From 9a745916b21da24c9df7eadc3ba242e3576e1305 Mon Sep 17 00:00:00 2001
From: konrad <k@knt.li>
Date: Wed, 8 Nov 2017 16:59:48 +0100
Subject: [PATCH] Added CORS Header Set

---
 routes/cors.go   | 16 ++++++++++++++++
 routes/routes.go |  4 ++++
 2 files changed, 20 insertions(+)
 create mode 100644 routes/cors.go

diff --git a/routes/cors.go b/routes/cors.go
new file mode 100644
index 0000000..9138004
--- /dev/null
+++ b/routes/cors.go
@@ -0,0 +1,16 @@
+package routes
+
+import (
+	"github.com/labstack/echo"
+	"net/http"
+)
+
+// SetCORSHeader sets relevant CORS headers for Cross-Site-Requests to the api
+func SetCORSHeader (c echo.Context) error {
+	res := c.Response()
+	res.Header().Set("Access-Control-Allow-Origin", "*")
+	res.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE")
+	res.Header().Set("Access-Control-Allow-Headers", "authorization,content-type")
+	res.Header().Set("Access-Control-Expose-Headers", "authorization,content-type")
+	return c.String(http.StatusOK, "")
+}
\ No newline at end of file
diff --git a/routes/routes.go b/routes/routes.go
index a682ba8..dca7526 100644
--- a/routes/routes.go
+++ b/routes/routes.go
@@ -26,6 +26,10 @@ func NewEcho() *echo.Echo {
 // RegisterRoutes registers all routes for the application
 func RegisterRoutes(e *echo.Echo) {
 
+	// CORS
+	e.OPTIONS("/login", SetCORSHeader)
+	e.OPTIONS("/api/v1/books", SetCORSHeader)
+
 	// Basic Route
 	e.Static("/", "assets/index.html")