From 940f6ea1b5d3d54f323fa848543e051e6ac0db52 Mon Sep 17 00:00:00 2001
From: Daniel Svitan <daniel.svitan.team7274dev@gmail.com>
Date: Thu, 5 Jun 2025 09:53:46 +0200
Subject: [PATCH] :wrench: Adds CORS

---
 server/main.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/server/main.go b/server/main.go
index 02a8e00..22b4c9f 100644
--- a/server/main.go
+++ b/server/main.go
@@ -73,6 +73,10 @@ func main() {
 		LogLevel:  log.ERROR,
 	}))
 	app.Use(middleware.Secure())
+	app.Use(middleware.CORSWithConfig(middleware.CORSConfig{
+		AllowOrigins: []string{"*"},
+		AllowHeaders: []string{echo.HeaderOrigin, echo.HeaderContentType, echo.HeaderAccept, echo.HeaderAuthorization},
+	}))
 
 	app.Use(middleware.LoggerWithConfig(middleware.LoggerConfig{
 		Format:           "${time_custom} ${method} ${uri} ---> ${status} in ${latency_human} (${bytes_out} bytes)\n",
@@ -213,7 +217,8 @@ func main() {
 
 func authed(next echo.HandlerFunc) echo.HandlerFunc {
 	return func(c echo.Context) error {
-		if c.Request().Header.Get("Authorization") != token {
+		provided := c.Request().Header.Get("Authorization")
+		if provided != fmt.Sprintf("Bearer %s", token) {
 			return c.NoContent(http.StatusUnauthorized)
 		}