Feat: Credits #131
@@ -36,25 +36,28 @@ router.use(reqTokenToUser);
|
|||||||
// TODO: Should have a separate middleware/router for handling headers.
|
// TODO: Should have a separate middleware/router for handling headers.
|
||||||
router.use((req, res, next) => {
|
router.use((req, res, next) => {
|
||||||
// TODO add logging of all incoming
|
// TODO add logging of all incoming
|
||||||
const origin = req.headers.origin;
|
// const origin = req.headers.origin;
|
||||||
if (allowedOrigins.indexOf(origin) > -1) {
|
// if (allowedOrigins.indexOf(origin) > -1) {
|
||||||
res.setHeader("Access-Control-Allow-Origin", origin);
|
// res.setHeader("Access-Control-Allow-Origin", origin);
|
||||||
}
|
// }
|
||||||
|
|
||||||
res.header(
|
res.header(
|
||||||
"Access-Control-Allow-Headers",
|
"Access-Control-Allow-Headers",
|
||||||
"Content-Type, Authorization, loggedinuser"
|
"Content-Type, Authorization, loggedinuser, set-cookie"
|
||||||
);
|
);
|
||||||
res.header("Access-Control-Allow-Methods", "POST, GET, PUT");
|
|
||||||
|
res.header("Access-Control-Allow-Credentials", "true");
|
||||||
|
res.header("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS");
|
||||||
|
|
||||||
next();
|
next();
|
||||||
});
|
});
|
||||||
|
|
||||||
router.get("/", function mainHandler(req, res) {
|
router.get("/", (req, res) => {
|
||||||
throw new Error("Broke!");
|
res.send("welcome to seasoned api");
|
||||||
});
|
});
|
||||||
|
|
||||||
app.use(Raven.errorHandler());
|
app.use(Raven.errorHandler());
|
||||||
app.use(function onError(err, req, res, next) {
|
app.use((err, req, res, next) => {
|
||||||
res.statusCode = 500;
|
res.statusCode = 500;
|
||||||
res.end(res.sentry + "\n");
|
res.end(res.sentry + "\n");
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user