admin api: fix CORS to work in browser
This commit is contained in:
parent
d5ad797ad7
commit
4cb45bd398
3 changed files with 15 additions and 6 deletions
|
|
@ -4,7 +4,7 @@ use std::sync::Arc;
|
|||
use argon2::password_hash::PasswordHash;
|
||||
use async_trait::async_trait;
|
||||
|
||||
use http::header::AUTHORIZATION;
|
||||
use http::header::{HeaderValue, ACCESS_CONTROL_ALLOW_ORIGIN, AUTHORIZATION};
|
||||
use hyper::{body::Incoming as IncomingBody, Request, Response, StatusCode};
|
||||
use tokio::sync::watch;
|
||||
|
||||
|
|
@ -134,6 +134,8 @@ impl ApiHandler for AdminApiServer {
|
|||
Endpoint::New(_) => AdminApiRequest::from_request(req).await?,
|
||||
};
|
||||
|
||||
info!("Admin request: {}", request.name());
|
||||
|
||||
let required_auth_hash =
|
||||
match request.authorization_type() {
|
||||
Authorization::None => None,
|
||||
|
|
@ -162,7 +164,10 @@ impl ApiHandler for AdminApiServer {
|
|||
AdminApiRequest::Metrics(_req) => self.handle_metrics(),
|
||||
req => {
|
||||
let res = req.handle(&self.garage).await?;
|
||||
json_ok_response(&res)
|
||||
let mut res = json_ok_response(&res)?;
|
||||
res.headers_mut()
|
||||
.insert(ACCESS_CONTROL_ALLOW_ORIGIN, HeaderValue::from_static("*"));
|
||||
Ok(res)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -219,6 +219,7 @@ impl AdminApiRequest {
|
|||
/// Get the kind of authorization which is required to perform the operation.
|
||||
pub fn authorization_type(&self) -> Authorization {
|
||||
match self {
|
||||
Self::Options(_) => Authorization::None,
|
||||
Self::Health(_) => Authorization::None,
|
||||
Self::CheckDomain(_) => Authorization::None,
|
||||
Self::Metrics(_) => Authorization::MetricsToken,
|
||||
|
|
|
|||
|
|
@ -2,7 +2,9 @@ use std::sync::Arc;
|
|||
|
||||
use async_trait::async_trait;
|
||||
|
||||
use http::header::{ACCESS_CONTROL_ALLOW_METHODS, ACCESS_CONTROL_ALLOW_ORIGIN, ALLOW};
|
||||
use http::header::{
|
||||
ACCESS_CONTROL_ALLOW_HEADERS, ACCESS_CONTROL_ALLOW_METHODS, ACCESS_CONTROL_ALLOW_ORIGIN, ALLOW,
|
||||
};
|
||||
use hyper::{Response, StatusCode};
|
||||
|
||||
use garage_model::garage::Garage;
|
||||
|
|
@ -20,9 +22,10 @@ impl EndpointHandler for OptionsRequest {
|
|||
|
||||
async fn handle(self, _garage: &Arc<Garage>) -> Result<Response<ResBody>, Error> {
|
||||
Ok(Response::builder()
|
||||
.status(StatusCode::NO_CONTENT)
|
||||
.status(StatusCode::OK)
|
||||
.header(ALLOW, "OPTIONS,GET,POST")
|
||||
.header(ACCESS_CONTROL_ALLOW_METHODS, "OPTIONS,GET,POST")
|
||||
.header(ACCESS_CONTROL_ALLOW_HEADERS, "authorization,content-type")
|
||||
.header(ACCESS_CONTROL_ALLOW_ORIGIN, "*")
|
||||
.body(empty_body())?)
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue