Merge pull request #3218 from crobibero/api-cors

Enable CORS and Authentation
This commit is contained in:
dkanada
2020-06-09 14:29:52 +09:00
committed by GitHub
7 changed files with 62 additions and 5 deletions

View File

@@ -10,6 +10,7 @@ using Jellyfin.Api.Auth.RequiresElevationPolicy;
using Jellyfin.Api.Constants;
using Jellyfin.Api.Controllers;
using Jellyfin.Server.Formatters;
using Jellyfin.Server.Models;
using MediaBrowser.Common.Json;
using MediaBrowser.Model.Entities;
using Microsoft.AspNetCore.Authentication;
@@ -72,7 +73,12 @@ namespace Jellyfin.Server.Extensions
/// <returns>The MVC builder.</returns>
public static IMvcBuilder AddJellyfinApi(this IServiceCollection serviceCollection, string baseUrl)
{
return serviceCollection.AddMvc(opts =>
return serviceCollection
.AddCors(options =>
{
options.AddPolicy(ServerCorsPolicy.DefaultPolicyName, ServerCorsPolicy.DefaultPolicy);
})
.AddMvc(opts =>
{
opts.UseGeneralRoutePrefix(baseUrl);
opts.OutputFormatters.Insert(0, new CamelCaseJsonProfileFormatter());

View File

@@ -0,0 +1,30 @@
using Microsoft.AspNetCore.Cors.Infrastructure;
namespace Jellyfin.Server.Models
{
/// <summary>
/// Server Cors Policy.
/// </summary>
public static class ServerCorsPolicy
{
/// <summary>
/// Default policy name.
/// </summary>
public const string DefaultPolicyName = "DefaultCorsPolicy";
/// <summary>
/// Default Policy. Allow Everything.
/// </summary>
public static readonly CorsPolicy DefaultPolicy = new CorsPolicy
{
// Allow any origin
Origins = { "*" },
// Allow any method
Methods = { "*" },
// Allow any header
Headers = { "*" }
};
}
}

View File

@@ -1,5 +1,6 @@
using Jellyfin.Server.Extensions;
using Jellyfin.Server.Middleware;
using Jellyfin.Server.Models;
using MediaBrowser.Controller;
using MediaBrowser.Controller.Configuration;
using Microsoft.AspNetCore.Builder;
@@ -68,9 +69,10 @@ namespace Jellyfin.Server
// TODO app.UseMiddleware<WebSocketMiddleware>();
app.Use(serverApplicationHost.ExecuteWebsocketHandlerAsync);
// TODO use when old API is removed: app.UseAuthentication();
app.UseAuthentication();
app.UseJellyfinApiSwagger(_serverConfigurationManager);
app.UseRouting();
app.UseCors(ServerCorsPolicy.DefaultPolicyName);
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{