summaryrefslogtreecommitdiffstats
path: root/takahe
diff options
context:
space:
mode:
Diffstat (limited to 'takahe')
-rw-r--r--takahe/settings.py9
-rw-r--r--takahe/urls.py6
2 files changed, 13 insertions, 2 deletions
diff --git a/takahe/settings.py b/takahe/settings.py
index 64a523a..e2e9b43 100644
--- a/takahe/settings.py
+++ b/takahe/settings.py
@@ -169,16 +169,19 @@ INSTALLED_APPS = [
"django.contrib.messages",
"django.contrib.staticfiles",
"django_htmx",
+ "corsheaders",
"core",
"activities",
- "users",
- "stator",
+ "api",
"mediaproxy",
+ "stator",
+ "users",
]
MIDDLEWARE = [
"core.middleware.SentryTaggingMiddleware",
"django.middleware.security.SecurityMiddleware",
+ "corsheaders.middleware.CorsMiddleware",
"whitenoise.middleware.WhiteNoiseMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
@@ -278,6 +281,7 @@ AUTO_ADMIN_EMAIL = SETUP.AUTO_ADMIN_EMAIL
STATOR_TOKEN = SETUP.STATOR_TOKEN
+CORS_ORIGIN_ALLOW_ALL = True # Temporary
CORS_ORIGIN_WHITELIST = SETUP.CORS_HOSTS
CORS_ALLOW_CREDENTIALS = True
CORS_PREFLIGHT_MAX_AGE = 604800
@@ -288,6 +292,7 @@ MEDIA_URL = SETUP.MEDIA_URL
MEDIA_ROOT = SETUP.MEDIA_ROOT
MAIN_DOMAIN = SETUP.MAIN_DOMAIN
+
if SETUP.USE_PROXY_HEADERS:
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
diff --git a/takahe/urls.py b/takahe/urls.py
index 762e091..57af7a7 100644
--- a/takahe/urls.py
+++ b/takahe/urls.py
@@ -4,6 +4,7 @@ from django.urls import path, re_path
from django.views.static import serve
from activities.views import compose, explore, follows, posts, search, timelines
+from api.views import api, oauth
from core import views as core
from mediaproxy import views as mediaproxy
from stator import views as stator
@@ -201,6 +202,11 @@ urlpatterns = [
path("actor/", activitypub.SystemActorView.as_view()),
path("actor/inbox/", activitypub.Inbox.as_view()),
path("inbox/", activitypub.Inbox.as_view(), name="shared_inbox"),
+ # API/Oauth
+ path("api/", api.urls),
+ path("oauth/authorize", oauth.AuthorizationView.as_view()),
+ path("oauth/token", oauth.TokenView.as_view()),
+ path("oauth/revoke_token", oauth.RevokeTokenView.as_view()),
# Stator
path(".stator/", stator.RequestRunner.as_view()),
# Django admin