Configure non-simple CORS server-side
@dmjio says (probably correctly) that it's best to just serve the client from the server and circumvent CORS issues altogether. One day I will set that up. For now, this works... *sigh*
This commit is contained in:
parent
cdaa449670
commit
29a00dc571
2 changed files with 14 additions and 3 deletions
|
@ -12,6 +12,7 @@ in pkgs.mkShell {
|
|||
hpkgs.aeson
|
||||
hpkgs.resource-pool
|
||||
hpkgs.sqlite-simple
|
||||
hpkgs.wai-cors
|
||||
hpkgs.warp
|
||||
hpkgs.cryptonite
|
||||
hpkgs.uuid
|
||||
|
|
16
src/App.hs
16
src/App.hs
|
@ -10,13 +10,14 @@ module App where
|
|||
import Control.Monad.IO.Class (liftIO)
|
||||
import Data.String.Conversions (cs)
|
||||
import Data.Text (Text)
|
||||
import Network.Wai.Handler.Warp as Warp
|
||||
import Servant
|
||||
import Servant.Server.Internal.ServerError
|
||||
import API
|
||||
import Utils
|
||||
import Web.Cookie
|
||||
|
||||
import qualified Network.Wai.Handler.Warp as Warp
|
||||
import qualified Network.Wai.Middleware.Cors as Cors
|
||||
import qualified System.Random as Random
|
||||
import qualified Email as Email
|
||||
import qualified Crypto.KDF.BCrypt as BC
|
||||
|
@ -205,5 +206,14 @@ server config@T.Config{..} = createAccount
|
|||
pure NoContent
|
||||
|
||||
run :: T.Config -> IO ()
|
||||
run config =
|
||||
Warp.run 3000 (serve (Proxy @ API) $ server config)
|
||||
run config@T.Config{..} =
|
||||
Warp.run 3000 (enforceCors $ serve (Proxy @ API) $ server config)
|
||||
where
|
||||
enforceCors = Cors.cors (const $ Just corsPolicy)
|
||||
corsPolicy :: Cors.CorsResourcePolicy
|
||||
corsPolicy =
|
||||
Cors.simpleCorsResourcePolicy
|
||||
{ Cors.corsOrigins = Just ([cs configClient], True)
|
||||
, Cors.corsMethods = Cors.simpleMethods ++ ["PUT", "PATCH", "DELETE", "OPTIONS"]
|
||||
, Cors.corsRequestHeaders = Cors.simpleHeaders ++ ["Content-Type", "Authorization"]
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue