Add CORS to the streaming API

signup-info-prompt
Eugen Rochko 2017-02-03 18:27:42 +01:00
parent ac3f5a8316
commit 8c0bc1309f
1 changed files with 14 additions and 1 deletions

View File

@ -30,11 +30,23 @@ const pgConfigs = {
const app = express() const app = express()
const pgPool = new pg.Pool(pgConfigs[env]) const pgPool = new pg.Pool(pgConfigs[env])
const allowCrossDomain = (req, res, next) => {
res.header('Access-Control-Allow-Origin', '*')
res.header('Access-Control-Allow-Headers', 'Authorization, Accept, Cache-Control')
res.header('Access-Control-Allow-Methods', 'GET, OPTIONS')
next()
}
const authenticationMiddleware = (req, res, next) => { const authenticationMiddleware = (req, res, next) => {
if (req.method === 'OPTIONS') {
return next()
}
const authorization = req.get('Authorization') const authorization = req.get('Authorization')
if (!authorization) { if (!authorization) {
err = new Error('Missing access token') const err = new Error('Missing access token')
err.statusCode = 401 err.statusCode = 401
return next(err) return next(err)
@ -136,6 +148,7 @@ const streamFrom = (id, req, res, needsFiltering = false) => {
redisClient.subscribe(id) redisClient.subscribe(id)
} }
app.use(allowCrossDomain)
app.use(authenticationMiddleware) app.use(authenticationMiddleware)
app.use(errorMiddleware) app.use(errorMiddleware)