From 69babdf5a393a203aab3ccb65832cf71b9b8b0dd Mon Sep 17 00:00:00 2001
From: Andras Schmelczer <andras@schmelczer.dev>
Date: Sun, 8 Dec 2024 22:02:34 +0000
Subject: [PATCH] Add CORS

---
 backend/sync_server/Cargo.toml    | 1 +
 backend/sync_server/src/server.rs | 8 ++++++++
 2 files changed, 9 insertions(+)

diff --git a/backend/sync_server/Cargo.toml b/backend/sync_server/Cargo.toml
index 947f785..50fab5c 100644
--- a/backend/sync_server/Cargo.toml
+++ b/backend/sync_server/Cargo.toml
@@ -23,3 +23,4 @@ aide = { version = "0.13.4", features = ["axum", "axum-ws", "scalar", "axum-head
 schemars = { version = "0.8.21", features = ["chrono", "uuid1"] }
 rand = "0.8.5"
 axum-extra = { version = "0.9.6", features = ["typed-header"] }
+tower-http = { version = "0.6.1", features = ["cors"] }
diff --git a/backend/sync_server/src/server.rs b/backend/sync_server/src/server.rs
index 6fd262b..b4206b7 100644
--- a/backend/sync_server/src/server.rs
+++ b/backend/sync_server/src/server.rs
@@ -9,10 +9,12 @@ use aide::{
 use anyhow::{Context, Result};
 use axum::{
     extract::{DefaultBodyLimit, WebSocketUpgrade},
+    http::{self, HeaderValue, Method},
     response::{IntoResponse, Response},
     Extension, Json,
 };
 use log::info;
+use tower_http::cors::CorsLayer;
 
 use crate::app_state::AppState;
 mod auth;
@@ -64,6 +66,12 @@ pub async fn create_server(app_state: AppState) -> Result<()> {
         .layer(DefaultBodyLimit::max(
             app_state.config.server.max_body_size_mb * 1024 * 1024,
         ))
+        .layer(
+            CorsLayer::new()
+                .allow_origin("*".parse::<HeaderValue>().unwrap())
+                .allow_headers([http::header::CONTENT_TYPE, http::header::AUTHORIZATION])
+                .allow_methods([Method::GET, Method::POST, Method::PUT, Method::DELETE]),
+        )
         .with_state(app_state)
         .finish_api(&mut api)
         .layer(Extension(api))