Set response cors headers according to serverless configuration

mcattarinussi · mcattarinussi · commit 4826aa1af41d · 2016-09-24T02:21:54.000+02:00
diff --git a/index.js b/index.js
@@ -93,8 +93,8 @@ module.exports = function(options) {
         callbacks.push(executeLambdaCallback(func));
         // Setup endpoint
         if (e.cors) {
-          httpConfig.eventHandler('options', path, [decorateAddCORSCallback(true), send200]);
-          callbacks.unshift(decorateAddCORSCallback());
+          httpConfig.eventHandler('options', path, [decorateAddCORSCallback(e.cors, true), send200]);
+          callbacks.unshift(decorateAddCORSCallback(e.cors));
         }
         httpConfig.eventHandler(method, path, callbacks);
       }
diff --git a/lib/decorators-callbacks.js b/lib/decorators-callbacks.js
@@ -18,13 +18,24 @@ module.exports.decorateLambdaReqCallback = function(getPrincipalId) {
   };
 };
 
-module.exports.decorateAddCORSCallback = function(isOptionMethod) {
+module.exports.decorateAddCORSCallback = function(corsOpts, isOptionMethod) {
+  // TODO: get default cors options from variables
+  const cors = {
+    origins: ['*'],
+    methods: ['GET', 'PUT', 'HEAD', 'PATCH', 'POST', 'DELETE', 'OPTIONS'],
+    headers: ['Authorization', 'Content-Type', 'x-amz-date', 'x-amz-security-token']
+  };
+  if(corsOpts instanceof Object) {
+    Object.assign(cors, corsOpts);
+  } else if(corsOpts != true) {
+    throw new Error('Invalid cors configuration!');
+  }
   return function(req, res, next) {
     if(isOptionMethod) {
-      res.header('Access-Control-Allow-Methods', 'GET,PUT,HEAD,PATCH,POST,DELETE,OPTIONS');
-      res.header('Access-Control-Allow-Headers', 'Authorization,Content-Type,x-amz-date,x-amz-security-token');
+      res.header('Access-Control-Allow-Methods', cors.methods.join(','));
+      res.header('Access-Control-Allow-Headers', cors.headers.join(','));
     }
-    res.header('Access-Control-Allow-Origin', '*');
+    res.header('Access-Control-Allow-Origin', cors.origins.join(','));
     next();
   };
 };

Original file line number	Diff line number	Diff line change
`@@ -93,8 +93,8 @@ module.exports = function(options) {`
`93`	`93`	`callbacks.push(executeLambdaCallback(func));`
`94`	`94`	`// Setup endpoint`
`95`	`95`	`if (e.cors) {`
`96`		`- httpConfig.eventHandler('options', path, [decorateAddCORSCallback(true), send200]);`
`97`		`- callbacks.unshift(decorateAddCORSCallback());`
	`96`	`+ httpConfig.eventHandler('options', path, [decorateAddCORSCallback(e.cors, true), send200]);`
	`97`	`+ callbacks.unshift(decorateAddCORSCallback(e.cors));`
`98`	`98`	`}`
`99`	`99`	`httpConfig.eventHandler(method, path, callbacks);`
`100`	`100`	`}`