Use config instead of middleware property

2019-12-26 19:46:41 +01:00 · 2019-12-26 19:46:41 +01:00 · 860ec9f2a4
parent 777baff7d5
commit 860ec9f2a4
3 changed files with 68 additions and 9 deletions
--- a/app/Http/Middleware/HandleCors.php
+++ b/app/Http/Middleware/HandleCors.php
@ -6,11 +6,5 @@

 class HandleCors extends Middleware
 {
-    /**
-     * The paths to enable CORS on.
-     * Example: ['api/*']
-     *
-     * @var array
-     */
-    protected $paths = [];
+
 }
--- a/config/cors.php
+++ b/config/cors.php
@ -0,0 +1,60 @@
+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Laravel CORS Options
+    |--------------------------------------------------------------------------
+    |
+    | The allowed_methods and allowed_headers options are case-insensitive.
+    |
+    | You don't need to provide both allowed_origins and allowed_origins_patterns.
+    | If one of the strings passed matches, it is considered a valid origin.
+    |
+    | If array('*') is provided to allowed_methods, allowed_origins or allowed_headers
+    | all methods / origins / headers are allowed.
+    |
+    */
+
+    /*
+     * You can enable CORS for 1 or multiple paths.
+     * Example: ['api/*']
+     */
+    'paths' => [],
+
+    /*
+    * Matches the request method. `[*]` allows all methods.
+    */
+    'allowed_methods' => ['*'],
+
+    /*
+     * Matches the request origin. `[*]` allows all origins.
+     */
+    'allowed_origins' => ['*'],
+
+    /**
+     * Matches the request origin with, similar to `Request::is()`
+     */
+    'allowed_origins_patterns' => [],
+
+    /**
+     * Sets the Access-Control-Allow-Headers response header. `[*]` allows all headers.
+     */
+    'allowed_headers' => ['*'],
+
+    /**
+     * Sets the Access-Control-Expose-Headers response header.
+     */
+    'exposed_headers' => false,
+
+    /**
+     * Sets the Access-Control-Max-Age response header.
+     */
+    'max_age' => false,
+
+    /**
+     * Sets the Access-Control-Allow-Credentials header.
+     */
+    'supports_credentials' => false,
+];
--- a/routes/api.php
+++ b/routes/api.php
@ -13,7 +13,12 @@
 | is assigned the "api" middleware group. Enjoy building your API!
 |
 */
-
-Route::middleware('auth:api')->get('/user', function (Request $request) {
+Route::any('/test', function (Request $request) {
+    $a++;
+    return $request->user();
+});
+
+
+Route::middleware('auth:api')->any('/user', function (Request $request) {
    return $request->user();
 });