From 3252f47edd7a55ed367fd1cbcd983e5c05025f3f Mon Sep 17 00:00:00 2001
From: Dichi13 <diciganteng01@icloud.com>
Date: Sat, 13 Apr 2019 01:34:45 +0700
Subject: [PATCH] added cors handling

---
 app.py           | 10 ++++++++++
 config.cfg       |  3 ++-
 modules/login.py | 10 +++++-----
 3 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/app.py b/app.py
index 7812be9..5b0a664 100644
--- a/app.py
+++ b/app.py
@@ -60,5 +60,15 @@ def comment():
 # def 
 	# Ambil komentar-komentar sesuai filter (levelnya)
 
+@app.after_request
+def after_request(response):
+	response.headers.add('Access-Control-Allow-Origin', 'http://localhost:8080')
+	response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization')
+	response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS')
+	response.headers.add('Access-Control-Allow-Credentials', 'true')
+	if request.method == 'OPTIONS':
+		response.status = '200'
+	return response
+
 if __name__ == "__main__":
 	app.run(debug=True)
\ No newline at end of file
diff --git a/config.cfg b/config.cfg
index 6d707e4..961bf55 100644
--- a/config.cfg
+++ b/config.cfg
@@ -2,4 +2,5 @@ MONGODB_DB = "viz-masy"
 MONGODB_HOST = "localhost"
 MONGODB_PORT = 27017
 SECRET_KEY = "13516075_13516063"
-CORS_HEADERS = "Content-Type"
\ No newline at end of file
+CORS_HEADERS = "Content-Type"
+CORS_SUPPORTS_CREDENTIALS = True
\ No newline at end of file
diff --git a/modules/login.py b/modules/login.py
index 299e41c..05b14c2 100644
--- a/modules/login.py
+++ b/modules/login.py
@@ -16,18 +16,18 @@ def login_user():
     password = form.get("password")
     # TO DO : seed and hash the password
     
-    user = db.User.objects.get(username=username)
+    user = db.User.objects(username=username)
 
-    if user is not None and user.password == password:
+    if len(user) > 0 and user[0].password == password:
         key = current_app.config.get("SECRET_KEY")
-        token = Token.generate_from(user.id, key)
+        token = Token.generate_from(user[0].id, key)
 
-        del user.password
+        del user[0].password
         return jsonify({
             "status": 200,
             "data": {
                 "token": token.decode("utf-8"),
-                "user": user
+                "user": user[0]
             }
         })
     else:
-- 
GitLab