From 359def592d85406f63ac5b94e74d848ab1031cf4 Mon Sep 17 00:00:00 2001 From: mwpn Date: Wed, 17 Dec 2025 14:10:33 +0700 Subject: [PATCH] fix: Pastikan CORS headers ditambahkan ke error response juga, tambah DEPLOY_CORS_FIX.md --- DEPLOY_CORS.md | 3 ++ DEPLOY_CORS_FIX.md | 116 ++++++++++++++++++++++++++++++++++++++++++ src/Bootstrap/app.php | 36 +++++++++++-- 3 files changed, 151 insertions(+), 4 deletions(-) create mode 100644 DEPLOY_CORS_FIX.md diff --git a/DEPLOY_CORS.md b/DEPLOY_CORS.md index d587c16..d202aa1 100644 --- a/DEPLOY_CORS.md +++ b/DEPLOY_CORS.md @@ -112,18 +112,21 @@ fetch("https://api.btekno.cloud/health", { **Solusi:** 1. **Restart PHP-FPM** (PENTING!): + ```bash systemctl reload php-fpm-83 # Sesuaikan dengan PHP version # Atau via aaPanel: Website -> PHP -> Service Management -> Reload ``` 2. **Clear PHP Opcache**: + ```bash php -r "opcache_reset();" # Atau via aaPanel: Website -> PHP -> Opcache -> Clear Cache ``` 3. **Cek apakah code sudah ter-pull**: + ```bash cd /www/wwwroot/api.btekno.cloud/api git pull origin main diff --git a/DEPLOY_CORS_FIX.md b/DEPLOY_CORS_FIX.md new file mode 100644 index 0000000..fc6e965 --- /dev/null +++ b/DEPLOY_CORS_FIX.md @@ -0,0 +1,116 @@ +# 🔧 Fix CORS Headers Tidak Muncul + +## ⚠️ Masalah + +CORS headers tidak muncul di HTTP response meskipun `php bin/test_cors.php` menunjukkan middleware sudah bekerja. + +## ✅ Solusi Langkah Demi Langkah + +### 1. Pull Code Terbaru di Server + +```bash +cd /www/wwwroot/api.btekno.cloud/api +git pull origin main +composer dump-autoload --optimize +``` + +### 2. Verifikasi Code Sudah Ter-update + +```bash +# Cek apakah CorsMiddleware ada +ls -la src/Middleware/CorsMiddleware.php + +# Cek apakah Bootstrap sudah include CORS +grep -n "CorsMiddleware" src/Bootstrap/app.php +``` + +Harus muncul: +- File `src/Middleware/CorsMiddleware.php` ada +- `src/Bootstrap/app.php` berisi `CorsMiddleware` + +### 3. Restart PHP-FPM (PENTING!) + +```bash +# Cek PHP version +php -v + +# Restart sesuai PHP version +systemctl reload php-fpm-83 # Untuk PHP 8.3 +# atau +systemctl reload php-fpm-82 # Untuk PHP 8.2 +``` + +**Via aaPanel:** +- Website → api.btekno.cloud → PHP → Service Management → Reload + +### 4. Clear Opcache + +```bash +# Via command +php -r "opcache_reset();" +``` + +**Via aaPanel:** +- Website → PHP → Opcache → Clear Cache + +### 5. Test CORS + +```bash +# Test dengan curl +curl -v -H "Origin: http://localhost/retribusi" https://api.btekno.cloud/health 2>&1 | grep -i "access-control" +``` + +**Harus muncul:** +``` +< access-control-allow-origin: http://localhost/retribusi +< access-control-allow-credentials: true +< access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS +< access-control-allow-headers: Content-Type, Authorization, X-API-KEY, Accept, Origin +< access-control-max-age: 86400 +``` + +### 6. Jika Masih Belum Muncul + +**Cek error log:** +```bash +tail -f /www/wwwlogs/api.btekno.cloud.error.log +``` + +**Test middleware langsung:** +```bash +php bin/test_cors.php +``` + +Jika test script menunjukkan CORS headers muncul tapi HTTP tidak, kemungkinan: +1. PHP-FPM belum di-restart ✅ +2. Opcache masih cache code lama ✅ +3. Nginx mungkin menghapus headers (jarang terjadi) + +**Cek nginx config:** +```bash +# Pastikan tidak ada proxy_hide_header atau add_header yang override +grep -i "access-control" /www/server/panel/vhost/nginx/api.btekno.cloud.conf +``` + +Jika ada, hapus atau comment out. + +## 🎯 Quick Fix Command (All-in-One) + +```bash +cd /www/wwwroot/api.btekno.cloud/api && \ +git pull origin main && \ +composer dump-autoload --optimize && \ +php -r "opcache_reset();" && \ +systemctl reload php-fpm-83 && \ +echo "✅ Done! Test dengan: curl -I -H 'Origin: http://localhost/retribusi' https://api.btekno.cloud/health" +``` + +## 📝 Checklist + +- [ ] Code sudah di-pull (`git pull origin main`) +- [ ] Autoloader sudah di-regenerate (`composer dump-autoload --optimize`) +- [ ] PHP-FPM sudah di-restart (`systemctl reload php-fpm-XX`) +- [ ] Opcache sudah di-clear (`php -r "opcache_reset();"`) +- [ ] Test CORS dengan curl menunjukkan headers muncul +- [ ] Test dari browser console tidak ada CORS error + diff --git a/src/Bootstrap/app.php b/src/Bootstrap/app.php index 56bfd3b..4e55a97 100644 --- a/src/Bootstrap/app.php +++ b/src/Bootstrap/app.php @@ -5,9 +5,12 @@ declare(strict_types=1); namespace App\Bootstrap; use App\Middleware\CorsMiddleware; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; use Slim\App; use Slim\Factory\AppFactory; use Slim\Middleware\BodyParsingMiddleware; +use Slim\Middleware\ErrorMiddleware; class AppBootstrap { @@ -20,9 +23,6 @@ class AppBootstrap { $app = AppFactory::create(); - // Add CORS middleware FIRST (before routing) - $app->add(new CorsMiddleware()); - // Add body parsing middleware $app->addBodyParsingMiddleware(); @@ -30,7 +30,35 @@ class AppBootstrap $app->addRoutingMiddleware(); // Add error middleware - $app->addErrorMiddleware(true, true, true); + $errorMiddleware = $app->addErrorMiddleware(true, true, true); + + // Set custom error handler that includes CORS headers + $errorHandler = $errorMiddleware->getDefaultErrorHandler(); + $errorMiddleware->setDefaultErrorHandler(function ( + ServerRequestInterface $request, + \Throwable $exception, + bool $displayErrorDetails, + bool $logErrors, + bool $logErrorDetails + ) use ($errorHandler, $app): ResponseInterface { + $response = $errorHandler($request, $exception, $displayErrorDetails, $logErrors, $logErrorDetails); + + // Add CORS headers to error response + $corsMiddleware = new CorsMiddleware(); + return $corsMiddleware->process($request, new class($response) implements \Psr\Http\Server\RequestHandlerInterface { + private $response; + public function __construct($response) { + $this->response = $response; + } + public function handle(\Psr\Http\Message\ServerRequestInterface $request): \Psr\Http\Message\ResponseInterface { + return $this->response; + } + }); + }); + + // Add CORS middleware LAST (after error middleware) + // This ensures CORS headers are added to all responses, including errors + $app->add(new CorsMiddleware()); return $app; }