api access controll

This commit is contained in:
Martin Geno 2016-05-17 11:01:29 +02:00
parent 255257033f
commit 5d59f8f11f

View File

@ -23,6 +23,7 @@ func jsonOutput(w http.ResponseWriter, r *http.Request,data interface{}){
} }
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE") w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
w.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization") w.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
w.Header().Set("Access-Control-Allow-Credentials", "true")
w.Write(js) w.Write(js)
} }
func BasicAuth(h httprouter.Handle, pass []byte) httprouter.Handle { func BasicAuth(h httprouter.Handle, pass []byte) httprouter.Handle {
@ -32,6 +33,7 @@ func BasicAuth(h httprouter.Handle, pass []byte) httprouter.Handle {
} }
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE") w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
w.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization") w.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
w.Header().Set("Access-Control-Allow-Credentials", "true")
const basicAuthPrefix string = "Basic " const basicAuthPrefix string = "Basic "