Skip to content

aa.gusti / opensipkd-base

Go to a project
Commit 6f5ab239 by aa.gustiana@gmail.com
Options

Refactor CORS headers handling and improve logging for debugging

1 parent 1eb5b827
Inline Side-by-side
Showing 1 changed file with 23 additions and 6 deletions
opensipkd/base/__init__.py
...@@ -3,6 +3,7 @@ import importlib ...@@ -3,6 +3,7 @@ import importlib
import inspect import inspect
import locale import locale
import logging import logging
from math import log
from sqlalchemy import or_ from sqlalchemy import or_
import re import re
from .routes import routes from .routes import routes
...@@ -82,6 +83,7 @@ def add_cors_headers_response_callback(event): ...@@ -82,6 +83,7 @@ def add_cors_headers_response_callback(event):
origin = request.headers.get("Origin", None) origin = request.headers.get("Origin", None)
allowed_origin = get_params("allowed_origin", None) allowed_origin = get_params("allowed_origin", None)
if allowed_origin: if allowed_origin:
_logging.debug(f"Allowed Origin: {origin}")
if origin not in allowed_origin.split('\n'): if origin not in allowed_origin.split('\n'):
origin = "null" origin = "null"
...@@ -95,19 +97,34 @@ def add_cors_headers_response_callback(event): ...@@ -95,19 +97,34 @@ def add_cors_headers_response_callback(event):
# {'Access-Control-Allow-Credential': 'true', # {'Access-Control-Allow-Credential': 'true',
# 'Access-Control-Allow-Origin': "*"} # 'Access-Control-Allow-Origin': "*"}
# ) # )
if origin: # if origin:
headers['Access-Control-Allow-Origin'] = origin # headers['Access-Control-Allow-Origin'] = origin
else: # else:
headers['Access-Control-Allow-Origin'] = "*" headers['Access-Control-Allow-Origin'] = "*"
if 'Access-Control-Allow-Credentials' not in headers: if 'Access-Control-Allow-Credentials' not in headers:
headers['Access-Control-Allow-Credentials'] = 'true' headers['Access-Control-Allow-Credentials'] = 'true'
# _logging.info(f"Headers: {headers}") _logging.debug(f"Headers: {headers}")
response.headers.update(headers) response.headers.update(headers)
event.request.add_response_callback(cors_headers) event.request.add_response_callback(cors_headers)
# def add_cors_headers_response_callback(event):
# def cors_headers(request, response):
# response.headers.update({
# 'Access-Control-Allow-Origin': '*',
# 'Access-Control-Allow-Methods': 'POST,GET,DELETE,PUT,OPTIONS',
# 'Access-Control-Allow-Headers': 'Origin, Content-Type, Accept, Authorization, userid, key, signature',
# 'Access-Control-Allow-Credentials': 'true',
# 'Access-Control-Max-Age': '1728000',
# })
# _logging.debug(f"Request Origin: {request.headers.get('Origin', None)}")
# _logging.debug(f"Response Headers: {response.headers}")
# event.request.add_response_callback(cors_headers)
# https://groups.google.com/forum/#!topic/pylons-discuss/QIj4G82j04c # https://groups.google.com/forum/#!topic/pylons-discuss/QIj4G82j04c
def has_permission_(request, perm_names, context=None): def has_permission_(request, perm_names, context=None):
if not perm_names: if not perm_names:
...@@ -702,7 +719,7 @@ def main(global_config, **settings): ...@@ -702,7 +719,7 @@ def main(global_config, **settings):
engine = engine_from_config( engine = engine_from_config(
settings, 'sqlalchemy.', client_encoding='utf8', settings, 'sqlalchemy.', client_encoding='utf8',
max_identifier_length=30, pool_pre_ping=True) # , convert_unicode=True max_identifier_length=30) # , convert_unicode=True
DBSession.configure(bind=engine) DBSession.configure(bind=engine)
LogDBSession.configure(bind=engine) LogDBSession.configure(bind=engine)
Base.metadata.bind = engine Base.metadata.bind = engine
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!