added CORS support for com.daplie.goldilocks api calls
This is needed in order to support set up from the installer
This commit is contained in:
tigerbot
parent
e96ebfc1fc
commit
78c1fb344e
|
|
@ -19,6 +19,27 @@ module.exports.create = function (deps, conf) {
|
|||
});
|
||||
*/
|
||||
|
||||
function handleCors(req, res, methods) {
|
||||
if (!methods) {
|
||||
methods = ['GET', 'POST'];
|
||||
}
|
||||
if (!Array.isArray(methods)) {
|
||||
methods = [ methods ];
|
||||
}
|
||||
|
||||
res.setHeader('Access-Control-Allow-Origin', req.headers.origin || '*');
|
||||
res.setHeader('Access-Control-Allow-Methods', methods.join(', '));
|
||||
res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
|
||||
|
||||
if (req.method.toUpperCase() !== 'OPTIONS') {
|
||||
return false;
|
||||
}
|
||||
|
||||
res.setHeader('Allow', methods.join(', '));
|
||||
res.end();
|
||||
return true;
|
||||
}
|
||||
|
||||
function isAuthorized(req, res, fn) {
|
||||
var auth = jwt.decode((req.headers.authorization||'').replace(/^bearer\s+/i, ''));
|
||||
if (!auth) {
|
||||
|
|
@ -42,11 +63,21 @@ module.exports.create = function (deps, conf) {
|
|||
|
||||
return {
|
||||
init: function (req, res) {
|
||||
if (handleCors(req, res, 'POST')) {
|
||||
return;
|
||||
}
|
||||
if (req.method !== 'POST') {
|
||||
res.statusCode = 405;
|
||||
res.setHeader('Content-Type', 'application/json');
|
||||
res.end(JSON.stringify({ error: { message: 'method '+req.method+' not allowed'}}));
|
||||
return;
|
||||
}
|
||||
|
||||
jsonParser(req, res, function () {
|
||||
|
||||
return deps.PromiseA.resolve().then(function () {
|
||||
console.log('init POST body', req.body);
|
||||
|
||||
console.log('req.body', req.body);
|
||||
var auth = jwt.decode((req.headers.authorization||'').replace(/^bearer\s+/i, ''));
|
||||
var token = jwt.decode(req.body.access_token);
|
||||
var refresh = jwt.decode(req.body.refresh_token);
|
||||
|
|
@ -109,7 +140,8 @@ module.exports.create = function (deps, conf) {
|
|||
res.setHeader('Content-Type', 'application/json;');
|
||||
res.end(JSON.stringify({ success: true }));
|
||||
});
|
||||
}, function (err) {
|
||||
})
|
||||
.catch(function (err) {
|
||||
res.setHeader('Content-Type', 'application/json;');
|
||||
res.end(JSON.stringify({ error: { message: err.message, code: err.code, uri: err.uri } }));
|
||||
});
|
||||
|
|
@ -117,6 +149,9 @@ module.exports.create = function (deps, conf) {
|
|||
});
|
||||
}
|
||||
, tunnel: function (req, res) {
|
||||
if (handleCors(req, res)) {
|
||||
return;
|
||||
}
|
||||
isAuthorized(req, res, function () {
|
||||
if ('POST' !== req.method) {
|
||||
res.setHeader('Content-Type', 'application/json');
|
||||
|
|
@ -144,6 +179,9 @@ module.exports.create = function (deps, conf) {
|
|||
});
|
||||
}
|
||||
, config: function (req, res) {
|
||||
if (handleCors(req, res)) {
|
||||
return;
|
||||
}
|
||||
isAuthorized(req, res, function () {
|
||||
if ('POST' !== req.method) {
|
||||
res.setHeader('Content-Type', 'application/json;');
|
||||
|
|
@ -163,6 +201,9 @@ module.exports.create = function (deps, conf) {
|
|||
});
|
||||
}
|
||||
, request: function (req, res) {
|
||||
if (handleCors(req, res, '*')) {
|
||||
return;
|
||||
}
|
||||
isAuthorized(req, res, function () {
|
||||
jsonParser(req, res, function () {
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue