import { NextResponse } from 'next/server'
import type { NextRequest } from 'next/server'

const ALLOWED_ORIGINS = [
  'https://souladmin.quwanzhi.com',
  'http://localhost:5174',
  'http://127.0.0.1:5174',
]

export function middleware(request: NextRequest) {
  const origin = request.headers.get('origin')
  const res = NextResponse.next()
  if (origin && ALLOWED_ORIGINS.includes(origin)) {
    res.headers.set('Access-Control-Allow-Origin', origin)
  }
  res.headers.set('Access-Control-Allow-Methods', 'GET,POST,PUT,DELETE,OPTIONS')
  res.headers.set('Access-Control-Allow-Headers', 'Content-Type,Authorization')
  res.headers.set('Access-Control-Allow-Credentials', 'true')
  if (request.method === 'OPTIONS') {
    return new NextResponse(null, { status: 204, headers: res.headers })
  }
  return res
}

export const config = {
  matcher: '/api/:path*',
}