Merge pull request #66 from yoshihiro-shu/yoshi/update/cors-middleware

Yoshi/update/cors middleware
yoshihiro-shu · Oct 21, 2023 · e5e62d3 · e5e62d3
2 parents ff93b94 + 11b62c2
commit e5e62d3
Show file tree

Hide file tree

Showing 26 changed files with 1,875 additions and 14 deletions.
diff --git a/.editconfig b/.editconfig
@@ -0,0 +1,22 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[{*.go,Makefile,.gitmodules,go.mod,go.sum}]
+indent_style = tab
+
+[*.md]
+indent_style = tab
+trim_trailing_whitespace = false
+
+[*.{yml,yaml,json}]
+indent_style = space
+indent_size = 2
+
+[*.{js,jsx,ts,tsx,css,less,sass,scss,vue,py}]
+indent_style = space
+indent_size = 4
diff --git a/.tool-versions b/.tool-versions
@@ -1 +1,2 @@
 golang 1.20
+rust 1.73.0
diff --git a/Makefile b/Makefile
@@ -0,0 +1,8 @@
+start:
+	sh ./scripts/docker-start.sh
+
+stop:
+	sh ./scripts/docker-stop.sh
+
+init-doc:
+	swag init --dir backend/cmd
diff --git a/backend/.tool-versions b/backend/.tool-versions
@@ -1 +1 @@
-golang 1.20
+golang 1.21rc3
diff --git a/backend/domain/model/category.go b/backend/domain/model/category.go
@@ -5,6 +5,7 @@ import "time"
 type Category struct {
 	Id          int       `gorm:"primaryKey;" json:"id"`
 	Name        string    `json:"name"`
+	Slug        string    `json:"slug"`
 	Description string    `json:"description"`
 	ParentId    int       `json:"parentId"`
 	CreatedAt   time.Time `json:"createdAt"`

diff --git a/backend/domain/model/tag.go b/backend/domain/model/tag.go
@@ -5,6 +5,7 @@ import "time"
 type Tag struct {
 	Id          int       `gorm:"primaryKey;" json:"id"`
 	Name        string    `json:"name"`
+	Slug        string    `json:"slug"`
 	Description string    `json:"description"`
 	CreatedAt   time.Time `json:"createdAt"`
 }

diff --git a/backend/interfaces/api/middlewares/cors.go b/backend/interfaces/api/middlewares/cors.go
@@ -9,6 +9,7 @@ import (
 func Cors(c config.Frontend) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			w.Header().Set("Access-Control-Max-Age", "3600")
 			w.Header().Set("Access-Control-Allow-Origin", c.Domain)
 			w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
 			w.Header().Set("Content-Type", "application/json;charset=utf-8")

diff --git a/backend/interfaces/api/middlewares/csrf.go b/backend/interfaces/api/middlewares/csrf.go
@@ -17,20 +17,19 @@ const (
 
 func SetterCsrfToken(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// フロント側のブラウザにクッキーがセットされるようにする
+		w.Header().Set("Access-Control-Allow-Credentials", "true")
 		switch r.Method {
 		case http.MethodOptions:
-			w.Header().Set("Access-Control-Allow-Headers", headerName)
-			w.Header().Set("Access-Control-Allow-Credentials", "true")
+			// w.Header().Set("Access-Control-Allow-Headers", headerName)
+			w.Header().Set("Access-Control-Request-Headers", headerName)
 		case http.MethodGet:
 			// X-CSRF-Tokenをフロント側で受け取れるようにする
 			w.Header().Set("Access-Control-Expose-Headers", headerName)
-			// フロント側のブラウザにクッキーがセットされるようにする
-			w.Header().Set("Access-Control-Allow-Credentials", "true")
 			w.Header().Set(headerName, csrf.Token(r))
 		case http.MethodPost, http.MethodPut, http.MethodPatch, http.MethodDelete:
 			// X-CSRF-Tokenをフロント側で受け取れるようにする
 			w.Header().Set("Access-Control-Expose-Headers", headerName)
-			w.Header().Set("Access-Control-Allow-Credentials", "true")
 		}
 
 		next.ServeHTTP(w, r)

diff --git a/batch/qiita/.env b/batch/qiita/.env
@@ -0,0 +1,6 @@
+DB_HOST=localhost
+DB_PORT=5432
+DB_USER=postgres
+DB_PASSWORD=password
+DB_NAME=postgres
+DB_SSL=disable
diff --git a/batch/qiita/.envrc b/batch/qiita/.envrc
@@ -0,0 +1 @@
+dotenv
diff --git a/batch/qiita/.gitignore b/batch/qiita/.gitignore
@@ -0,0 +1 @@
+target