We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I implemented authentication on my app with this code:
@middleware async def auth(request, handler): if request.headers.get("Authorization") == f"Bearer {TOKEN}": return await handler(request) return web.Response(status=401)
The problem is that OPTIONS requests don't contain authentication headers (https://stackoverflow.com/a/40723041/5133167), and the middleware doesn't return the CORS headers.
I could solve my issue by adding a condition:
@middleware async def auth(request, handler): # skip auth for OPTIONS requests if ( request.method == "OPTIONS" or request.headers.get("Authorization") == f"Bearer {TOKEN}" ): return await handler(request) return web.Response(status=401)
but I think it's ugly and that users shouldn't have to deal with this.
Is there a general way to enforce CORS on any middleware?
The text was updated successfully, but these errors were encountered:
No branches or pull requests
I implemented authentication on my app with this code:
The problem is that OPTIONS requests don't contain authentication headers (https://stackoverflow.com/a/40723041/5133167), and the middleware doesn't return the CORS headers.
I could solve my issue by adding a condition:
but I think it's ugly and that users shouldn't have to deal with this.
Is there a general way to enforce CORS on any middleware?
The text was updated successfully, but these errors were encountered: