fix: need to create a special mock handler for tus cors, and make cores a dedicated middleware function

2024-02-03 20:11:47 -05:00 · 2024-02-03 20:11:47 -05:00 · d13c15212c
parent 6655abe61b
commit d13c15212c
1 changed files with 35 additions and 23 deletions
--- a/api/s5/s5.go
+++ b/api/s5/s5.go
@ -101,6 +101,14 @@ func (s S5API) Stop(ctx context.Context) error {
 func getRoutes(s *S5API) map[string]jape.Handler {
 	tusHandler := BuildS5TusApi(s.identity, s.accounts, s.storage)
 	tusOptionsHandler := func(c jape.Context) {
 		c.ResponseWriter.WriteHeader(http.StatusOK)
 	}
 	tusCors := BuildTusCors()
 	wrappedTusHandler := middleware.ApplyMiddlewares(tusOptionsHandler, tusCors, middleware.AuthMiddleware(s.identity, s.accounts))
 	return map[string]jape.Handler{
 		// Account API
 		"GET /s5/account/register":  s.httpHandler.AccountRegisterChallenge,
@ -117,11 +125,11 @@ func getRoutes(s *S5API) map[string]jape.Handler {
 		// Tus API
 		"POST /s5/upload/tus":        tusHandler,
-		"OPTIONS /s5/upload/tus":     tusHandler,
+		"OPTIONS /s5/upload/tus":     wrappedTusHandler,
 		"HEAD /s5/upload/tus/:id":    tusHandler,
 		"POST /s5/upload/tus/:id":    tusHandler,
 		"PATCH /s5/upload/tus/:id":   tusHandler,
-		"OPTIONS /s5/upload/tus/:id": tusHandler,
+		"OPTIONS /s5/upload/tus/:id": wrappedTusHandler,
 		// Download API
 		"GET /s5/blob/:cid":     middleware.ApplyMiddlewares(s.httpHandler.DownloadBlob, middleware.AuthMiddleware(s.identity, s.accounts)),
@ -170,6 +178,30 @@ func (w *s5TusJwtResponseWriter) WriteHeader(statusCode int) {
 	w.ResponseWriter.WriteHeader(statusCode)
 }
 func BuildTusCors() func(h http.Handler) http.Handler {
 	mw :=
 		cors.New(cors.Options{
 			AllowedOrigins: []string{"*"},
 			AllowedMethods: []string{"GET", "POST", "PATCH", "DELETE", "HEAD", "OPTIONS"},
 			AllowedHeaders: []string{
 				"Authorization",
 				"Expires",
 				"Upload-Concat",
 				"Upload-Length",
 				"Upload-Offset",
 				"X-Requested-With",
 				"Tus-Version",
 				"Tus-Resumable",
 				"Tus-Extension",
 				"Tus-Max-Size",
 				"X-HTTP-Method-Override",
 			},
 			AllowCredentials: true,
 		})
 	return mw.Handler
 }
 func BuildS5TusApi(identity ed25519.PrivateKey, accounts *account.AccountServiceDefault, storage *storage.StorageServiceDefault) jape.Handler {
 	// Create a jape.Handler for your tusHandler
 	tusJapeHandler := func(c jape.Context) {
@ -199,28 +231,8 @@ func BuildS5TusApi(identity ed25519.PrivateKey, accounts *account.AccountService
 		})
 	}
 	corsMiddleware :=
 		cors.New(cors.Options{
 			AllowedOrigins: []string{"*"},
 			AllowedMethods: []string{"GET", "POST", "PATCH", "DELETE", "HEAD", "OPTIONS"},
 			AllowedHeaders: []string{
 				"Authorization",
 				"Expires",
 				"Upload-Concat",
 				"Upload-Length",
 				"Upload-Offset",
 				"X-Requested-With",
 				"Tus-Version",
 				"Tus-Resumable",
 				"Tus-Extension",
 				"Tus-Max-Size",
 				"X-HTTP-Method-Override",
 			},
 			AllowCredentials: true,
 		})
 	// Apply the middlewares to the tusJapeHandler
-	tusHandler := middleware.ApplyMiddlewares(tusJapeHandler, corsMiddleware.Handler, middleware.AuthMiddleware(identity, accounts), injectJwt, protocolMiddleware, stripPrefix, middleware.ProxyMiddleware)
+	tusHandler := middleware.ApplyMiddlewares(tusJapeHandler, BuildTusCors(), middleware.AuthMiddleware(identity, accounts), injectJwt, protocolMiddleware, stripPrefix, middleware.ProxyMiddleware)
 	return tusHandler
 }