From 146b908a9efd8924ca78989d0854ef8128694e51 Mon Sep 17 00:00:00 2001 From: Christine Dodrill Date: Wed, 4 Nov 2020 16:02:16 -0500 Subject: [PATCH] add cors --- backend/Cargo.lock | 38 +++++++++++++++++++++++++++++++++++++- backend/Cargo.toml | 1 + backend/src/main.rs | 19 +++++++++++++++++++ frontend/.gitignore | 2 ++ 4 files changed, 59 insertions(+), 1 deletion(-) create mode 100644 frontend/.gitignore diff --git a/backend/Cargo.lock b/backend/Cargo.lock index 1b4628e..9f20994 100644 --- a/backend/Cargo.lock +++ b/backend/Cargo.lock @@ -773,7 +773,7 @@ dependencies = [ "time 0.1.44", "traitobject", "typeable", - "unicase", + "unicase 1.4.2", "url 1.7.2", ] @@ -1010,6 +1010,7 @@ dependencies = [ "ring", "rocket", "rocket_contrib", + "rocket_cors", "rocket_prometheus", "rusty_ulid", "serde", @@ -1703,6 +1704,22 @@ dependencies = [ "yansi", ] +[[package]] +name = "rocket_cors" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea20696dc46308d0ca06222905fe38e02b8e46c087af9c82ea85cdc386271076" +dependencies = [ + "log 0.4.11", + "regex", + "rocket", + "serde", + "serde_derive", + "unicase 2.6.0", + "unicase_serde", + "url 2.1.1", +] + [[package]] name = "rocket_http" version = "0.4.5" @@ -2290,6 +2307,25 @@ dependencies = [ "version_check 0.1.5", ] +[[package]] +name = "unicase" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6" +dependencies = [ + "version_check 0.9.2", +] + +[[package]] +name = "unicase_serde" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ef53697679d874d69f3160af80bc28de12730a985d57bdf2b47456ccb8b11f1" +dependencies = [ + "serde", + "unicase 2.6.0", +] + [[package]] name = "unicode-bidi" version = "0.3.4" diff --git a/backend/Cargo.toml b/backend/Cargo.toml index 41f0834..c3bc252 100644 --- a/backend/Cargo.toml +++ b/backend/Cargo.toml @@ -19,6 +19,7 @@ prometheus = { version = "0.10", default-features = false, features = ["process" rand = "0" ring = { version = "^0.16", features = ["std"] } rocket = "0.4" +rocket_cors = "0.5" rocket_prometheus = "0.7.0" rusty_ulid = "0.10" serde_json = "^1" diff --git a/backend/src/main.rs b/backend/src/main.rs index dbe6d3a..f4e9cf3 100644 --- a/backend/src/main.rs +++ b/backend/src/main.rs @@ -6,7 +6,9 @@ extern crate rocket; extern crate tracing; use color_eyre::eyre::Result; +use rocket::http::Method; use rocket_contrib::helmet::SpaceHelmet; +use rocket_cors::{AllowedHeaders, AllowedOrigins}; use rocket_prometheus::PrometheusMetrics; use ::mi::{api, paseto, web::*, MainDatabase, APPLICATION_NAME}; @@ -37,9 +39,26 @@ fn main() -> Result<()> { info!("{} starting up", APPLICATION_NAME); + let allowed_origins = + AllowedOrigins::some_exact(&["https://mi.within.website", "http://localhost:8000"]); + + // You can also deserialize this + let cors = rocket_cors::CorsOptions { + allowed_origins, + allowed_methods: vec![Method::Get, Method::Post] + .into_iter() + .map(From::from) + .collect(), + allowed_headers: AllowedHeaders::some(&["Authorization", "Accept"]), + allow_credentials: true, + ..Default::default() + } + .to_cors()?; + let prometheus = PrometheusMetrics::with_registry(prometheus::default_registry().clone()); rocket::ignite() .attach(prometheus.clone()) + .attach(cors) .attach(MainDatabase::fairing()) .attach(SpaceHelmet::default()) .attach(paseto::ed25519_keypair()) diff --git a/frontend/.gitignore b/frontend/.gitignore new file mode 100644 index 0000000..4328a20 --- /dev/null +++ b/frontend/.gitignore @@ -0,0 +1,2 @@ +index.html +elm-stuff \ No newline at end of file