renaldi.brada1904/api-antrian-operasi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init security, add cors

Browse Source
This commit is contained in:
renaldybrada
2026-01-30 08:32:54 +07:00
parent eab5b428ea
commit 577dc163c0
8 changed files with 59 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/middleware/security.go
+21
View File
@@ -0,0 +1,21 @@
package middleware
import (
"antrian-operasi/internal/config"
"time"
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
)
// SecureCORSConfig menyediakan konfigurasi CORS yang aman dan fleksibel
func SecureCORSConfig(cfg config.SecurityConfig) gin.HandlerFunc {
return cors.New(cors.Config{
AllowOrigins: cfg.TrustedOrigins,
AllowMethods: []string{"GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"},
AllowHeaders: []string{"Origin", "Content-Length", "Content-Type", "Authorization"},
ExposeHeaders: []string{"Content-Length"},
AllowCredentials: true, // Hanya gunakan 'true' jika Anda benar-benar membutuhkannya (cookie, auth)
MaxAge: 12 * time.Hour,
})
}