From 64b47c3345f8efed93209e7cb452462a751efdd2 Mon Sep 17 00:00:00 2001
From: Daniel Dupriest <kououken@gmail.com>
Date: Tue, 22 Jan 2019 13:34:47 -0800
Subject: [PATCH] Enabled cors headers for django

---
 back/Pipfile                    |  2 ++
 back/Pipfile.lock               | 16 ++++++++++++----
 back/reimbursinator/settings.py |  8 ++++++++
 3 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/back/Pipfile b/back/Pipfile
index 6a6941e..0c24bf0 100644
--- a/back/Pipfile
+++ b/back/Pipfile
@@ -7,6 +7,8 @@ verify_ssl = true
 
 [packages]
 django = "==2.1.5"
+django-cors-headers = "==2.4.0"
+
 gunicorn = "==19.6.0"
 
 [requires]
diff --git a/back/Pipfile.lock b/back/Pipfile.lock
index 188dca4..5aef303 100644
--- a/back/Pipfile.lock
+++ b/back/Pipfile.lock
@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "a46ef04ffac2e51c6fd60967adce8d1967758dcdfee3fb9804c0b929110c2a92"
+            "sha256": "5f6bc22a581526fd5e7cba376397b8d499b15a0c071bdcc5cc799c32859f88ed"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -18,11 +18,19 @@
     "default": {
         "django": {
             "hashes": [
-                "sha256:068d51054083d06ceb32ce02b7203f1854256047a0d58682677dd4f81bceabd7",
-                "sha256:55409a056b27e6d1246f19ede41c6c610e4cab549c005b62cbeefabc6433356b"
+                "sha256:a32c22af23634e1d11425574dce756098e015a165be02e4690179889b207c7a8",
+                "sha256:d6393918da830530a9516bbbcbf7f1214c3d733738779f06b0f649f49cc698c3"
             ],
             "index": "pypi",
-            "version": "==2.1.4"
+            "version": "==2.1.5"
+        },
+        "django-cors-headers": {
+            "hashes": [
+                "sha256:5545009c9b233ea7e70da7dbab7cb1c12afa01279895086f98ec243d7eab46fa",
+                "sha256:c4c2ee97139d18541a1be7d96fe337d1694623816d83f53cb7c00da9b94acae1"
+            ],
+            "index": "pypi",
+            "version": "==2.4.0"
         },
         "gunicorn": {
             "hashes": [
diff --git a/back/reimbursinator/settings.py b/back/reimbursinator/settings.py
index f17a05c..aab0894 100644
--- a/back/reimbursinator/settings.py
+++ b/back/reimbursinator/settings.py
@@ -39,9 +39,11 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'backend',
+    'corsheaders',
 ]
 
 MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
@@ -51,6 +53,12 @@ MIDDLEWARE = [
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
+CORS_ORIGIN_WHITELIST = (
+    'localhost:8443',
+    '192.168.99.100:8443',
+    '127.0.0.1:8443',
+)
+
 ROOT_URLCONF = 'reimbursinator.urls'
 
 TEMPLATES = [