gin: grouping routes and middleware not working

I am trying to add this middleware

func CORS () gin.HandlerFunc {
    return func(context *gin.Context) {
        context.Writer.Header().Add("Access-Control-Allow-Origin", "*")
        context.Writer.Header().Set("Access-Control-Max-Age", "86400")
        context.Writer.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
        context.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
        context.Writer.Header().Set("Access-Control-Expose-Headers", "Content-Length")
        context.Writer.Header().Set("Access-Control-Allow-Credentials", "true")

        if context.Request.Method == "OPTIONS" {
            context.AbortWithStatus(200)
        } else {
            context.Next()
        }
    }
}

but not work with grouping routes

  func main () {
    router := gin.New()
    router.Use(CORS())

    // cors middleware not working
    users := router.Group("/users")
    users.GET("/", Users)

    // cors middleware not working
    users := router.Group("/users")
    users.Use(CORS())
    users.GET("/", Users)

    // cors middleware working fine
    router.GET("/users")

    router.Run(":3000")
  }

About this issue

  • Original URL
  • State: closed
  • Created 8 years ago
  • Reactions: 1
  • Comments: 16

Most upvoted comments

Apologies for awaking an old issue, but I’ve just come across this and also think it’s an issue. We have particular aspects of an API which we want open to CORS but not all endpoints.

It looks like middlewares on RouterGroup only execute if a defined route is matched, whereas middlewares on Engine are executed regardless.

Is this something the contributors would be willing to accept if a PR is made?

+9
dan-j on Mar 8, 2021

Why is this closed? As far as I can tell, this is still an issue. Or are we not meant to use middleware on router groups?

+8
jmwohl on Jan 7, 2019

@rasheedhamdawi is this resolved ? anything share ?

+8
douglarek on Mar 6, 2016

Same issue, and you should put your middleware before the routes, like this, and it works.

	r := gin.Default()
	r.Use(Authentication())
	r.POST("/v2/create", handlers.CreateHandler)
+5
bkda on Mar 20, 2018

And here it is what I’m using:

transaction := api.Group("/transaction", HandleApiKey())

transaction.GET("/", func(c *gin.Context) {
    //a nice logic will be here
})

func HandleApiKey() gin.HandlerFunc {
    return func(c *gin.Context) {
    //another nice middleware will be here
    }
}
+2
sonemaro on May 21, 2018

@douglarek I had exactly this problem. You should define your middlewares before your grouping route(maybe right after creating the router instance)

+2
sonemaro on Aug 31, 2017

Try this :

router := gin.Default()
api := router.Group("/api").Use(middleWareFunc())
+1
spiropoulos94 on Mar 31, 2022

Interesting. I used the following main-function and everything works fine.

What part of your code is not working?

  func main () {
    router := gin.New()
    router.Use(CORS())

    users := router.Group("/users")
    users.GET("/", Users)

    router.Run(":3000")
  }
+1
Norbell on Sep 1, 2017
Read more comments on GitHub
← gin: Got "ambiguous import: found github.com/ugorji/go/codec in multiple modules" after upgraded to latest (1.3.1)
gin: Question: Handling errors →