diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2017-02-03 18:27:42 +0100 |
|---|---|---|
| committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-02-03 18:27:42 +0100 |
| commit | 8c0bc1309fd40807cf5895b492fc7d1a2c9d7b83 (patch) | |
| tree | e2d247986c39cf27e4296cca770c28dc6753520d /streaming | |
| parent | ac3f5a831662e9e09233a2efec1d4de48ac8cb7b (diff) | |
Add CORS to the streaming API
Diffstat (limited to 'streaming')
| -rw-r--r-- | streaming/index.js | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/streaming/index.js b/streaming/index.js index 43d8895f1..e5a2778f8 100644 --- a/streaming/index.js +++ b/streaming/index.js @@ -30,11 +30,23 @@ const pgConfigs = { const app = express() const pgPool = new pg.Pool(pgConfigs[env]) +const allowCrossDomain = (req, res, next) => { + res.header('Access-Control-Allow-Origin', '*') + res.header('Access-Control-Allow-Headers', 'Authorization, Accept, Cache-Control') + res.header('Access-Control-Allow-Methods', 'GET, OPTIONS') + + next() +} + const authenticationMiddleware = (req, res, next) => { + if (req.method === 'OPTIONS') { + return next() + } + const authorization = req.get('Authorization') if (!authorization) { - err = new Error('Missing access token') + const err = new Error('Missing access token') err.statusCode = 401 return next(err) @@ -136,6 +148,7 @@ const streamFrom = (id, req, res, needsFiltering = false) => { redisClient.subscribe(id) } +app.use(allowCrossDomain) app.use(authenticationMiddleware) app.use(errorMiddleware) |