Fetch CORS feature from main branch

2025-04-17 21:37:02 +00:00 · 2025-04-17 21:37:02 +00:00 · 0ec30b3ec0
commit 0ec30b3ec0
parent 79985440af 8d0bbfbb8f
3 changed files with 9 additions and 4 deletions
--- a/api/app.py
+++ b/api/app.py
@ -1,5 +1,6 @@
 from dotenv import load_dotenv
 from flask import Flask, jsonify
+from flask_cors import CORS
 from flask_jwt_extended import JWTManager
 from jwt import ExpiredSignatureError
 from models import db, RevokedToken
@ -12,6 +13,7 @@ def create_app(config_name="default"):
    """Creates and returns a new instance of Flask app."""
    load_dotenv()
    app = Flask(__name__)
+    CORS(app, supports_credentials=True, origins=os.getenv("FRONTEND_ORIGIN", "").split(","))

    # Database settings
    if config_name == "testing":
@ -23,6 +25,7 @@ def create_app(config_name="default"):

    # JWT settings
    app.config["JWT_SECRET_KEY"] = os.getenv("JWT_SECRET_KEY", "changeme")
+    app.config["JWT_TOKEN_LOCATION"] = ["cookies", "headers"]

    # Blueprints registration
    app.register_blueprint(user_bp)
--- a/api/requirements.txt
+++ b/api/requirements.txt
@ -1,6 +1,7 @@
 blinker==1.7.0
 click==8.1.7
 Flask==3.0.0
+flask-cors==5.0.1
 Flask-JWT-Extended==4.7.1
 Flask-SQLAlchemy==3.1.1
 greenlet==3.0.1
--- a/api/task_views.py
+++ b/api/task_views.py
@ -100,10 +100,11 @@ def check_if_task_exists(task):

 def validate_task_data(task):
    due_date = task.get('due_date')
-    try:
-        datetime.strptime(due_date, '%d-%m-%Y %H:%M')
-    except ValueError:
-        abort(400, "Incorrect datetime format. Expected DD-MM-YYYY HH:MM")
+    if due_date:
+        try:
+            datetime.strptime(due_date, '%d-%m-%Y %H:%M')
+        except ValueError:
+            abort(400, "Incorrect datetime format. Expected DD-MM-YYYY HH:MM")
    done = task.get('done')
    if done not in (0, 1):
        abort(400, "Incorrect done field value. Expected 0 or 1")