From 6a1dd890f00499b821dd77806fdaeae32fd16db2 Mon Sep 17 00:00:00 2001 From: David Moreau Simard Date: Mon, 3 Sep 2018 19:13:02 -0400 Subject: [PATCH] Add CORS middleware for webapp development Otherwise it won't work because the API server listens on 127.0.0.1, not localhost. The right fix is probably to set the nodejs server to start on 127.0.0.1, though. Figure this out later. Change-Id: I260e794e8ff842f6b854d313d6c243e431220fcd --- ara/server/settings.py | 8 ++++++++ requirements.txt | 1 + 2 files changed, 9 insertions(+) diff --git a/ara/server/settings.py b/ara/server/settings.py index 58f8854..0f1102f 100644 --- a/ara/server/settings.py +++ b/ara/server/settings.py @@ -28,6 +28,7 @@ INSTALLED_APPS = [ 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', + 'corsheaders', 'rest_framework', 'ara.api' ] @@ -35,6 +36,7 @@ INSTALLED_APPS = [ MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', + 'corsheaders.middleware.CorsMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', @@ -44,6 +46,12 @@ MIDDLEWARE = [ CORS_ORIGIN_ALLOW_ALL = True +# Django built-in server and npm development server +CORS_ORIGIN_WHITELIST = ( + '127.0.0.1:8000', + 'localhost:3000', +) + ROOT_URLCONF = 'ara.server.urls' APPEND_SLASH = False diff --git a/requirements.txt b/requirements.txt index cc0fde3..4d89309 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,4 +2,5 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0 Django>=2 djangorestframework +django-cors-headers envparse