *http.Request) { r.Post("/user/avatar", func(w http.ResponseWriter, req *http.Request) {
uploadUserAvatarHandler(w, req, db, auditLogger, cfg) uploadUserAvatarHandler(w, req, db, auditLogger, cfg)
}) })
r.Options("/user/avatar", func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.WriteHeader(http.StatusOK)
})
r.Delete("/user/account", func(w http.ResponseWriter, req *http.Request) { r.Delete("/user/account", func(w http.ResponseWriter, req *http.Request) {
deleteUserAccountHandler(w, req, db, auditLogger, cfg) deleteUserAccountHandler(w, req, db, auditLogger, cfg)
}) })
r.Options("/user/account", func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "DELETE, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.WriteHeader(http.StatusOK)
})
// Org routes // Org routes
r.Get("/orgs", func(w http.ResponseWriter, req *http.Request) { r.Get("/orgs", func(w http.ResponseWriter, req *http.Request) {