diff options
author | MS <ms@taler.net> | 2020-10-08 14:47:50 +0200 |
---|---|---|
committer | MS <ms@taler.net> | 2020-10-08 14:47:50 +0200 |
commit | 7d3fc76b7e18c228add147a4cf954aaa6dd31a36 (patch) | |
tree | 7104cd5649b1077ca76c0765eff66deff137f58d /talerbank/app/views.py | |
parent | e5c1fe0b7ea953c3875a7997c948f08679320e1c (diff) | |
download | bank-7d3fc76b7e18c228add147a4cf954aaa6dd31a36.tar.gz bank-7d3fc76b7e18c228add147a4cf954aaa6dd31a36.tar.bz2 bank-7d3fc76b7e18c228add147a4cf954aaa6dd31a36.zip |
allow origin star to access API
Diffstat (limited to 'talerbank/app/views.py')
-rw-r--r-- | talerbank/app/views.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/talerbank/app/views.py b/talerbank/app/views.py index 2597336..9a21ff2 100644 --- a/talerbank/app/views.py +++ b/talerbank/app/views.py @@ -1320,6 +1320,7 @@ def wire_transfer(amount, debit_account, credit_account, subject, request_uid=No @csrf_exempt @require_GET @login_via_headers +@allow_origin_star def bank_accounts_api_balance(request, user_account, acct_id): """ Query the balance for an account. @@ -1347,6 +1348,7 @@ def bank_accounts_api_balance(request, user_account, acct_id): @csrf_exempt @require_POST @login_via_headers +@allow_origin_star def bank_accounts_api_create_withdrawal(request, user, acct_id): user_account = BankAccount.objects.get(user=user) @@ -1376,6 +1378,7 @@ def bank_accounts_api_create_withdrawal(request, user, acct_id): @csrf_exempt @require_GET @login_via_headers +@allow_origin_star def bank_accounts_api_get_withdrawal(request, user, acct_id, wid): user_account = BankAccount.objects.get(user=user) if acct_id != user_account.user.username: @@ -1419,6 +1422,7 @@ def abort_withdrawal(request, withdraw_id): @csrf_exempt @require_POST @login_via_headers +@allow_origin_star def bank_accounts_api_abort_withdrawal(request, user, acct_id, wid): user_account = BankAccount.objects.get(user=user) if acct_id != user_account.user.username: @@ -1434,6 +1438,7 @@ def bank_accounts_api_abort_withdrawal(request, user, acct_id, wid): @csrf_exempt @require_POST @login_via_headers +@allow_origin_star def bank_accounts_api_confirm_withdrawal(request, user, acct_id, wid): user_account = BankAccount.objects.get(user=user) if acct_id != user_account.user.username: |