mirror of
https://github.com/beetbox/beets.git
synced 2026-01-05 07:23:33 +01:00
Made CORS configurable and changed host default to 127.0.0.1
This commit is contained in:
Andre Miller
parent
9fe2bc1a38
commit
bd63e1e386
2 changed files with 29 additions and 17 deletions
|
|
@ -22,8 +22,7 @@ from flask import g
|
|||
from werkzeug.routing import BaseConverter, PathConverter
|
||||
import os
|
||||
import json
|
||||
from crossdomaindec import crossdomain
|
||||
|
||||
from crossdomaindec import crossdomain, set_cors_origin
|
||||
|
||||
# Utilities.
|
||||
|
||||
|
|
@ -165,7 +164,7 @@ def before_request():
|
|||
# Items.
|
||||
|
||||
@app.route('/item/<idlist:ids>')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
@resource('items')
|
||||
def get_item(id):
|
||||
return g.lib.get_item(id)
|
||||
|
|
@ -173,14 +172,14 @@ def get_item(id):
|
|||
|
||||
@app.route('/item/')
|
||||
@app.route('/item/query/')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
@resource_list('items')
|
||||
def all_items():
|
||||
return g.lib.items()
|
||||
|
||||
|
||||
@app.route('/item/<int:item_id>/file')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
def item_file(item_id):
|
||||
item = g.lib.get_item(item_id)
|
||||
response = flask.send_file(item.path, as_attachment=True,
|
||||
|
|
@ -190,7 +189,7 @@ def item_file(item_id):
|
|||
|
||||
|
||||
@app.route('/item/query/<query:queries>')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
@resource_query('items')
|
||||
def item_query(queries):
|
||||
return g.lib.items(queries)
|
||||
|
|
@ -199,7 +198,7 @@ def item_query(queries):
|
|||
# Albums.
|
||||
|
||||
@app.route('/album/<idlist:ids>')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
@resource('albums')
|
||||
def get_album(id):
|
||||
return g.lib.get_album(id)
|
||||
|
|
@ -207,21 +206,21 @@ def get_album(id):
|
|||
|
||||
@app.route('/album/')
|
||||
@app.route('/album/query/')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
@resource_list('albums')
|
||||
def all_albums():
|
||||
return g.lib.albums()
|
||||
|
||||
|
||||
@app.route('/album/query/<query:queries>')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
@resource_query('albums')
|
||||
def album_query(queries):
|
||||
return g.lib.albums(queries)
|
||||
|
||||
|
||||
@app.route('/album/<int:album_id>/art')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
def album_art(album_id):
|
||||
album = g.lib.get_album(album_id)
|
||||
return flask.send_file(album.artpath)
|
||||
|
|
@ -230,7 +229,7 @@ def album_art(album_id):
|
|||
# Artists.
|
||||
|
||||
@app.route('/artist/')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
def all_artists():
|
||||
with g.lib.transaction() as tx:
|
||||
rows = tx.query("SELECT DISTINCT albumartist FROM albums")
|
||||
|
|
@ -241,7 +240,7 @@ def all_artists():
|
|||
# Library information.
|
||||
|
||||
@app.route('/stats')
|
||||
@crossdomain(origin='*')
|
||||
@crossdomain()
|
||||
def stats():
|
||||
with g.lib.transaction() as tx:
|
||||
item_rows = tx.query("SELECT COUNT(*) FROM items")
|
||||
|
|
@ -265,8 +264,9 @@ class WebPlugin(BeetsPlugin):
|
|||
def __init__(self):
|
||||
super(WebPlugin, self).__init__()
|
||||
self.config.add({
|
||||
'host': u'',
|
||||
'host': u'127.0.0.1',
|
||||
'port': 8337,
|
||||
'cors_origin': 'http://127.0.0.1',
|
||||
})
|
||||
|
||||
def commands(self):
|
||||
|
|
@ -281,6 +281,8 @@ class WebPlugin(BeetsPlugin):
|
|||
if args:
|
||||
self.config['port'] = int(args.pop(0))
|
||||
|
||||
set_cors_origin(self.config['cors_origin'])
|
||||
|
||||
app.config['lib'] = lib
|
||||
app.run(host=self.config['host'].get(unicode),
|
||||
port=self.config['port'].get(int),
|
||||
|
|
|
|||
|
|
@ -12,21 +12,31 @@
|
|||
#
|
||||
# The following view decorator implements this
|
||||
#
|
||||
# Note that some changes have been made to the original snippet
|
||||
# to allow changing the CORS origin after the decorator has been attached
|
||||
# This was done because the flask routing functions are defined before the
|
||||
# beetsplug hook is called.
|
||||
|
||||
from datetime import timedelta
|
||||
from flask import make_response, request, current_app
|
||||
from functools import update_wrapper
|
||||
|
||||
cors_origin = 'http://127.0.0.1'
|
||||
|
||||
def crossdomain(origin=None, methods=None, headers=None,
|
||||
def set_cors_origin(origin):
|
||||
global cors_origin
|
||||
cors_origin = origin
|
||||
|
||||
def get_cors_origin():
|
||||
return cors_origin
|
||||
|
||||
def crossdomain(methods=None, headers=None,
|
||||
max_age=21600, attach_to_all=True,
|
||||
automatic_options=True):
|
||||
if methods is not None:
|
||||
methods = ', '.join(sorted(x.upper() for x in methods))
|
||||
if headers is not None and not isinstance(headers, basestring):
|
||||
headers = ', '.join(x.upper() for x in headers)
|
||||
if not isinstance(origin, basestring):
|
||||
origin = ', '.join(origin)
|
||||
if isinstance(max_age, timedelta):
|
||||
max_age = max_age.total_seconds()
|
||||
|
||||
|
|
@ -48,7 +58,7 @@ def crossdomain(origin=None, methods=None, headers=None,
|
|||
|
||||
h = resp.headers
|
||||
|
||||
h['Access-Control-Allow-Origin'] = origin
|
||||
h['Access-Control-Allow-Origin'] = get_cors_origin()
|
||||
h['Access-Control-Allow-Methods'] = get_methods()
|
||||
h['Access-Control-Max-Age'] = str(max_age)
|
||||
if headers is not None:
|
||||
|
|
|
|||
Loading…
Reference in a new issue