Skip to content

Commit

Permalink
Re-add accidentally removed CORS middleware (#2075)
Browse files Browse the repository at this point in the history
  • Loading branch information
dhruvkb authored May 11, 2023
1 parent 4729c22 commit 962c556
Show file tree
Hide file tree
Showing 8 changed files with 26 additions and 21 deletions.
1 change: 0 additions & 1 deletion api/conf/settings/base.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
"django.contrib.messages",
"django.contrib.staticfiles",
# Third-party installed apps, more can be added in other settings files.
"corsheaders",
"sslserver",
]

Expand Down
6 changes: 4 additions & 2 deletions api/conf/settings/logging.py
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,8 @@ def health_check_filter(record: LogRecord) -> bool:

if not DEBUG:
# WARNING: Do not run in production long-term as it can impact performance.
MIDDLEWARE.append(
"api.middleware.force_debug_cursor_middleware.force_debug_cursor_middleware" # noqa: E501
middleware = (
"api.middleware.force_debug_cursor_middleware.force_debug_cursor_middleware"
)
if middleware not in MIDDLEWARE:
MIDDLEWARE.append(middleware)
11 changes: 5 additions & 6 deletions api/conf/settings/oauth2.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,12 @@
from conf.settings.base import INSTALLED_APPS, MIDDLEWARE


INSTALLED_APPS += [
"oauth2_provider",
]
if "oauth2_provider" not in INSTALLED_APPS:
INSTALLED_APPS.append("oauth2_provider")

MIDDLEWARE += [
"oauth2_provider.middleware.OAuth2TokenMiddleware",
]
middleware = "oauth2_provider.middleware.OAuth2TokenMiddleware"
if middleware not in MIDDLEWARE:
MIDDLEWARE.append(middleware)

OAUTH2_PROVIDER = {
"SCOPES": {
Expand Down
5 changes: 2 additions & 3 deletions api/conf/settings/openverse.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
from conf.settings.base import INSTALLED_APPS


INSTALLED_APPS += [
"api",
]
if "api" not in INSTALLED_APPS:
INSTALLED_APPS.append("api")
5 changes: 2 additions & 3 deletions api/conf/settings/rest_framework.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,8 @@
from conf.settings.base import INSTALLED_APPS


INSTALLED_APPS += [
"rest_framework",
]
if "rest_framework" not in INSTALLED_APPS:
INSTALLED_APPS.append("rest_framework")


THROTTLE_ANON_BURST = config("THROTTLE_ANON_BURST", default="5/hour")
Expand Down
5 changes: 2 additions & 3 deletions api/conf/settings/s3.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,8 @@


if USE_S3:
INSTALLED_APPS += [
"storages",
]
if "storages" not in INSTALLED_APPS:
INSTALLED_APPS.append("storages")

STORAGES["default"]["BACKEND"] = "storages.backends.s3boto3.S3Boto3Storage"

Expand Down
9 changes: 9 additions & 0 deletions api/conf/settings/security.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@

from decouple import config

from conf.settings.base import INSTALLED_APPS, MIDDLEWARE


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
Expand Down Expand Up @@ -35,6 +37,13 @@
CSRF_TRUSTED_ORIGINS = ["https://*.openverse.engineering"]

# Allow anybody to access the API from any domain
if "corsheaders" not in INSTALLED_APPS:
INSTALLED_APPS.append("corsheaders")

middleware = "corsheaders.middleware.CorsMiddleware"
if middleware not in MIDDLEWARE:
MIDDLEWARE.insert(0, middleware)

CORS_ORIGIN_ALLOW_ALL = True

# Proxy handling, for production
Expand Down
5 changes: 2 additions & 3 deletions api/conf/settings/spectacular.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,8 @@
from conf.settings.misc import API_VERSION


INSTALLED_APPS += [
"drf_spectacular",
]
if "drf_spectacular" not in INSTALLED_APPS:
INSTALLED_APPS.append("drf_spectacular")

SPECTACULAR_SETTINGS = {
"TITLE": "Openverse API",
Expand Down

0 comments on commit 962c556

Please sign in to comment.