diff --git a/go.mod b/go.mod index 6adb5e4..a285db8 100644 --- a/go.mod +++ b/go.mod @@ -11,9 +11,18 @@ require ( gorm.io/gorm v1.25.10 ) -require github.com/kelseyhightower/envconfig v1.4.0 +require ( + github.com/gin-contrib/cors v1.7.2 + github.com/kelseyhightower/envconfig v1.4.0 + github.com/mocktools/go-smtp-mock/v2 v2.3.1 + github.com/stretchr/testify v1.9.0 +) -require github.com/mocktools/go-smtp-mock/v2 v2.3.1 // indirect +require ( + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect +) require ( github.com/bytedance/sonic v1.11.9 // indirect diff --git a/go.sum b/go.sum index 93b96ac..1a314ca 100644 --- a/go.sum +++ b/go.sum @@ -6,11 +6,14 @@ github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/ github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w= github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg= github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/gabriel-vasile/mimetype v1.4.4 h1:QjV6pZ7/XZ7ryI2KuyeEDE8wnh7fHP9YnQy+R0LnH8I= github.com/gabriel-vasile/mimetype v1.4.4/go.mod h1:JwLei5XPtWdGiMFB5Pjle1oEeoSeEuJfJE+TtfvdB/s= +github.com/gin-contrib/cors v1.7.2 h1:oLDHxdg8W/XDoN/8zamqk/Drgt4oVZDvaV0YmvVICQw= +github.com/gin-contrib/cors v1.7.2/go.mod h1:SUJVARKgQ40dmrzgXEVxj2m7Ig1v1qIboQkPDTQ9t2E= github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU= @@ -42,6 +45,10 @@ github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa02 github.com/klauspost/cpuid/v2 v2.2.8 h1:+StwCXwm9PdpiEkPyzBXIy+M9KUb4ODm0Zarf1kS5BM= github.com/klauspost/cpuid/v2 v2.2.8/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= @@ -59,9 +66,12 @@ github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6 github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= +github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -94,8 +104,9 @@ google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6h google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk= gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AWRXxgwEyPp2z+p0+hgMuE= gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/internal/middlewares/cors.go b/internal/middlewares/cors.go new file mode 100644 index 0000000..285a10c --- /dev/null +++ b/internal/middlewares/cors.go @@ -0,0 +1,21 @@ +package middlewares + +import ( + "GoMembership/internal/config" + "GoMembership/pkg/logger" + + "github.com/gin-contrib/cors" + "github.com/gin-gonic/gin" +) + +func CORSMiddleware() gin.HandlerFunc { + logger.Info.Print("Applying CORS") + return cors.New(cors.Config{ + AllowOrigins: []string{config.BaseURL}, // Add your frontend URL(s) + AllowMethods: []string{"GET", "POST"}, // "PUT", "PATCH", "DELETE", "OPTIONS"}, + AllowHeaders: []string{"Origin", "Content-Type", "Accept", "Authorization", "X-Requested-With"}, + // ExposeHeaders: []string{"Content-Length"}, + AllowCredentials: true, + MaxAge: 12 * 60 * 60, // 12 hours + }) +} diff --git a/internal/middlewares/cors_test.go b/internal/middlewares/cors_test.go new file mode 100644 index 0000000..7d12ff5 --- /dev/null +++ b/internal/middlewares/cors_test.go @@ -0,0 +1,104 @@ +package middlewares + +import ( + "log" + "net/http" + "net/http/httptest" + "os" + "path/filepath" + "strconv" + "testing" + + "github.com/gin-gonic/gin" + "github.com/stretchr/testify/assert" + + "GoMembership/internal/config" + "GoMembership/pkg/logger" +) + +const ( + Host = "127.0.0.1" + Port int = 2525 +) + +func TestCORSMiddleware(t *testing.T) { + cwd, err := os.Getwd() + if err != nil { + log.Fatalf("Failed to get current working directory: %v", err) + } + + configFilePath := filepath.Join(cwd, "..", "..", "configs", "config.json") + templateHTMLPath := filepath.Join(cwd, "..", "..", "templates", "html") + templateMailPath := filepath.Join(cwd, "..", "..", "templates", "email") + + if err := os.Setenv("TEMPLATE_MAIL_PATH", templateMailPath); err != nil { + log.Fatalf("Error setting environment variable: %v", err) + } + if err := os.Setenv("TEMPLATE_HTML_PATH", templateHTMLPath); err != nil { + log.Fatalf("Error setting environment variable: %v", err) + } + if err := os.Setenv("CONFIG_FILE_PATH", configFilePath); err != nil { + log.Fatalf("Error setting environment variable: %v", err) + } + if err := os.Setenv("SMTP_HOST", Host); err != nil { + log.Fatalf("Error setting environment variable: %v", err) + } + if err := os.Setenv("SMTP_PORT", strconv.Itoa(Port)); err != nil { + log.Fatalf("Error setting environment variable: %v", err) + } + if err := os.Setenv("BASE_URL", "http://"+Host+":2525"); err != nil { + log.Fatalf("Error setting environment variable: %v", err) + } + // Load your configuration + config.LoadConfig() + + // Create a gin router with the CORS middleware + router := gin.New() + router.Use(CORSMiddleware()) + + // Add a simple handler + router.GET("/test", func(c *gin.Context) { + c.String(200, "test") + }) + + tests := []struct { + name string + origin string + expectedStatus int + expectedHeaders map[string]string + }{ + { + name: "Allowed origin", + origin: config.BaseURL, + expectedStatus: http.StatusOK, + expectedHeaders: map[string]string{ + "Access-Control-Allow-Origin": config.BaseURL, + "Content-Type": "text/plain; charset=utf-8", + "Access-Control-Allow-Credentials": "true", + }, + }, + { + name: "Disallowed origin", + origin: "http://evil.com", + expectedStatus: http.StatusForbidden, + expectedHeaders: map[string]string{ + "Access-Control-Allow-Origin": "", + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + w := httptest.NewRecorder() + req, _ := http.NewRequest("GET", "/test", nil) + req.Header.Set("Origin", tt.origin) + router.ServeHTTP(w, req) + + assert.Equal(t, tt.expectedStatus, w.Code) + logger.Info.Printf("Recieved Headers: %#v", w.Header()) + for key, value := range tt.expectedHeaders { + assert.Equal(t, value, w.Header().Get(key)) + } + }) + } +} diff --git a/internal/server/server.go b/internal/server/server.go index f213761..5035aa1 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -11,6 +11,7 @@ import ( "GoMembership/internal/config" "GoMembership/internal/controllers" + "GoMembership/internal/middlewares" "GoMembership/internal/repositories" // "GoMembership/internal/middlewares" @@ -50,8 +51,9 @@ func Run() { router.Static(config.Templates.StaticPath, "./style") // Load HTML templates router.LoadHTMLGlob(filepath.Join(config.Templates.HTMLPath, "*")) + router.Use(gin.Logger()) - // router.Use(middlewares.LoggerMiddleware()) + router.Use(middlewares.CORSMiddleware()) routes.RegisterRoutes(router, userController, membershipController, contactController) // create subrouter for teh authenticated area /account