import { cors as honoCors } from 'hono/cors';
import { config } from '../config';

export const corsMiddleware = honoCors({
  origin: (origin) => {
    // Allow configured origin and localhost in development
    const allowedOrigins = [config.corsOrigin];
    if (config.nodeEnv === 'development') {
      allowedOrigins.push('http://localhost:3000', 'http://localhost:3001', 'http://localhost:3025');
    }
    return allowedOrigins.includes(origin) ? origin : allowedOrigins[0];
  },
  allowHeaders: ['Content-Type', 'Authorization', 'X-Request-ID'],
  allowMethods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
  exposeHeaders: ['X-Total-Count', 'X-Request-ID'],
  maxAge: 86400,
  credentials: true,
});