kenmirrors/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2025-10-14 17:24:07 +00:00
Code Issues Projects Releases Wiki Activity

Reimplemented CORS handling (fixes #681)

Browse Source
This commit is contained in:
Bernd Bestel
2020-04-13 10:00:29 +02:00
parent 855b24c515
commit b971375881
5 changed files with 51 additions and 244 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
routes.php
View File

@@ -1,15 +1,16 @@
<?php
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use Slim\Routing\RouteCollectorProxy;
use Tuupola\Middleware\CorsMiddleware;
use Grocy\Middleware\JsonMiddleware;
use Grocy\Middleware\CorsMiddleware;
use Grocy\Middleware\SessionAuthMiddleware;
use Grocy\Middleware\ApiKeyAuthMiddleware;
$app->group('', function(RouteCollectorProxy $group)
{
// System routes
$group->get('/', '\Grocy\Controllers\SystemController:Root')->setName('root');
$group->get('/about', '\Grocy\Controllers\SystemController:About');
@@ -249,13 +250,11 @@ $app->group('/api', function(RouteCollectorProxy $group)
$group->get('/calendar/ical', '\Grocy\Controllers\CalendarApiController:Ical')->setName('calendar-ical');
$group->get('/calendar/ical/sharing-link', '\Grocy\Controllers\CalendarApiController:IcalSharingLink');
}
})->add(new CorsMiddleware([
'origin' => ['*'],
'methods' => ['GET', 'POST', 'PUT', 'DELETE'],
'headers.allow' => [ $container->get('ApiKeyHeaderName') ],
'headers.expose' => [ ],
'credentials' => false,
'cache' => 0,
]))
->add(JsonMiddleware::class)
})->add(JsonMiddleware::class)
->add(new ApiKeyAuthMiddleware($container, $container->get('LoginControllerInstance')->GetSessionCookieName(), $container->get('ApiKeyHeaderName')));
// Handle CORS preflight OPTIONS requests
$app->options('/api/{routes:.+}', function(Request $request, Response $response): Response
{
return $response;
})->add(CorsMiddleware::class);