move core headers to middleware file

src/index.ts

@@ -8,6 +8,7 @@ import compactRecipeRoutes from "./endpoints/CompactRecipePoint.js";
 import recipeRoutes from "./endpoints/RecipePoint.js";
 import { errorHandler } from "./middleware/errorHandler.js";
 import { authentication } from "./middleware/authenticationMiddleware.js";
+import { corsHeaders } from "./middleware/corsMiddleware.js";
 
 dotenv.config();
 
@@ -28,19 +29,7 @@ async function startServer() {
     console.log("Migrations executed");
 
     // Enable CORS before anything else
-    // @todo move to middleware util
+    app.use(corsHeaders);
-    app.use((req: Request, res: Response, next: NextFunction) => {
-      res.header('Access-Control-Allow-Origin', '*');
-      res.header('Access-Control-Allow-Methods', 'GET,POST,PUT,DELETE,OPTIONS');
-      res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization');
-      
-      // Handle preflight requests quickly
-      if (req.method === 'OPTIONS') {
-        return res.sendStatus(200);
-      }
-
-      next();
-    });
 
     // Activate Authentication
     app.use(authentication);

src/middleware/corsMiddleware.ts

@@ -0,0 +1,21 @@
+import { Request, Response, NextFunction } from "express";
+
+/**
+ * Add CORS header
+ * 
+ * CORS (Cross-Origin Resource Sharing) must be enabled for the web app
+ * to communicate with the backehd
+ */
+export function corsHeaders (req: Request, res: Response, next: NextFunction) {
+    // allow requests from all sources (*) for now
+      res.header('Access-Control-Allow-Origin', '*');
+      res.header('Access-Control-Allow-Methods', 'GET,POST,PUT,DELETE,OPTIONS');
+      res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization');
+      
+      // Handle preflight requests quickly
+      if (req.method === 'OPTIONS') {
+        return res.sendStatus(200);
+      }
+
+      next();
+    }