From 979d3d2fd87d5def87d27f4991ca8624c72b2317 Mon Sep 17 00:00:00 2001 From: mia Date: Tue, 23 Apr 2024 19:29:21 -0700 Subject: CORS headers --- Cargo.lock | 2 +- Cargo.toml | 2 +- src/server/falx.rs | 13 ++++++++++--- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 6f683c5..0480382 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -488,7 +488,7 @@ dependencies = [ [[package]] name = "dissociate" -version = "0.2.1" +version = "0.2.2" dependencies = [ "argon2", "axum", diff --git a/Cargo.toml b/Cargo.toml index af22a6f..0b6f860 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "dissociate" -version = "0.2.1" +version = "0.2.2" edition = "2021" [dependencies] diff --git a/src/server/falx.rs b/src/server/falx.rs index 03a8a0b..1efffdc 100644 --- a/src/server/falx.rs +++ b/src/server/falx.rs @@ -1,4 +1,5 @@ use axum::{ + body::Body, extract::{Path, State}, http::{HeaderMap, StatusCode, Uri}, response::{IntoResponse, Response}, @@ -40,10 +41,10 @@ async fn handoff( State(Handoffs(handoffs)): State, headers: HeaderMap, ) -> Response { - let Some(origin) = headers.get("Origin") else { + let Some(origin_header) = headers.get("Origin") else { return (StatusCode::BAD_REQUEST, "Missing Origin header").into_response(); }; - let Some(origin) = origin + let Some(origin) = origin_header .to_str() .ok() .and_then(|origin| origin.parse::().ok()) @@ -57,5 +58,11 @@ async fn handoff( let Some(token) = jar.get("dissociate-token") else { return (StatusCode::UNAUTHORIZED, "Authenticate cookie missing").into_response(); }; - return (StatusCode::OK, token.value().to_string()).into_response(); + return Response::builder() + .status(StatusCode::OK) + .header("Access-Control-Allow-Credentials", "true") + .header("Access-Control-Allow-Methods", "GET") + .header("Access-Control-Allow-Origin", origin_header) + .body(Body::from(token.value().to_string())) + .unwrap(); } -- cgit 1.4.1