package middleware

import (
	"antrian-operasi/internal/config"
	"time"

	"github.com/gin-contrib/cors"
	"github.com/gin-gonic/gin"
)

// SecureCORSConfig menyediakan konfigurasi CORS yang aman dan fleksibel
func SecureCORSConfig(cfg config.SecurityConfig) gin.HandlerFunc {
	return cors.New(cors.Config{
		AllowOrigins:     cfg.TrustedOrigins,
		AllowMethods:     []string{"GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"},
		AllowHeaders:     []string{"Origin", "Content-Length", "Content-Type", "Authorization"},
		ExposeHeaders:    []string{"Content-Length"},
		AllowCredentials: true, // Hanya gunakan 'true' jika Anda benar-benar membutuhkannya (cookie, auth)
		MaxAge:           12 * time.Hour,
	})
}