TODO: Replace stubs

src/Http/JsonResponseFactory.php

@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Siteworxpro\App\Http;
+
+use Nyholm\Psr7\Response;
+
+/**
+ * Class JsonResponseFactory
+ *
+ * A factory class for creating JSON responses.
+ */
+class JsonResponseFactory
+{
+
+    /**
+     * Create a JSON response with the given data and status code.
+     *
+     * @param mixed $data The data to include in the response.
+     * @param int $statusCode The HTTP status code for the response.
+     * @return Response The JSON response.
+     * @throws \JsonException
+     */
+    public static function createJsonResponse(array $data, int $statusCode = 200): Response
+    {
+        return new Response(
+            status: $statusCode,
+            headers: [
+                'Content-Type' => 'application/json',
+            ],
+            body: json_encode($data, JSON_THROW_ON_ERROR)
+        );
+    }
+}

src/Http/Middleware/CorsMiddleware.php

@@ -0,0 +1,66 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Siteworxpro\App\Http\Middleware;
+
+use Nyholm\Psr7\Response;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\MiddlewareInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Siteworxpro\App\Facades\Config;
+
+/**
+ * Class CorsMiddleware
+ *
+ * Middleware to handle CORS (Cross-Origin Resource Sharing) requests.
+ * It checks the origin of the request and sets appropriate CORS headers
+ * in the response.
+ */
+class CorsMiddleware implements MiddlewareInterface
+{
+    /**
+     * Process the incoming request and add CORS headers to the response.
+     *
+     * @param ServerRequestInterface $request The incoming request.
+     * @param RequestHandlerInterface $handler The request handler.
+     * @return ResponseInterface The response with CORS headers.
+     */
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+        $origin = $request->getHeaderLine('Origin');
+        $allowedOrigins = array_map(
+            'trim', explode(
+            ',',
+            Config::get('CORS_ALLOWED_ORIGINS', 'https://example.com,https://another.com')
+        ));
+
+        $allowOrigin = in_array($origin, $allowedOrigins, true)
+            ? $origin
+            : 'null';
+
+        if ($request->getMethod() === 'OPTIONS') {
+            $response = new Response(204);
+        } else {
+            $response = $handler->handle($request);
+        }
+
+        $response = $response
+            ->withHeader('Access-Control-Allow-Origin', $allowOrigin)
+            ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS')
+            ->withHeader(
+                'Access-Control-Allow-Headers',
+                $request->getHeaderLine('Access-Control-Request-Headers')
+                    ?: 'Content-Type, Authorization'
+            );
+
+        if (Config::get('CORS_ALLOW_CREDENTIALS', 'bool')) {
+            $response = $response->withHeader('Access-Control-Allow-Credentials', 'true');
+        }
+
+        $maxAge = Config::get('CORS_MAX_AGE') ?: '86400';
+
+        return $response->withHeader('Access-Control-Max-Age', $maxAge);
+    }
+}