Add CORS rules

2 files changed, 20 insertions, 4 deletions

diff --git a/server/Cargo.toml b/server/Cargo.toml
index f5cf075..8bceb99 100644
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@@ -15,7 +15,7 @@ serde_json = "1.0"
 tokio = { version = "1.20", features = ["full"] }
 tracing = "0.1"
 tracing-subscriber = { version = "0.3", features = ["env-filter"] }
-tower-http = { version = "0.3.4", features = ["trace", "compression-br", "propagate-header", "sensitive-headers"] }
+tower-http = { version = "0.3.4", features = ["trace", "cors", "compression-br", "propagate-header", "sensitive-headers"] }
 sqlx = { version = "0.6", features = [ "runtime-tokio-rustls", "postgres" ] }
 sha256 = "1.0.3"
 validator = { version = "0.16.0", features = ["derive"] }
diff --git a/server/src/main.rs b/server/src/main.rs
index 4a211fd..7da56d6 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -5,12 +5,16 @@ mod models;
 mod routes;
 
 use axum::{
-    http::{header, Request},
+    http::{header, Method, Request},
     Router,
 };
 use std::time::Duration;
-use tower_http::sensitive_headers::SetSensitiveHeadersLayer;
-use tower_http::{classify::ServerErrorsFailureClass, trace::TraceLayer};
+use tower_http::{
+    classify::ServerErrorsFailureClass,
+    cors::{Any, CorsLayer},
+    sensitive_headers::SetSensitiveHeadersLayer,
+    trace::TraceLayer,
+};
 use tracing::Span;
 
 /// Main application, called by the execution of the software
@@ -57,4 +61,16 @@ async fn create_app() -> Router {
                     },
                 ),
         )
+        .layer(
+            CorsLayer::new()
+                .allow_methods([
+                    Method::OPTIONS,
+                    Method::GET,
+                    Method::POST,
+                    Method::PUT,
+                    Method::DELETE,
+                ])
+                .allow_headers(vec![header::CONTENT_TYPE, header::AUTHORIZATION])
+                .allow_origin(Any),
+        )
 }