diff --git a/app.py b/app.py
index 7812be9311bebbc6d7bad5adb772640c457ba039..5b0a664a46c315fe9d73b84fe7ade2a5f9848c5c 100644
--- a/app.py
+++ b/app.py
@@ -60,5 +60,15 @@ def comment():
# def
# Ambil komentar-komentar sesuai filter (levelnya)
+@app.after_request
+def after_request(response):
+ response.headers.add('Access-Control-Allow-Origin', 'http://localhost:8080')
+ response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization')
+ response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS')
+ response.headers.add('Access-Control-Allow-Credentials', 'true')
+ if request.method == 'OPTIONS':
+ response.status = '200'
+ return response
+
if __name__ == "__main__":
app.run(debug=True)
\ No newline at end of file
diff --git a/config.cfg b/config.cfg
index 6d707e4ede50c6943cedfd1e95b2e526c83b9691..961bf552b1f3e5946240ab6a47e0d1496ea55176 100644
--- a/config.cfg
+++ b/config.cfg
@@ -2,4 +2,5 @@ MONGODB_DB = "viz-masy"
MONGODB_HOST = "localhost"
MONGODB_PORT = 27017
SECRET_KEY = "13516075_13516063"
-CORS_HEADERS = "Content-Type"
\ No newline at end of file
+CORS_HEADERS = "Content-Type"
+CORS_SUPPORTS_CREDENTIALS = True
\ No newline at end of file
diff --git a/modules/login.py b/modules/login.py
index 299e41c560d40a7f4f00bfdcd4a27d9f607741f8..05b14c24e54f26389b6203a274de7e161a73a513 100644
--- a/modules/login.py
+++ b/modules/login.py
@@ -16,18 +16,18 @@ def login_user():
password = form.get("password")
# TO DO : seed and hash the password
- user = db.User.objects.get(username=username)
+ user = db.User.objects(username=username)
- if user is not None and user.password == password:
+ if len(user) > 0 and user[0].password == password:
key = current_app.config.get("SECRET_KEY")
- token = Token.generate_from(user.id, key)
+ token = Token.generate_from(user[0].id, key)
- del user.password
+ del user[0].password
return jsonify({
"status": 200,
"data": {
"token": token.decode("utf-8"),
- "user": user
+ "user": user[0]
}
})
else: