From 2896148124529afd21fa2f2fd2078ce107268d8d Mon Sep 17 00:00:00 2001
From: flashwave <me@flash.moe>
Date: Thu, 14 Nov 2024 01:53:35 +0000
Subject: [PATCH] Added CORS stuff for /v1/me.

---
 src/V1/V1Routes.php      | 1 +
 src/V1/V1UsersRoutes.php | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/V1/V1Routes.php b/src/V1/V1Routes.php
index 51a0550..99da4cd 100644
--- a/src/V1/V1Routes.php
+++ b/src/V1/V1Routes.php
@@ -16,6 +16,7 @@ class V1Routes implements RouteHandler {
         $router->get('/', fn() => ['status' => 'operational']);
 
         $usersRoutes = new V1UsersRoutes($this->ctx, $this->ctx->getRpcClient()->scopeTo('misuzu:users:'));
+        $router->options('/me', $usersRoutes->getMe(...));
         $router->get('/me', $usersRoutes->getMe(...));
         $router->scopeTo('/users')->register($usersRoutes);
     }
diff --git a/src/V1/V1UsersRoutes.php b/src/V1/V1UsersRoutes.php
index c8b6b9e..1d83ad1 100644
--- a/src/V1/V1UsersRoutes.php
+++ b/src/V1/V1UsersRoutes.php
@@ -12,7 +12,11 @@ class V1UsersRoutes implements RouteHandler {
         private RpcClient $rpc
     ) {}
 
-    public function getMe() {
+    public function getMe($response) {
+        $response->setHeader('Access-Control-Allow-Origin', '*');
+        $response->setHeader('Access-Control-Allow-Methods', 'OPTIONS, GET');
+        $response->setHeader('Cache-Control', 'no-store');
+
         $authz = $this->ctx->getAuthzContext();
         if(!$authz->hasScope('identify'))
             return 403;