Skip to content
Snippets Groups Projects
Commit d315476f authored by Carl Schönfelder's avatar Carl Schönfelder
Browse files

fix: cors

parent 50d1a77d
No related branches found
No related tags found
No related merge requests found
Pipeline #38435 failed
Stage: setup
Stage: test
Hide whitespace changes
Inline Side-by-side
server/app/__init__.py
+ 7
1
View file @ d315476f
from flask import Flask, redirect, request
from flask_cors import CORS
import app.core.models as models
from app.core import bcrypt, db, jwt
......@@ -8,7 +9,6 @@ def create_app(config_name="configmodule.DevelopmentConfig"):
app = Flask(__name__)
app.config.from_object(config_name)
app.url_map.strict_slashes = False
with app.app_context():
bcrypt.init_app(app)
......@@ -25,6 +25,12 @@ def create_app(config_name="configmodule.DevelopmentConfig"):
if rp != "/" and rp.endswith("/"):
return redirect(rp[:-1])
@app.after_request
def set_core(response):
header = response.headers
header["Access-Control-Allow-Origin"] = "*"
return response
return app
......
server/app/apis/auth.py
+ 6
1
View file @ d315476f
......@@ -11,7 +11,7 @@ from flask_jwt_extended import (
jwt_refresh_token_required,
jwt_required,
)
from flask_restx import Namespace, Resource
from flask_restx import Namespace, Resource, cors
api = Namespace("auth")
......@@ -23,6 +23,7 @@ def get_user_claims(item_user):
@api.route("/signup")
class AuthSignup(Resource):
@jwt_required
@cors.crossdomain(origin="*")
def post(self):
args = create_user_parser.parse_args(strict=True)
email = args.get("email")
......@@ -44,6 +45,7 @@ class AuthSignup(Resource):
@api.param("ID")
class AuthDelete(Resource):
@jwt_required
@cors.crossdomain(origin="*")
def delete(self, ID):
item_user = User.query.filter(User.id == ID).first()
dbc.delete(item_user)
......@@ -55,6 +57,7 @@ class AuthDelete(Resource):
@api.route("/login")
class AuthLogin(Resource):
@cors.crossdomain(origin="*")
def post(self):
args = login_parser.parse_args(strict=True)
email = args.get("email")
......@@ -74,6 +77,7 @@ class AuthLogin(Resource):
@api.route("/logout")
class AuthLogout(Resource):
@jwt_required
@cors.crossdomain(origin="*")
def post(self):
jti = get_raw_jwt()["jti"]
dbc.add.blacklist(jti)
......@@ -84,6 +88,7 @@ class AuthLogout(Resource):
class AuthRefresh(Resource):
@jwt_required
@jwt_refresh_token_required
@cors.crossdomain(origin="*")
def post(self):
old_jti = get_raw_jwt()["jti"]
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment