diff options
| author | Bryan Newbold <bnewbold@robocracy.org> | 2019-02-22 11:30:49 -0800 | 
|---|---|---|
| committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-02-22 11:30:49 -0800 | 
| commit | 7ac8611d5b36007710926ba4508828642a80c13c (patch) | |
| tree | c78cf4a024f0f3e56e6185adbd0b14120d4bcf28 /python | |
| parent | d8d3bc16cfa0fba65bb6fdcb4003406e4d2164b5 (diff) | |
| download | fatcat-7ac8611d5b36007710926ba4508828642a80c13c.tar.gz fatcat-7ac8611d5b36007710926ba4508828642a80c13c.zip | |
add CORS flask helper
Diffstat (limited to 'python')
| -rw-r--r-- | python/fatcat_web/__init__.py | 2 | ||||
| -rw-r--r-- | python/fatcat_web/cors.py | 50 | 
2 files changed, 51 insertions, 1 deletions
| diff --git a/python/fatcat_web/__init__.py b/python/fatcat_web/__init__.py index cd7af195..1ad278ba 100644 --- a/python/fatcat_web/__init__.py +++ b/python/fatcat_web/__init__.py @@ -42,7 +42,7 @@ else:      print("No privileged token found")      priv_api = None -from fatcat_web import routes, auth +from fatcat_web import routes, auth, cors  gitlab_bp = create_flask_blueprint(Gitlab, oauth, auth.handle_oauth)  app.register_blueprint(gitlab_bp, url_prefix='/auth/gitlab') diff --git a/python/fatcat_web/cors.py b/python/fatcat_web/cors.py new file mode 100644 index 00000000..2285cf80 --- /dev/null +++ b/python/fatcat_web/cors.py @@ -0,0 +1,50 @@ +from datetime import timedelta +from flask import make_response, request, current_app +from functools import update_wrapper + +""" +This snippet from: http://flask.pocoo.org/snippets/56/ +"Posted by Armin Ronacher on 2011-07-14" +""" + + +def crossdomain(origin=None, methods=None, headers=None, +                max_age=21600, attach_to_all=True, +                automatic_options=True): +    if methods is not None: +        methods = ', '.join(sorted(x.upper() for x in methods)) +    if headers is not None and not isinstance(headers, str): +        headers = ', '.join(x.upper() for x in headers) +    if not isinstance(origin, str): +        origin = ', '.join(origin) +    if isinstance(max_age, timedelta): +        max_age = max_age.total_seconds() + +    def get_methods(): +        if methods is not None: +            return methods + +        options_resp = current_app.make_default_options_response() +        return options_resp.headers['allow'] + +    def decorator(f): +        def wrapped_function(*args, **kwargs): +            if automatic_options and request.method == 'OPTIONS': +                resp = current_app.make_default_options_response() +            else: +                resp = make_response(f(*args, **kwargs)) +            if not attach_to_all and request.method != 'OPTIONS': +                return resp + +            h = resp.headers + +            h['Access-Control-Allow-Origin'] = origin +            h['Access-Control-Allow-Methods'] = get_methods() +            h['Access-Control-Max-Age'] = str(max_age) +            if headers is not None: +                h['Access-Control-Allow-Headers'] = headers +            return resp + +        f.provide_automatic_options = False +        return update_wrapper(wrapped_function, f) +    return decorator | 
