godzhigella/void.cat
1
0
Fork 0
forked from Kieran/void.cat
Code Pull Requests Activity

Change CORS policy

Browse Source
This commit is contained in:
Kieran 2022-02-26 23:16:33 +00:00
parent 66ffa7ca73
commit 6e0780b15f
Signed by: Kieran
GPG Key ID: DE71CEB3925BE941
4 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VoidCat/Controllers/Admin/AdminController.cs
View File

@ -1,10 +1,12 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.Mvc;
using VoidCat.Model;
using VoidCat.Services.Abstractions;
namespace VoidCat.Controllers.Admin;
[EnableCors(CorsPolicy.Auth)]
[Route("admin")]
[Authorize(Policy = Policies.RequireAdmin)]
public class AdminController : Controller

2
VoidCat/Controllers/AuthController.cs
View File

@ -2,6 +2,7 @@ using System.ComponentModel.DataAnnotations;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using VoidCat.Model;
@ -9,6 +10,7 @@ using VoidCat.Services.Abstractions;
namespace VoidCat.Controllers;
[EnableCors(CorsPolicy.Auth)]
[Route("auth")]
public class AuthController : Controller
{

2
VoidCat/Model/Roles.cs
View File

@ -13,6 +13,6 @@ public static class Policies
public static class CorsPolicy
{
public const string Default = "default";
public const string Auth = "auth";
public const string Upload = "upload";
}

12
VoidCat/Program.cs
View File

@ -35,7 +35,7 @@ if (useRedis)
services.AddCors(opt =>
{
opt.AddPolicy(CorsPolicy.Default, p =>
opt.AddDefaultPolicy(p =>
{
p.AllowAnyMethod()
.AllowAnyHeader()
@ -49,6 +49,14 @@ services.AddCors(opt =>
.WithHeaders("V-Content-Type", "V-Filename", "V-Digest", "V-EditSecret", "Content-Type", "Authorization")
.WithOrigins(voidSettings.CorsOrigins.Select(a => a.OriginalString).ToArray());
});
opt.AddPolicy(CorsPolicy.Auth, p =>
{
p.AllowCredentials()
.AllowAnyMethod()
.WithHeaders("Authorization")
.WithOrigins(voidSettings.CorsOrigins.Select(a => a.OriginalString).ToArray());
});
});
services.AddRouting();
@ -130,7 +138,7 @@ app.UseStaticFiles();
#endif
app.UseRouting();
app.UseCors(CorsPolicy.Default);
app.UseCors();
app.UseAuthentication();
app.UseAuthorization();