From f9a4a30e61e6476ea656185248b89227fa071fee Mon Sep 17 00:00:00 2001
From: creations <creations@creations.works>
Date: Sat, 31 May 2025 19:10:53 -0400
Subject: [PATCH] fix cors #2

---
 src/routes/mod.rs | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/src/routes/mod.rs b/src/routes/mod.rs
index 01749bb..8da7fbd 100644
--- a/src/routes/mod.rs
+++ b/src/routes/mod.rs
@@ -1,13 +1,43 @@
 use crate::db::AppState;
-use axum::{Router, routing::get};
+use axum::{
+    http::{HeaderValue, StatusCode},
+    response::Response,
+    routing::{get, options},
+    Router,
+};
 
 pub mod auth;
 mod timezone;
 
+async fn preflight_handler() -> Response {
+    let mut res = Response::new("".into());
+
+    let headers = res.headers_mut();
+    headers.insert("access-control-allow-origin", HeaderValue::from_static("*"));
+    headers.insert(
+        "access-control-allow-methods",
+        HeaderValue::from_static("GET, POST, OPTIONS"),
+    );
+    headers.insert(
+        "access-control-allow-headers",
+        HeaderValue::from_static("Content-Type, Authorization"),
+    );
+    headers.insert(
+        "access-control-allow-credentials",
+        HeaderValue::from_static("true"),
+    );
+    headers.insert("vary", HeaderValue::from_static("Origin"));
+
+    *res.status_mut() = StatusCode::OK;
+
+    res
+}
+
 pub fn all() -> Router<AppState> {
     Router::new()
         .route("/get", get(timezone::get_timezone))
         .route("/set", get(timezone::set_timezone))
+        .route("/set", options(preflight_handler))
         .route("/delete", get(timezone::delete_timezone))
         .route("/list", get(timezone::list_timezones))
         .route("/auth/discord", get(auth::start_oauth))