29 lines
1022 B
PHP
29 lines
1022 B
PHP
<?php
|
|
namespace App\Middleware;
|
|
|
|
use Psr\Http\Server\MiddlewareInterface;
|
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
|
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
|
|
use Psr\Http\Message\ResponseInterface;
|
|
use Slim\Psr7\Response;
|
|
|
|
class CorsMiddleware implements MiddlewareInterface
|
|
{
|
|
public function process(Request $request, RequestHandler $handler): ResponseInterface
|
|
{
|
|
$origin = $_SERVER['HTTP_ORIGIN'] ?? '*';
|
|
|
|
if ($request->getMethod() === 'OPTIONS') {
|
|
$response = new Response(204);
|
|
} else {
|
|
$response = $handler->handle($request);
|
|
}
|
|
|
|
return $response
|
|
->withHeader('Access-Control-Allow-Origin', $origin)
|
|
->withHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
|
|
->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS')
|
|
->withHeader('Access-Control-Allow-Credentials', 'true');
|
|
}
|
|
}
|