From dcf620f19196f2302328612fc0b1fff286c0c862 Mon Sep 17 00:00:00 2001
From: Roland Schneider <rschneider@ucs.at>
Date: Tue, 28 Sep 2021 19:32:39 +0200
Subject: [PATCH] bug fixing

---
 common/helpers/CorsCustom.php               | 25 +++++++++++++++++++++
 customerapi/controllers/LoginController.php |  3 ++-
 customerapi/controllers/RestController.php  |  3 ++-
 3 files changed, 29 insertions(+), 2 deletions(-)
 create mode 100644 common/helpers/CorsCustom.php

diff --git a/common/helpers/CorsCustom.php b/common/helpers/CorsCustom.php
new file mode 100644
index 0000000..2284d3a
--- /dev/null
+++ b/common/helpers/CorsCustom.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace common\helpers;
+use Yii;
+
+use yii\filters\Cors;
+
+
+class CorsCustom extends Cors
+{
+
+    public function beforeAction($action){
+
+        parent::beforeAction($action);
+
+        if (Yii::$app->getRequest()->getMethod() === 'OPTIONS') {
+            Yii::$app->getResponse()->getHeaders()->set('Allow', 'POST GET PUT');
+            Yii::$app->end();
+        }
+
+        return true;
+
+    }
+
+}
diff --git a/customerapi/controllers/LoginController.php b/customerapi/controllers/LoginController.php
index 4eb6944..5d1f6dd 100644
--- a/customerapi/controllers/LoginController.php
+++ b/customerapi/controllers/LoginController.php
@@ -8,6 +8,7 @@
 
 namespace customerapi\controllers;
 
+use common\helpers\CorsCustom;
 use customerapi\models\LoginForm;
 use sizeg\jwt\Jwt;
 use sizeg\jwt\JwtHttpBearerAuth;
@@ -25,7 +26,7 @@ class LoginController extends Controller
         $behaviors = parent::behaviors();
 
         $behaviors['corsFilter'] = [
-              'class' => \yii\filters\Cors::className(),
+              'class' => CorsCustom::class,
               'cors' => [
                   // restrict access to
                   'Origin' => ['https://botondfitness.hu'],
diff --git a/customerapi/controllers/RestController.php b/customerapi/controllers/RestController.php
index 461e697..83968a7 100644
--- a/customerapi/controllers/RestController.php
+++ b/customerapi/controllers/RestController.php
@@ -3,6 +3,7 @@
 namespace customerapi\controllers;
 
 
+use common\helpers\CorsCustom;
 use common\models\Customer;
 use Exception;
 use Lcobucci\JWT\Token;
@@ -20,7 +21,7 @@ class RestController extends Controller
         $behaviors = parent::behaviors();
 
         $behaviors['corsFilter'] = [
-            'class' => Cors::class,
+            'class' => CorsCustom::class,
             'cors' => [
                 // restrict access to
                 'Origin' => ['https://botondfitness.hu'],