added cors handling

3252f47e · Dichi13 · 6588b024 · 3252f47e · 3252f47e · 3252f47e
Commit 3252f47e authored 6 years ago by Dichi13
--- a/app.py
+++ b/app.py
@@ -60,5 +60,15 @@ def comment():
 # def 
 	# Ambil komentar-komentar sesuai filter (levelnya)

+@app.after_request
+def after_request(response):
+	response.headers.add('Access-Control-Allow-Origin', 'http://localhost:8080')
+	response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization')
+	response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS')
+	response.headers.add('Access-Control-Allow-Credentials', 'true')
+	if request.method == 'OPTIONS':
+		response.status = '200'
+	return response
+
 if __name__ == "__main__":
 	app.run(debug=True)
\ No newline at end of file
--- a/config.cfg
+++ b/config.cfg
@@ -2,4 +2,5 @@ MONGODB_DB = "viz-masy"
 MONGODB_HOST = "localhost"
 MONGODB_PORT = 27017
 SECRET_KEY = "13516075_13516063"
-CORS_HEADERS = "Content-Type"
\ No newline at end of file
+CORS_HEADERS = "Content-Type"
+CORS_SUPPORTS_CREDENTIALS = True
\ No newline at end of file
--- a/modules/login.py
+++ b/modules/login.py
@@ -16,18 +16,18 @@ def login_user():
    password = form.get("password")
    # TO DO : seed and hash the password
    
-    user = db.User.objects.get(username=username)
+    user = db.User.objects(username=username)

-    if user is not None and user.password == password:
+    if len(user) > 0 and user[0].password == password:
        key = current_app.config.get("SECRET_KEY")
-        token = Token.generate_from(user.id, key)
+        token = Token.generate_from(user[0].id, key)

-        del user.password
+        del user[0].password
        return jsonify({
            "status": 200,
            "data": {
                "token": token.decode("utf-8"),
-                "user": user
+                "user": user[0]
            }
        })
    else: