From 6a1dd890f00499b821dd77806fdaeae32fd16db2 Mon Sep 17 00:00:00 2001 From: David Moreau Simard Date: Mon, 3 Sep 2018 19:13:02 -0400 Subject: [PATCH] Add CORS middleware for webapp development Otherwise it won't work because the API server listens on 127.0.0.1, not localhost. The right fix is probably to set the nodejs server to start on 127.0.0.1, though. Figure this out later. Change-Id: I260e794e8ff842f6b854d313d6c243e431220fcd --- ara/server/settings.py | 8 ++++++++ requirements.txt | 1 + 2 files changed, 9 insertions(+) diff --git a/ara/server/settings.py b/ara/server/settings.py index 58f88540..0f1102fa 100644 --- a/ara/server/settings.py +++ b/ara/server/settings.py @@ -28,6 +28,7 @@ INSTALLED_APPS = [ 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', + 'corsheaders', 'rest_framework', 'ara.api' ] @@ -35,6 +36,7 @@ INSTALLED_APPS = [ MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', + 'corsheaders.middleware.CorsMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', @@ -44,6 +46,12 @@ MIDDLEWARE = [ CORS_ORIGIN_ALLOW_ALL = True +# Django built-in server and npm development server +CORS_ORIGIN_WHITELIST = ( + '127.0.0.1:8000', + 'localhost:3000', +) + ROOT_URLCONF = 'ara.server.urls' APPEND_SLASH = False diff --git a/requirements.txt b/requirements.txt index cc0fde31..4d893098 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,4 +2,5 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0 Django>=2 djangorestframework +django-cors-headers envparse