Implemented CORS

2025-04-13 14:14:30 +00:00 · 2025-04-13 14:14:30 +00:00 · 14208fd8e7
commit 14208fd8e7
parent 7062e14396
2 changed files with 4 additions and 0 deletions
--- a/api/app.py
+++ b/api/app.py
@ -1,5 +1,6 @@
 from dotenv import load_dotenv
 from flask import Flask, jsonify
+from flask_cors import CORS
 from flask_jwt_extended import JWTManager
 from jwt import ExpiredSignatureError
 from models import db, RevokedToken
@ -12,6 +13,7 @@ def create_app(config_name="default"):
    """Creates and returns a new instance of Flask app."""
    load_dotenv()
    app = Flask(__name__)
+    CORS(app, supports_credentials=True, origins=os.getenv("CORS_ALLOWED_ORIGINS", "").split(","))

    # Database settings
    if config_name == "testing":
@ -23,6 +25,7 @@ def create_app(config_name="default"):

    # JWT settings
    app.config["JWT_SECRET_KEY"] = os.getenv("JWT_SECRET_KEY", "changeme")
+    app.config["JWT_TOKEN_LOCATION"] = ["cookies", "headers"]

    # Blueprints registration
    app.register_blueprint(user_bp)
--- a/api/requirements.txt
+++ b/api/requirements.txt
@ -1,6 +1,7 @@
 blinker==1.7.0
 click==8.1.7
 Flask==3.0.0
+flask-cors==5.0.1
 Flask-JWT-Extended==4.7.1
 Flask-SQLAlchemy==3.1.1
 greenlet==3.0.1