From 6b2fae9cbfd0bc9e77cf30967c33babff352b267 Mon Sep 17 00:00:00 2001
From: devgianlu <altomanigianluca@gmail.com>
Date: Tue, 16 Apr 2024 19:49:15 +0200
Subject: [PATCH] Support setting "Access-Control-Allow-Origin" header for API
 server

Closes #27
---
 cmd/daemon/api_server.go | 18 +++++++++++++++---
 cmd/daemon/main.go       |  9 +++++----
 config_schema.json       |  5 +++++
 3 files changed, 25 insertions(+), 7 deletions(-)

diff --git a/cmd/daemon/api_server.go b/cmd/daemon/api_server.go
index 1ce145d..e361765 100644
--- a/cmd/daemon/api_server.go
+++ b/cmd/daemon/api_server.go
@@ -19,6 +19,8 @@ import (
 const timeout = 10 * time.Second
 
 type ApiServer struct {
+	allowOrigin string
+
 	close    bool
 	listener net.Listener
 
@@ -226,8 +228,8 @@ type ApiEventDataShuffleContext struct {
 	Value bool `json:"value"`
 }
 
-func NewApiServer(address string, port int) (_ *ApiServer, err error) {
-	s := &ApiServer{}
+func NewApiServer(address string, port int, allowOrigin string) (_ *ApiServer, err error) {
+	s := &ApiServer{allowOrigin: allowOrigin}
 	s.requests = make(chan ApiRequest)
 
 	s.listener, err = net.Listen("tcp", fmt.Sprintf("%s:%d", address, port))
@@ -262,6 +264,16 @@ func (s *ApiServer) handleRequest(req ApiRequest, w http.ResponseWriter) {
 	_ = json.NewEncoder(w).Encode(resp.data)
 }
 
+func (s *ApiServer) allowOriginMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		if len(s.allowOrigin) > 0 {
+			w.Header().Set("Access-Control-Allow-Origin", s.allowOrigin)
+		}
+
+		next.ServeHTTP(w, req)
+	})
+}
+
 func (s *ApiServer) serve() {
 	m := http.NewServeMux()
 	m.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
@@ -455,7 +467,7 @@ func (s *ApiServer) serve() {
 		}
 	})
 
-	err := http.Serve(s.listener, m)
+	err := http.Serve(s.listener, s.allowOriginMiddleware(m))
 	if s.close {
 		return
 	} else if err != nil {
diff --git a/cmd/daemon/main.go b/cmd/daemon/main.go
index cbd6d76..5138d44 100644
--- a/cmd/daemon/main.go
+++ b/cmd/daemon/main.go
@@ -316,9 +316,10 @@ type Config struct {
 	ExternalVolume        bool     `yaml:"external_volume"`
 	ZeroconfEnabled       bool     `yaml:"zeroconf_enabled"`
 	Server                struct {
-		Enabled bool   `yaml:"enabled"`
-		Address string `yaml:"address"`
-		Port    int    `yaml:"port"`
+		Enabled     bool   `yaml:"enabled"`
+		Address     string `yaml:"address"`
+		Port        int    `yaml:"port"`
+		AllowOrigin string `yaml:"allow_origin"`
 	} `yaml:"server"`
 	Credentials struct {
 		Type     string `yaml:"type"`
@@ -407,7 +408,7 @@ func main() {
 
 	// create api server if needed
 	if cfg.Server.Enabled {
-		app.server, err = NewApiServer(cfg.Server.Address, cfg.Server.Port)
+		app.server, err = NewApiServer(cfg.Server.Address, cfg.Server.Port, cfg.Server.AllowOrigin)
 		if err != nil {
 			log.WithError(err).Fatal("failed creating api server")
 		}
diff --git a/config_schema.json b/config_schema.json
index ae24634..b84f39d 100644
--- a/config_schema.json
+++ b/config_schema.json
@@ -82,6 +82,11 @@
               "type": "integer",
               "description": "Which port to bind for the API server",
               "default": 0
+            },
+            "allow_origin": {
+              "type": "string",
+              "description": "The value for the Access-Control-Allow-Origin header",
+              "default": ""
             }
           }
         },