Allow more CORS configuration customization

internal/serv/api.go

@@ -46,6 +46,8 @@ type Serv struct {
 	SeedFile       string   `mapstructure:"seed_file"`
 	MigrationsPath string   `mapstructure:"migrations_path"`
 	AllowedOrigins []string `mapstructure:"cors_allowed_origins"`
+	AllowedMethods []string `mapstructure:"cors_allowed_methods"`
+	AllowedHeaders []string `mapstructure:"cors_allowed_headers"`
 	DebugCORS      bool     `mapstructure:"cors_debug"`
 	APIPath        string   `mapstructure:"api_path"`
 	CacheControl   string   `mapstructure:"cache_control"`

internal/serv/http.go

@@ -43,6 +43,8 @@ func apiV1Handler() http.Handler {
 	if len(conf.AllowedOrigins) != 0 {
 		c := cors.New(cors.Options{
 			AllowedOrigins:   conf.AllowedOrigins,
+			AllowedHeaders:   conf.AllowedHeaders,
+			AllowedMethods:   conf.AllowedMethods,
 			AllowCredentials: true,
 			Debug:            conf.DebugCORS,
 		})