aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-12-05 16:47:46 +0300
committerFrederick Muriuki Muriithi2023-12-05 16:48:48 +0300
commitd59c3c49b2fcb60550be68f241f2526895512e94 (patch)
tree0de23e15b8b9a66ab78d4fd394603f9ef54112dd
parentd2ad3b1abffdeeb52e1b5f5a303a381aa3dd477c (diff)
downloadgn-auth-d59c3c49b2fcb60550be68f241f2526895512e94.tar.gz
Enable CORS to allow access from GN2 javascript
-rw-r--r--.guix/modules/gn-auth.scm1
-rw-r--r--gn_auth/__init__.py7
-rw-r--r--gn_auth/settings.py7
3 files changed, 15 insertions, 0 deletions
diff --git a/.guix/modules/gn-auth.scm b/.guix/modules/gn-auth.scm
index ec91df0..4a7a400 100644
--- a/.guix/modules/gn-auth.scm
+++ b/.guix/modules/gn-auth.scm
@@ -60,6 +60,7 @@
("python-authlib" ,python-authlib)
("python-pymonad" ,python-pymonad)
("yoyo-migrations" ,yoyo-migrations)
+ ("python-flask-cors" ,python-flask-cors)
("python-mysqlclient" ,python-mysqlclient)
("python-argon2-cffi" ,python-argon2-cffi)
("python-email-validator" ,python-email-validator)))
diff --git a/gn_auth/__init__.py b/gn_auth/__init__.py
index 8bd0093..79f52fd 100644
--- a/gn_auth/__init__.py
+++ b/gn_auth/__init__.py
@@ -5,6 +5,7 @@ import logging
from typing import Optional
from flask import Flask
+from flask_cors import CORS
from gn_auth.misc_views import misc
from gn_auth.auth.views import oauth2
@@ -76,6 +77,12 @@ def create_app(config: Optional[dict] = None) -> Flask:
setup_logging_handlers(app)
setup_oauth2_server(app)
+ CORS(
+ app,
+ origins=app.config["CORS_ORIGINS"],
+ allow_headers=app.config["CORS_HEADERS"],
+ supports_credentials=True, intercept_exceptions=False)
+
## Blueprints
app.register_blueprint(misc, url_prefix="/")
app.register_blueprint(oauth2, url_prefix="/auth")
diff --git a/gn_auth/settings.py b/gn_auth/settings.py
index e8611bf..394c557 100644
--- a/gn_auth/settings.py
+++ b/gn_auth/settings.py
@@ -19,3 +19,10 @@ REDIS_URI = "redis://localhost:6379/0"
OAUTH2_SCOPE = (
"profile", "group", "role", "resource", "user", "masquerade",
"introspect")
+
+CORS_ORIGINS = "*"
+CORS_HEADERS = [
+ "Content-Type",
+ "Authorization",
+ "Access-Control-Allow-Credentials"
+]