Skip to content

Commit 42fc461

Browse files
cslzchencslzchen
authored
Merge pull request #11649 from futa-ikeda/feature/cors
[ENG-10688] CORS for website container
2 parents 929269f + e9abadf commit 42fc461

6 files changed

Lines changed: 32 additions & 1 deletion

File tree

api/base/settings/defaults.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -217,6 +217,10 @@
217217
# Set dynamically on app init
218218
ORIGINS_WHITELIST = ()
219219

220+
# CORS settings for flask app
221+
FLASK_CORS_ORIGIN_WHITELIST = CORS_ORIGIN_WHITELIST
222+
FLASK_CORS_ALLOW_CREDENTIALS = CORS_ALLOW_CREDENTIALS
223+
220224
MIDDLEWARE = (
221225
'api.base.middleware.DjangoGlobalMiddleware',
222226
'api.base.middleware.CeleryTaskMiddleware',

api/base/settings/local-dist.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,8 @@
77
ENABLE_VARNISH = False
88
ENABLE_ESI = False
99
CORS_ORIGIN_ALLOW_ALL = True
10+
FLASK_CORS_ORIGIN_WHITELIST += (osf_settings.LOCAL_ANGULAR_DOMAIN.rstrip('/'),)
11+
FLASK_CORS_ALLOW_CREDENTIALS = True
1012

1113
# Uncomment to get real tracebacks while testing
1214
# DEBUG_PROPAGATE_EXCEPTIONS = True

poetry.lock

Lines changed: 17 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pyproject.toml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -95,6 +95,7 @@ django-elasticsearch-metrics = {git ="https://github.com/CenterForOpenScience/dj
9595
djangorestframework-csv = "3.0.2"
9696
gevent = "24.2.1"
9797
packaging = "^24.0"
98+
flask-cors = "6.0.1"
9899

99100
[tool.poetry.group.dev.dependencies]
100101
pytest = "7.4.4"

website/app.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
from flask_cors import CORS as FLASK_CORS
2+
13
import framework
24
import importlib
35
import json
@@ -6,6 +8,8 @@
68
from collections import OrderedDict
79

810
import django
11+
12+
from api.base.settings import FLASK_CORS_ALLOW_CREDENTIALS, FLASK_CORS_ORIGIN_WHITELIST
913
from api.caching import listeners # noqa
1014
from django.apps import apps
1115
from framework.addons.utils import render_addon_capabilities
@@ -89,6 +93,9 @@ def init_app(settings_module='website.settings', set_backends=True, routes=True,
8993
if app.config.get('IS_INITIALIZED', False) is True:
9094
return app
9195

96+
# Setup CORS for flask app
97+
FLASK_CORS(app, supports_credentials=FLASK_CORS_ALLOW_CREDENTIALS, origins=FLASK_CORS_ORIGIN_WHITELIST)
98+
9299
setup_django()
93100

94101
# The settings module

website/settings/local-dist.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
DOMAIN = PROTOCOL + 'localhost:5000/'
2020
INTERNAL_DOMAIN = DOMAIN
2121
API_DOMAIN = PROTOCOL + 'localhost:8000/'
22+
LOCAL_ANGULAR_DOMAIN = PROTOCOL + 'localhost:4200/'
2223

2324
#WATERBUTLER_URL = 'http://localhost:7777'
2425
#WATERBUTLER_INTERNAL_URL = WATERBUTLER_URL

0 commit comments

Comments
 (0)