dragonflyoss
/
dragonfly
mirror of https://github.com/dragonflyoss/dragonfly.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat: add CORS middleware to manager (#2304) 

Signed-off-by: Gaius <gaius.qi@gmail.com>
This commit is contained in:
Gaius 2023-04-26 16:29:44 +08:00
parent 27642a8de0
commit ca23e97e9a
No known key found for this signature in database
GPG Key ID: 8B4E5D1290FA2FFB
2 changed files with 52 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
manager/middlewares/cors.go Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright 2023 The Dragonfly Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package middlewares
import (
"net/http"
"strings"
"github.com/gin-gonic/gin"
"github.com/go-http-utils/headers"
)
func CORS() gin.HandlerFunc {
return func(c *gin.Context) {
origin := c.GetHeader(headers.Origin)
if origin == "" {
c.Next()
return
}
c.Header(headers.AccessControlAllowOrigin, origin)
c.Header(headers.AccessControlAllowCredentials, "true")
if c.Request.Method != http.MethodOptions {
c.Next()
return
}
// Preflight OPTIONS request.
c.Header(headers.AccessControlAllowHeaders, c.GetHeader("Access-Control-Request-Headers"))
c.Header(headers.AccessControlAllowMethods, strings.Join([]string{http.MethodGet, http.MethodHead, http.MethodPut, http.MethodPost, http.MethodDelete, http.MethodPatch}, ","))
c.Header(headers.AccessControlMaxAge, "600000")
c.Status(http.StatusNoContent)
c.Abort()
}
}

8
manager/router/router.go
View File

@ -21,7 +21,6 @@ import (
"time" "time"
"github.com/casbin/casbin/v2" "github.com/casbin/casbin/v2"
"github.com/gin-contrib/cors"
"github.com/gin-contrib/static" "github.com/gin-contrib/static"
ginzap "github.com/gin-contrib/zap" ginzap "github.com/gin-contrib/zap"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
@ -66,17 +65,12 @@ func Init(cfg *config.Config, logDir string, service service.Service, enforcer *
r.Use(otelgin.Middleware(OtelServiceName)) r.Use(otelgin.Middleware(OtelServiceName))
} }
// CORS
corsConfig := cors.DefaultConfig()
corsConfig.AllowAllOrigins = true
corsConfig.AllowCredentials = true
// Middleware // Middleware
r.Use(gin.Recovery()) r.Use(gin.Recovery())
r.Use(ginzap.Ginzap(logger.GinLogger.Desugar(), time.RFC3339, true)) r.Use(ginzap.Ginzap(logger.GinLogger.Desugar(), time.RFC3339, true))
r.Use(ginzap.RecoveryWithZap(logger.GinLogger.Desugar(), true)) r.Use(ginzap.RecoveryWithZap(logger.GinLogger.Desugar(), true))
r.Use(middlewares.Error()) r.Use(middlewares.Error())
r.Use(cors.New(corsConfig)) r.Use(middlewares.CORS())
rbac := middlewares.RBAC(enforcer) rbac := middlewares.RBAC(enforcer)
jwt, err := middlewares.Jwt(cfg.Auth.JWT, service) jwt, err := middlewares.Jwt(cfg.Auth.JWT, service)