From 4574e8f4f23b93bcf64e44ee4209257c0cc11877 Mon Sep 17 00:00:00 2001
From: Marcus Noble <marcus@marcusnoble.co.uk>
Date: Mon, 20 Feb 2017 21:10:28 +0000
Subject: [PATCH] Handle authenticated endpoints

---
 index.js | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/index.js b/index.js
index e9aef92..efd96ae 100644
--- a/index.js
+++ b/index.js
@@ -24,17 +24,28 @@ http.createServer((req, response) => {
     url: remoteURL,
     followAllRedirects: true,
     method: req.method,
-    headers: req.headers
+    headers: req.headers,
+    gzip: true
   };
 
   if(req.method !== 'HEAD') {
     config.body = req;
   }
 
-  response.setHeader('Access-Control-Allow-Origin', '*');
-  
   request(config)
+    .on('response', res => {
+      res.headers['access-control-allow-origin'] = req.headers.origin || '*';
+      res.headers['access-control-allow-headers'] = 'Origin, X-Requested-With, Content-Type, Accept, authorization';
+      delete res.headers['access-control-allow-credentials'];
+      delete res.headers['access-control-allow-methods'];
+      delete res.headers['content-encoding'];
+      delete res.headers['content-length'];
+      response.writeHead(res.statusCode, res.headers);
+    })
+    .on('data', function(data) {
+      response.write(data);
+    })
     .on('error', () => response.end())
-    .pipe(response, {end:true});
+    .on('end', () => response.end());
 
 }).listen(PORT);