In order to make our lives easier and move on to the series, let's make a statement, our API will be public, anyone can connect to us through a token, so, this means we should modify the way we handle Cors, allowing all accesses.
We need to modify our main file to handle all requests in our cors configuration.
src/main.rs:
cors::Cors::new()
.send_wildcard()
.allowed_methods(vec!["GET", "POST", "PUT", "DELETE"])
.allowed_headers(vec![header::AUTHORIZATION,
header::CONTENT_TYPE,
header::ACCEPT,
csrf_token_header.clone()])
.expose_headers(vec![csrf_token_header.clone()])
.max_age(3600)
Reference in source code
Top comments (0)