kuns/claudedo-online
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: list + task endpoints and CORS, verified end-to-end

Browse Source
This commit is contained in:
Claude
2026-06-10 07:58:51 +00:00
parent 394bceca5f
commit 285bac4308
11 changed files with 143 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
server/middleware/0.cors.ts Normal file
View File

@@ -0,0 +1,19 @@
// CORS for /api/**. Restricts to the configured web client origin and answers preflight.
// Runs before 1.auth.ts (alphabetical order) so OPTIONS is handled without a token.
export default defineEventHandler((event) => {
if (!getRequestURL(event).pathname.startsWith("/api/")) return;
const origin = useRuntimeConfig().webOrigin;
if (origin) {
setResponseHeader(event, "Access-Control-Allow-Origin", origin);
setResponseHeader(event, "Vary", "Origin");
setResponseHeader(event, "Access-Control-Allow-Headers", "authorization, content-type");
setResponseHeader(event, "Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
setResponseHeader(event, "Access-Control-Max-Age", "600");
}
if (event.method === "OPTIONS") {
setResponseStatus(event, 204);
return "";
}
});