package middleware

import "net/http"

func CORS(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		writeMethods(w, r)
		writeOrigins(w, r)
		writeHeaders(w)
		next.ServeHTTP(w, r)
	})
}

func writeMethods(responseWriter http.ResponseWriter, request *http.Request) {
	method := request.Header.Get("Access-Control-Request-Method")
	if isPreflight(request) {
		responseWriter.Header().Add("Access-Control-Allow-Methods", method)
	}
}

func writeOrigins(responseWriter http.ResponseWriter, request *http.Request) {
	origin := request.Header.Get("Origin")
	if origin == "http://localhost:5173" {
		responseWriter.Header().Add("Access-Control-Allow-Origin", origin)
	}
}

func writeHeaders(responseWriter http.ResponseWriter) {
	responseWriter.Header().Add("Access-Control-Allow-Headers", "*")
}

func isPreflight(request *http.Request) bool {
	return request.Method == "OPTIONS" &&
		request.Header.Get("Origin") != "" &&
		request.Header.Get("Access-Control-Request-Method") != ""
}