1 files changed, 26 insertions, 4 deletions

diff --git a/middleware/src/app/api/notifications/set/route.ts b/middleware/src/app/api/notifications/set/route.ts
index 3a584fb..c87159f 100644
--- a/middleware/src/app/api/notifications/set/route.ts
+++ b/middleware/src/app/api/notifications/set/route.ts
@@ -6,7 +6,19 @@ const redis = new Redis({
   token: process.env.KV_REST_API_TOKEN!,
 });
 
-// /api/fcm?topic=<topic>&token=<fcm_token>&action=subscribe|unsubscribe
+const corsHeaders = {
+  "Access-Control-Allow-Origin": "*",
+  "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
+  "Access-Control-Allow-Headers": "Content-Type, Authorization",
+};
+export async function OPTIONS() {
+  return new Response(null, {
+    status: 204,
+    headers: corsHeaders,
+  });
+}
+
+// /api/notification/set?topic=<topic>&token=<fcm_token>&action=subscribe|unsubscribe
 export async function GET(req: Request) {
   const { searchParams } = new URL(req.url);
   const topic = searchParams.get("topic");
@@ -14,8 +26,12 @@ export async function GET(req: Request) {
   const action = searchParams.get("action"); // "subscribe" | "unsubscribe"
 
   if (!topic || !token || !action) {
-    return new Response(JSON.stringify({ error: "Missing params" }), { status: 400 });
+    return new Response(JSON.stringify({ error: "Missing params" }), {
+      status: 400,
+      headers: corsHeaders,
+    });
   }
+
   const key = `fcm-${topic}`;
 
   if (action === "subscribe") {
@@ -23,8 +39,14 @@ export async function GET(req: Request) {
   } else if (action === "unsubscribe") {
     await redis.srem(key, token);
   } else {
-    return new Response(JSON.stringify({ error: "Invalid action" }), { status: 400 });
+    return new Response(JSON.stringify({ error: "Invalid action" }), {
+      status: 400,
+      headers: corsHeaders,
+    });
   }
 
-  return new Response(JSON.stringify({ success: true }), { status: 200 });
+  return new Response(JSON.stringify({ success: true }), {
+    status: 200,
+    headers: corsHeaders,
+  });
 }