diff options
author | Frederick Muriuki Muriithi | 2023-12-05 16:47:46 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-12-05 16:48:48 +0300 |
commit | d59c3c49b2fcb60550be68f241f2526895512e94 (patch) | |
tree | 0de23e15b8b9a66ab78d4fd394603f9ef54112dd | |
parent | d2ad3b1abffdeeb52e1b5f5a303a381aa3dd477c (diff) | |
download | gn-auth-d59c3c49b2fcb60550be68f241f2526895512e94.tar.gz |
Enable CORS to allow access from GN2 javascript
-rw-r--r-- | .guix/modules/gn-auth.scm | 1 | ||||
-rw-r--r-- | gn_auth/__init__.py | 7 | ||||
-rw-r--r-- | gn_auth/settings.py | 7 |
3 files changed, 15 insertions, 0 deletions
diff --git a/.guix/modules/gn-auth.scm b/.guix/modules/gn-auth.scm index ec91df0..4a7a400 100644 --- a/.guix/modules/gn-auth.scm +++ b/.guix/modules/gn-auth.scm @@ -60,6 +60,7 @@ ("python-authlib" ,python-authlib) ("python-pymonad" ,python-pymonad) ("yoyo-migrations" ,yoyo-migrations) + ("python-flask-cors" ,python-flask-cors) ("python-mysqlclient" ,python-mysqlclient) ("python-argon2-cffi" ,python-argon2-cffi) ("python-email-validator" ,python-email-validator))) diff --git a/gn_auth/__init__.py b/gn_auth/__init__.py index 8bd0093..79f52fd 100644 --- a/gn_auth/__init__.py +++ b/gn_auth/__init__.py @@ -5,6 +5,7 @@ import logging from typing import Optional from flask import Flask +from flask_cors import CORS from gn_auth.misc_views import misc from gn_auth.auth.views import oauth2 @@ -76,6 +77,12 @@ def create_app(config: Optional[dict] = None) -> Flask: setup_logging_handlers(app) setup_oauth2_server(app) + CORS( + app, + origins=app.config["CORS_ORIGINS"], + allow_headers=app.config["CORS_HEADERS"], + supports_credentials=True, intercept_exceptions=False) + ## Blueprints app.register_blueprint(misc, url_prefix="/") app.register_blueprint(oauth2, url_prefix="/auth") diff --git a/gn_auth/settings.py b/gn_auth/settings.py index e8611bf..394c557 100644 --- a/gn_auth/settings.py +++ b/gn_auth/settings.py @@ -19,3 +19,10 @@ REDIS_URI = "redis://localhost:6379/0" OAUTH2_SCOPE = ( "profile", "group", "role", "resource", "user", "masquerade", "introspect") + +CORS_ORIGINS = "*" +CORS_HEADERS = [ + "Content-Type", + "Authorization", + "Access-Control-Allow-Credentials" +] |