From 48c42e6260f7ca3e65f021b525a3c236c11a198f Mon Sep 17 00:00:00 2001 From: gudnuf Date: Mon, 30 Jun 2025 14:22:28 -0700 Subject: [PATCH] fix: add cors headers to auth routes --- crates/cdk-axum/src/lib.rs | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/crates/cdk-axum/src/lib.rs b/crates/cdk-axum/src/lib.rs index ec108e36..230ba7ae 100644 --- a/crates/cdk-axum/src/lib.rs +++ b/crates/cdk-axum/src/lib.rs @@ -142,6 +142,11 @@ async fn cors_middleware( req: axum::http::Request, next: axum::middleware::Next, ) -> Response { + #[cfg(feature = "auth")] + let allowed_headers = "Content-Type, Clear-auth, Blind-auth"; + #[cfg(not(feature = "auth"))] + let allowed_headers = "Content-Type"; + // Handle preflight requests if req.method() == axum::http::Method::OPTIONS { let mut response = Response::new("".into()); @@ -154,7 +159,7 @@ async fn cors_middleware( ); response.headers_mut().insert( "Access-Control-Allow-Headers", - "Content-Type".parse().unwrap(), + allowed_headers.parse().unwrap(), ); return response; } @@ -171,7 +176,7 @@ async fn cors_middleware( ); response.headers_mut().insert( "Access-Control-Allow-Headers", - "Content-Type".parse().unwrap(), + allowed_headers.parse().unwrap(), ); response @@ -210,9 +215,7 @@ pub async fn create_mint_router_with_custom_cache( .route("/info", get(get_mint_info)) .route("/restore", post(post_restore)); - let mint_router = Router::new() - .nest("/v1", v1_router) - .layer(from_fn(cors_middleware)); + let mint_router = Router::new().nest("/v1", v1_router); #[cfg(feature = "auth")] let mint_router = { @@ -220,6 +223,8 @@ pub async fn create_mint_router_with_custom_cache( mint_router.nest("/v1", auth_router) }; + let mint_router = mint_router.layer(from_fn(cors_middleware)); + let mint_router = mint_router.with_state(state); Ok(mint_router)