Skip to content
Snippets Groups Projects
Commit d315476f authored by Carl Schönfelder's avatar Carl Schönfelder
Browse files

fix: cors

parent 50d1a77d
No related branches found
No related tags found
No related merge requests found
Pipeline #38435 failed
Stage: setup
Stage: test
Hide whitespace changes
Inline Side-by-side
server/app/__init__.py
+ 7
1
View file @ d315476f
from flask import Flask, redirect, request from flask import Flask, redirect, request
from flask_cors import CORS
import app.core.models as models import app.core.models as models
from app.core import bcrypt, db, jwt from app.core import bcrypt, db, jwt
...@@ -8,7 +9,6 @@ def create_app(config_name="configmodule.DevelopmentConfig"): ...@@ -8,7 +9,6 @@ def create_app(config_name="configmodule.DevelopmentConfig"):
app = Flask(__name__) app = Flask(__name__)
app.config.from_object(config_name) app.config.from_object(config_name)
app.url_map.strict_slashes = False app.url_map.strict_slashes = False
with app.app_context(): with app.app_context():
bcrypt.init_app(app) bcrypt.init_app(app)
...@@ -25,6 +25,12 @@ def create_app(config_name="configmodule.DevelopmentConfig"): ...@@ -25,6 +25,12 @@ def create_app(config_name="configmodule.DevelopmentConfig"):
if rp != "/" and rp.endswith("/"): if rp != "/" and rp.endswith("/"):
return redirect(rp[:-1]) return redirect(rp[:-1])
@app.after_request
def set_core(response):
header = response.headers
header["Access-Control-Allow-Origin"] = "*"
return response
return app return app
......
server/app/apis/auth.py
+ 6
1
View file @ d315476f
...@@ -11,7 +11,7 @@ from flask_jwt_extended import ( ...@@ -11,7 +11,7 @@ from flask_jwt_extended import (
jwt_refresh_token_required, jwt_refresh_token_required,
jwt_required, jwt_required,
) )
from flask_restx import Namespace, Resource from flask_restx import Namespace, Resource, cors
api = Namespace("auth") api = Namespace("auth")
...@@ -23,6 +23,7 @@ def get_user_claims(item_user): ...@@ -23,6 +23,7 @@ def get_user_claims(item_user):
@api.route("/signup") @api.route("/signup")
class AuthSignup(Resource): class AuthSignup(Resource):
@jwt_required @jwt_required
@cors.crossdomain(origin="*")
def post(self): def post(self):
args = create_user_parser.parse_args(strict=True) args = create_user_parser.parse_args(strict=True)
email = args.get("email") email = args.get("email")
...@@ -44,6 +45,7 @@ class AuthSignup(Resource): ...@@ -44,6 +45,7 @@ class AuthSignup(Resource):
@api.param("ID") @api.param("ID")
class AuthDelete(Resource): class AuthDelete(Resource):
@jwt_required @jwt_required
@cors.crossdomain(origin="*")
def delete(self, ID): def delete(self, ID):
item_user = User.query.filter(User.id == ID).first() item_user = User.query.filter(User.id == ID).first()
dbc.delete(item_user) dbc.delete(item_user)
...@@ -55,6 +57,7 @@ class AuthDelete(Resource): ...@@ -55,6 +57,7 @@ class AuthDelete(Resource):
@api.route("/login") @api.route("/login")
class AuthLogin(Resource): class AuthLogin(Resource):
@cors.crossdomain(origin="*")
def post(self): def post(self):
args = login_parser.parse_args(strict=True) args = login_parser.parse_args(strict=True)
email = args.get("email") email = args.get("email")
...@@ -74,6 +77,7 @@ class AuthLogin(Resource): ...@@ -74,6 +77,7 @@ class AuthLogin(Resource):
@api.route("/logout") @api.route("/logout")
class AuthLogout(Resource): class AuthLogout(Resource):
@jwt_required @jwt_required
@cors.crossdomain(origin="*")
def post(self): def post(self):
jti = get_raw_jwt()["jti"] jti = get_raw_jwt()["jti"]
dbc.add.blacklist(jti) dbc.add.blacklist(jti)
...@@ -84,6 +88,7 @@ class AuthLogout(Resource): ...@@ -84,6 +88,7 @@ class AuthLogout(Resource):
class AuthRefresh(Resource): class AuthRefresh(Resource):
@jwt_required @jwt_required
@jwt_refresh_token_required @jwt_refresh_token_required
@cors.crossdomain(origin="*")
def post(self): def post(self):
old_jti = get_raw_jwt()["jti"] old_jti = get_raw_jwt()["jti"]
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment