diff options
author | Andrew Godwin | 2022-12-10 21:03:14 -0700 |
---|---|---|
committer | Andrew Godwin | 2022-12-12 11:56:49 -0700 |
commit | 1017c71ba1d80a1690e357a938ad46f246a456ae (patch) | |
tree | ffe6172f5f38bb1c8aac3c42ada272bba40348e7 /takahe | |
parent | a8d1450763bea6f8d5388633b62a92c7d89913b6 (diff) | |
download | takahe-1017c71ba1d80a1690e357a938ad46f246a456ae.tar.gz takahe-1017c71ba1d80a1690e357a938ad46f246a456ae.tar.bz2 takahe-1017c71ba1d80a1690e357a938ad46f246a456ae.zip |
Working start of an OAuth flow
Diffstat (limited to 'takahe')
-rw-r--r-- | takahe/settings.py | 9 | ||||
-rw-r--r-- | takahe/urls.py | 6 |
2 files changed, 13 insertions, 2 deletions
diff --git a/takahe/settings.py b/takahe/settings.py index 64a523a..e2e9b43 100644 --- a/takahe/settings.py +++ b/takahe/settings.py @@ -169,16 +169,19 @@ INSTALLED_APPS = [ "django.contrib.messages", "django.contrib.staticfiles", "django_htmx", + "corsheaders", "core", "activities", - "users", - "stator", + "api", "mediaproxy", + "stator", + "users", ] MIDDLEWARE = [ "core.middleware.SentryTaggingMiddleware", "django.middleware.security.SecurityMiddleware", + "corsheaders.middleware.CorsMiddleware", "whitenoise.middleware.WhiteNoiseMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", @@ -278,6 +281,7 @@ AUTO_ADMIN_EMAIL = SETUP.AUTO_ADMIN_EMAIL STATOR_TOKEN = SETUP.STATOR_TOKEN +CORS_ORIGIN_ALLOW_ALL = True # Temporary CORS_ORIGIN_WHITELIST = SETUP.CORS_HOSTS CORS_ALLOW_CREDENTIALS = True CORS_PREFLIGHT_MAX_AGE = 604800 @@ -288,6 +292,7 @@ MEDIA_URL = SETUP.MEDIA_URL MEDIA_ROOT = SETUP.MEDIA_ROOT MAIN_DOMAIN = SETUP.MAIN_DOMAIN + if SETUP.USE_PROXY_HEADERS: SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") diff --git a/takahe/urls.py b/takahe/urls.py index 762e091..57af7a7 100644 --- a/takahe/urls.py +++ b/takahe/urls.py @@ -4,6 +4,7 @@ from django.urls import path, re_path from django.views.static import serve from activities.views import compose, explore, follows, posts, search, timelines +from api.views import api, oauth from core import views as core from mediaproxy import views as mediaproxy from stator import views as stator @@ -201,6 +202,11 @@ urlpatterns = [ path("actor/", activitypub.SystemActorView.as_view()), path("actor/inbox/", activitypub.Inbox.as_view()), path("inbox/", activitypub.Inbox.as_view(), name="shared_inbox"), + # API/Oauth + path("api/", api.urls), + path("oauth/authorize", oauth.AuthorizationView.as_view()), + path("oauth/token", oauth.TokenView.as_view()), + path("oauth/revoke_token", oauth.RevokeTokenView.as_view()), # Stator path(".stator/", stator.RequestRunner.as_view()), # Django admin |