From cdfd8da59d931e75d49a0774de1ffe5d7164a136 Mon Sep 17 00:00:00 2001
From: mirza <mirza.millahsyafiq.0912@rssa.id>
Date: Thu, 20 Mar 2025 10:04:21 +0700
Subject: [PATCH] add cors policy

---
 go.mod                    | 1 +
 go.sum                    | 2 ++
 internal/server/routes.go | 7 +++++++
 3 files changed, 10 insertions(+)

diff --git a/go.mod b/go.mod
index cc50d38..3dc6c39 100644
--- a/go.mod
+++ b/go.mod
@@ -5,6 +5,7 @@ go 1.23.1
 require (
 	github.com/a-h/templ v0.3.833
 	github.com/coder/websocket v1.8.12
+	github.com/gin-contrib/cors v1.7.4
 	github.com/gin-gonic/gin v1.10.0
 	github.com/google/uuid v1.6.0
 	github.com/joho/godotenv v1.5.1
diff --git a/go.sum b/go.sum
index ffe0e41..fb880df 100644
--- a/go.sum
+++ b/go.sum
@@ -45,6 +45,8 @@ github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2
 github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3GqacKw1NM=
 github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8=
+github.com/gin-contrib/cors v1.7.4 h1:/fC6/wk7rCRtqKqki8lLr2Xq+hnV49aXDLIuSek9g4k=
+github.com/gin-contrib/cors v1.7.4/go.mod h1:vGc/APSgLMlQfEJV5NAzkrAHb0C8DetL3K6QZuvGii0=
 github.com/gin-contrib/sse v1.0.0 h1:y3bT1mUWUxDpW4JLQg/HnTqV4rozuW4tC9eFKTxYI9E=
 github.com/gin-contrib/sse v1.0.0/go.mod h1:zNuFdwarAygJBht0NTKiSi3jRf6RbqeILZ9Sp6Slhe0=
 github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU=
diff --git a/internal/server/routes.go b/internal/server/routes.go
index 2b04932..f22c1d6 100644
--- a/internal/server/routes.go
+++ b/internal/server/routes.go
@@ -15,6 +15,7 @@ import (
 
 	"github.com/coder/websocket"
 
+	"github.com/gin-contrib/cors"
 	patientHandler "template_blueprint/pkg/handlers/patient"
 )
 
@@ -42,6 +43,12 @@ func (s *Server) RegisterRoutes() http.Handler {
 		patient.POST("/insertpatient", patientHandler.InsertPatient)
 		patient.GET("/getallpatient", patientHandler.GetAllPatient)
 	}
+	r.Use(cors.New(cors.Config{
+		AllowOrigins:     []string{"*"}, // or specific domains like "http://example.com"
+		AllowMethods:     []string{"GET", "POST", "PUT", "DELETE"},
+		AllowHeaders:     []string{"Origin", "Content-Type"},
+		AllowCredentials: true,
+	}))
 
 	return r
 }