From fdb7105e1b041c83d328cca4171f6433ba59f191 Mon Sep 17 00:00:00 2001
From: Florian Hartwich <s46831@beuth-hochschule.de>
Date: Tue, 16 May 2017 12:55:53 +0200
Subject: [PATCH] Add CORS Module

---
 api/package.json |  1 +
 api/server.js    | 10 +++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/api/package.json b/api/package.json
index 9d9e576..b2d7d35 100644
--- a/api/package.json
+++ b/api/package.json
@@ -15,6 +15,7 @@
     "async": "^2.4.0",
     "bcryptjs": "^2.4.3",
     "body-parser": "~1.13.2",
+    "cors": "^2.8.3",
     "cron": "^1.2.1",
     "debug": "~2.2.0",
     "express": "~4.13.1",
diff --git a/api/server.js b/api/server.js
index bb42e65..75a0f42 100644
--- a/api/server.js
+++ b/api/server.js
@@ -6,6 +6,7 @@ const favicon = require('serve-favicon');
 const bodyParser = require('body-parser');
 const requestLogger = require('morgan');
 const debug = require('debug')('cc:server');
+const cors = require('cors')
 const mongoose = require('mongoose');
 
 // own modules
@@ -34,7 +35,15 @@ mongoose.Promise = global.Promise;
 // app creation
 const app = express();
 
+// setup CORS-middleware
+const corsOptions = {
+  methods: ['GET'],
+  optionsSuccessStatus: 200
+};
+app.use(cors(corsOptions));
+
 // Middlewares *************************************************
+
 app.use(favicon(path.join(__dirname + '/..', 'public', 'favicon.ico')));
 app.use(express.static(path.join(__dirname + '/..', 'public')));
 app.use(bodyParser.json());
@@ -52,7 +61,6 @@ app.use(restAPIchecks);
 app.use(urls.auth, authenticateRouter);
 app.use(urls.signatures, signatureRouter);
 
-// all following routes need a jwt token to access
 app.use(urls.overview, overviewRouter);
 app.use(urls.users, userRouter);
 app.use(urls.squads, squadRouter);