From ee67c8e0b3ecd4fc9daac50caada5e8ed51f25ab Mon Sep 17 00:00:00 2001
From: Rupam Kairi <rupamkairi@hotmail.com>
Date: Tue, 28 Jan 2025 09:27:23 +0530
Subject: [PATCH] Hotfix/fires api cors (#187) (#188)

* Simplified control flow
* Short circuiting OPTIONS call with empty response.
---
 apps/server/src/pages/api/v1/fires/index.ts | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/apps/server/src/pages/api/v1/fires/index.ts b/apps/server/src/pages/api/v1/fires/index.ts
index c0d91988..0c34cb0f 100644
--- a/apps/server/src/pages/api/v1/fires/index.ts
+++ b/apps/server/src/pages/api/v1/fires/index.ts
@@ -4,7 +4,8 @@ import { logger } from "../../../../server/logger";
 import { env } from "../../../../env.mjs"
 
 
-type ResponseData =
+type ResponseData = 
+  | string
   | GeoJSON.GeoJSON
   | {
       message?: string;
@@ -18,8 +19,18 @@ export default async function firesBySiteHandler(
   res: NextApiResponse<ResponseData>
 ) {
   try {
-    checkCORS(req, res);
-    checkMethods(req, res, ["GET"]);
+    // checkCORS(req, res);
+    res.setHeader('Access-Control-Allow-Credentials', 'true')
+    res.setHeader('Access-Control-Allow-Origin', '*')
+    res.setHeader('Access-Control-Allow-Headers', '*')
+    res.setHeader('Access-Control-Allow-Methods', 'GET,POST,PUT,PATCH,DELETE,OPTIONS')
+    
+    // checkMethods(req, res, ["GET"]);
+    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+    if (req.method === 'OPTIONS') { return res.status(200).end() }
+    if (!["GET"].includes(req.method!)) {
+      return res.status(405).json({ message: "Method Not Allowed" });
+    }
 
     let siteId = req.query.siteId as string;
     const remoteId = req.query.remoteId as string;
@@ -101,8 +112,7 @@ function checkCORS(req: NextApiRequest, res: NextApiResponse) {
   res.setHeader('Access-Control-Allow-Methods', 'GET,POST,PUT,PATCH,DELETE')
   res.setHeader('Access-Control-Allow-Headers', '*')
   if (req.method === 'OPTIONS') {
-    res.status(200).end()
-    return
+    return res.status(200).send("Ok")
   }
 }