Add CORS to the streaming API

author Eugen Rochko <eugen@zeonfederated.com>

Fri, 3 Feb 2017 17:27:42 +0000 (18:27 +0100)

committer Eugen Rochko <eugen@zeonfederated.com>

Fri, 3 Feb 2017 17:27:42 +0000 (18:27 +0100)
author Eugen Rochko <eugen@zeonfederated.com>
Fri, 3 Feb 2017 17:27:42 +0000 (18:27 +0100)
committer Eugen Rochko <eugen@zeonfederated.com>
Fri, 3 Feb 2017 17:27:42 +0000 (18:27 +0100)
diff --git a/streaming/index.js b/streaming/index.js

index 43d8895f1350651b3c0f3b8dd5c406ce5dc70c23..e5a2778f8fd09a3e907a30e32a3fb41a96cd5fb6 100644 (file)
--- a/streaming/index.js
+++ b/streaming/index.js
@@ -30,11 +30,23 @@ const pgConfigs = {
  const app = express()
  const pgPool = new pg.Pool(pgConfigs[env])
  
+const allowCrossDomain = (req, res, next) => {
+  res.header('Access-Control-Allow-Origin', '*')
+  res.header('Access-Control-Allow-Headers', 'Authorization, Accept, Cache-Control')
+  res.header('Access-Control-Allow-Methods', 'GET, OPTIONS')
+
+  next()
+}
+
  const authenticationMiddleware = (req, res, next) => {
+  if (req.method === 'OPTIONS') {
+    return next()
+  }
+
    const authorization = req.get('Authorization')
  
    if (!authorization) {
-    err = new Error('Missing access token')
+    const err = new Error('Missing access token')
      err.statusCode = 401
  
      return next(err)
@@ -136,6 +148,7 @@ const streamFrom = (id, req, res, needsFiltering = false) => {
    redisClient.subscribe(id)
  }
  
+app.use(allowCrossDomain)
  app.use(authenticationMiddleware)
  app.use(errorMiddleware)
author	Eugen Rochko <eugen@zeonfederated.com>
	Fri, 3 Feb 2017 17:27:42 +0000 (18:27 +0100)
committer	Eugen Rochko <eugen@zeonfederated.com>
	Fri, 3 Feb 2017 17:27:42 +0000 (18:27 +0100)