diff options
| author | MS <ms@taler.net> | 2020-10-08 14:42:21 +0200 |
|---|---|---|
| committer | MS <ms@taler.net> | 2020-10-08 14:42:21 +0200 |
| commit | e5c1fe0b7ea953c3875a7997c948f08679320e1c (patch) | |
| tree | c12e75cf15bfcd4540a909e50b15f759d293fa9e | |
| parent | c1af3b85b63a2940f2c6a5f69ee24fe21cfe9e5e (diff) | |
| download | bank-e5c1fe0b7ea953c3875a7997c948f08679320e1c.tar.gz bank-e5c1fe0b7ea953c3875a7997c948f08679320e1c.tar.bz2 bank-e5c1fe0b7ea953c3875a7997c948f08679320e1c.zip | |
allow origin star to integration API
| -rw-r--r-- | talerbank/app/middleware.py | 15 | ||||
| -rw-r--r-- | talerbank/app/views.py | 8 |
2 files changed, 17 insertions, 6 deletions
diff --git a/talerbank/app/middleware.py b/talerbank/app/middleware.py index deb937c..08d8979 100644 --- a/talerbank/app/middleware.py +++ b/talerbank/app/middleware.py @@ -99,14 +99,19 @@ class ExceptionMiddleware: if hasattr(exception, "taler_error_code"): render_to = self.render.get(request.path) - if not render_to: - return JsonResponse( - {"code": exception.taler_error_code, "error": exception.hint}, + response = JsonResponse( + dict(code=exception.taler_error_code, error=exception.hint), status=exception.http_status_code, ) - set_session_hint(request, failure=True, success=False, hint=exception.hint) + response["Access-Control-Allow-Origin"] = "*" + return response + set_session_hint(request, success=False, hint=exception.hint) return redirect(render_to) else: - return JsonResponse(dict(code=5300, hint="unexpected exception", exception=str(exception)), status=500) + return JsonResponse( + dict(code=5300, + hint="unexpected exception", + exception=str(exception)), + status=500) diff --git a/talerbank/app/views.py b/talerbank/app/views.py index 7b78582..2597336 100644 --- a/talerbank/app/views.py +++ b/talerbank/app/views.py @@ -216,7 +216,7 @@ def get_session_hint(request): def set_session_hint(request, success, hint): if "hint" in request.session: - LOGGER.warning(f"Overriding a non consumed hint") + LOGGER.warning("Overriding a non consumed hint") del request.session["hint"] request.session["hint"] = success, hint @@ -534,6 +534,7 @@ def config_view(request): @require_GET +@allow_origin_star def api_config(request): """ Config query of the taler bank integration api @@ -1059,6 +1060,7 @@ def withdraw_headless(request, user): @csrf_exempt +@allow_origin_star def api_withdraw_operation(request, withdraw_id): """ Endpoint used by the browser and wallet to check withdraw status and @@ -1141,6 +1143,7 @@ def api_withdraw_operation(request, withdraw_id): @login_required @require_POST +@allow_origin_star def start_withdrawal(request): """ Serve a Taler withdrawal request; takes the amount chosen @@ -1172,6 +1175,7 @@ def get_qrcode_svg(data): @login_required @require_GET +@allow_origin_star def show_withdrawal(request, withdraw_id): op = TalerWithdrawOperation.objects.get(withdraw_id=withdraw_id) if op.selection_done: @@ -1192,6 +1196,7 @@ def show_withdrawal(request, withdraw_id): @login_required @require_http_methods(["GET", "POST"]) +@allow_origin_star def confirm_withdrawal(request, withdraw_id): op = TalerWithdrawOperation.objects.get(withdraw_id=withdraw_id) if not op.selection_done: @@ -1404,6 +1409,7 @@ def withdraw_abort_internal(wid): @require_POST @login_required +@allow_origin_star def abort_withdrawal(request, withdraw_id): internal_status = withdraw_abort_internal(withdraw_id) set_session_hint(request, success=internal_status["status"] == 200, hint=internal_status["hint"]) |