coolaj86/goldilocks.js
1
0
Fork 1
Code Issues Pull Requests Releases Activity

added CORS support for com.daplie.goldilocks api calls

Browse Source 
This is needed in order to support set up from the installer
This commit is contained in:
tigerbot 2017-06-09 16:33:49 -06:00
parent e96ebfc1fc
commit 78c1fb344e
1 changed files with 43 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
packages/apis/com.daplie.goldilocks/index.js
View File

@ -19,6 +19,27 @@ module.exports.create = function (deps, conf) {
}); });
*/ */
function handleCors(req, res, methods) {
if (!methods) {
methods = ['GET', 'POST'];
}
if (!Array.isArray(methods)) {
methods = [ methods ];
}
res.setHeader('Access-Control-Allow-Origin', req.headers.origin || '*');
res.setHeader('Access-Control-Allow-Methods', methods.join(', '));
res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
if (req.method.toUpperCase() !== 'OPTIONS') {
return false;
}
res.setHeader('Allow', methods.join(', '));
res.end();
return true;
}
function isAuthorized(req, res, fn) { function isAuthorized(req, res, fn) {
var auth = jwt.decode((req.headers.authorization||'').replace(/^bearer\s+/i, '')); var auth = jwt.decode((req.headers.authorization||'').replace(/^bearer\s+/i, ''));
if (!auth) { if (!auth) {
@ -42,11 +63,21 @@ module.exports.create = function (deps, conf) {
return { return {
init: function (req, res) { init: function (req, res) {
if (handleCors(req, res, 'POST')) {
return;
}
if (req.method !== 'POST') {
res.statusCode = 405;
res.setHeader('Content-Type', 'application/json');
res.end(JSON.stringify({ error: { message: 'method '+req.method+' not allowed'}}));
return;
}
jsonParser(req, res, function () { jsonParser(req, res, function () {
return deps.PromiseA.resolve().then(function () { return deps.PromiseA.resolve().then(function () {
console.log('init POST body', req.body);
console.log('req.body', req.body);
var auth = jwt.decode((req.headers.authorization||'').replace(/^bearer\s+/i, '')); var auth = jwt.decode((req.headers.authorization||'').replace(/^bearer\s+/i, ''));
var token = jwt.decode(req.body.access_token); var token = jwt.decode(req.body.access_token);
var refresh = jwt.decode(req.body.refresh_token); var refresh = jwt.decode(req.body.refresh_token);
@ -109,7 +140,8 @@ module.exports.create = function (deps, conf) {
res.setHeader('Content-Type', 'application/json;'); res.setHeader('Content-Type', 'application/json;');
res.end(JSON.stringify({ success: true })); res.end(JSON.stringify({ success: true }));
}); });
}, function (err) { })
.catch(function (err) {
res.setHeader('Content-Type', 'application/json;'); res.setHeader('Content-Type', 'application/json;');
res.end(JSON.stringify({ error: { message: err.message, code: err.code, uri: err.uri } })); res.end(JSON.stringify({ error: { message: err.message, code: err.code, uri: err.uri } }));
}); });
@ -117,6 +149,9 @@ module.exports.create = function (deps, conf) {
}); });
} }
, tunnel: function (req, res) { , tunnel: function (req, res) {
if (handleCors(req, res)) {
return;
}
isAuthorized(req, res, function () { isAuthorized(req, res, function () {
if ('POST' !== req.method) { if ('POST' !== req.method) {
res.setHeader('Content-Type', 'application/json'); res.setHeader('Content-Type', 'application/json');
@ -144,6 +179,9 @@ module.exports.create = function (deps, conf) {
}); });
} }
, config: function (req, res) { , config: function (req, res) {
if (handleCors(req, res)) {
return;
}
isAuthorized(req, res, function () { isAuthorized(req, res, function () {
if ('POST' !== req.method) { if ('POST' !== req.method) {
res.setHeader('Content-Type', 'application/json;'); res.setHeader('Content-Type', 'application/json;');
@ -163,6 +201,9 @@ module.exports.create = function (deps, conf) {
}); });
} }
, request: function (req, res) { , request: function (req, res) {
if (handleCors(req, res, '*')) {
return;
}
isAuthorized(req, res, function () { isAuthorized(req, res, function () {
jsonParser(req, res, function () { jsonParser(req, res, function () {