I am trying to link to a third party authentication page via omniauth in a rails app using ember.js as a client. I am able to redirect my server to the proper url, but I cannot send my client there (causing my server to hang indefinitely in the request phase). My problem is that I need to set the Access-Control-Allow-Origin header somewhere in my application, but I am not sure where. I currently have this (non-working) setup in my application_controller.rb:
class ApplicationController < ActionController::API
# Force to wants JSON for API
before_action :api_request_settings, :cors_preflight_check
after_action :cors_set_access_control_headers
def cors_preflight_check
p 'hits cors preflight check'
if request.method == :options
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = '*'
headers['Access-Control-Request-Method'] = '*'
headers['Access-Control-Max-Age'] = '1728000'
render :text => '', :content_type => 'text/plain'
end
end
def api_request_settings
p request.headers
request.format = :json
end
def cors_set_access_control_headers
p 'hits cors acces set control headers'
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = '*'
headers['Access-Control-Request-Method'] = '*'
headers['Access-Control-Max-Age'] = "1728000"
end
What am I doing wrong and where should I put these headers to send my client to the landing page?
Aucun commentaire:
Enregistrer un commentaire