29 lines
910 B
PHP
29 lines
910 B
PHP
<?php
|
|
|
|
namespace app\middleware;
|
|
|
|
use Webman\MiddlewareInterface;
|
|
use Webman\Http\Request;
|
|
use Webman\Http\Response;
|
|
|
|
class CorsMiddleware implements MiddlewareInterface
|
|
{
|
|
public function process(Request $request, callable $handler): Response
|
|
{
|
|
$headers = [
|
|
'Access-Control-Allow-Origin' => $request->header('origin', '*'),
|
|
'Access-Control-Allow-Methods' => 'GET, POST, PUT, PATCH, DELETE, OPTIONS',
|
|
'Access-Control-Allow-Headers' => 'Content-Type, Authorization, X-Requested-With, X-AXY-App-Key, X-AXY-Timestamp, X-AXY-Nonce, X-AXY-Signature',
|
|
'Access-Control-Allow-Credentials' => 'true',
|
|
];
|
|
|
|
if ($request->method() === 'OPTIONS') {
|
|
return response('', 204, $headers);
|
|
}
|
|
|
|
/** @var Response $response */
|
|
$response = $handler($request);
|
|
return $response->withHeaders($headers);
|
|
}
|
|
}
|