From 12ce39cb778d5fac2aa522a54342fbe74854b095 Mon Sep 17 00:00:00 2001
From: Abhijeet Gupta <abhijeet.gupta@navi.com>
Date: Thu, 27 Apr 2023 00:03:32 +0530
Subject: [PATCH] Revert "TP-0000 | middleware (#41)" (#42)

This reverts commit 3713b793a35423ee72381dae18064e386bb2f049.
---
 cmd/app/server.go | 32 +++++++++++++++-----------------
 1 file changed, 15 insertions(+), 17 deletions(-)

diff --git a/cmd/app/server.go b/cmd/app/server.go
index c2d81b1..ae3a5a8 100644
--- a/cmd/app/server.go
+++ b/cmd/app/server.go
@@ -56,23 +56,6 @@ func (s *Server) createMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		whitelistedDomains := getWhitelistedDomains()
 
-		//cors handling
-		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
-		c.Writer.Header().Set("Access-Control-Allow-Headers", viper.GetString("allowed.custom.headers"))
-
-		origin := c.Request.Header.Get("Origin")
-		if !whitelistedDomains[origin] {
-			c.AbortWithStatus(http.StatusUnauthorized)
-			return
-		}
-
-		c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
-
-		if c.Request.Method == "OPTIONS" {
-			c.AbortWithStatus(http.StatusOK)
-			return
-		}
-
 		//auth handling
 		isAuthEnabled := viper.GetBool("auth.enabled")
 		if isAuthEnabled {
@@ -83,6 +66,21 @@ func (s *Server) createMiddleware() gin.HandlerFunc {
 			}
 		}
 
+		//cors handling
+		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", viper.GetString("allowed.custom.headers"))
+		origin := c.Request.Header.Get("Origin")
+		if !whitelistedDomains[origin] {
+			c.AbortWithStatus(http.StatusUnauthorized)
+			return
+		}
+		c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
+
+		if c.Request.Method == "OPTIONS" {
+			c.AbortWithStatus(http.StatusOK)
+			return
+		}
+
 		startTime := time.Now()
 		c.Next()
 		endTime := float64(time.Since(startTime))