From 76d56fa3f8206689dcf394505fcaa6a3cceddd2a Mon Sep 17 00:00:00 2001
From: Baptiste CERDAN <baptiste.owenia@gmail.com>
Date: Thu, 16 Dec 2021 16:47:09 +0100
Subject: [PATCH] :adhesive_bandage: add cors

---
 README.md              | 8 ++++----
 backend/routes/auth.js | 5 +++++
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 5aab95c..288a298 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,8 @@
 # Student Part - ERP 2021
 
-## Baptiste CERDAN, Victor VOGT, Thomas STEINMETZ, Janos FALKE
+### Baptiste CERDAN, Victor VOGT, Thomas STEINMETZ, Janos FALKE
 
-## REST endpoints
+### REST endpoints
 Features the following REST endpoints:
 
 - **/api/signup**
@@ -17,5 +17,5 @@ Features the following REST endpoints:
 
 - **/api/etudiants** (GET)
 
-## Development
-- Run `npm start`, server will run at `http://localhost:8005` and MongoDB `http://localhost:27017`
+### Development
+- Run `docker-compose up --build`, server will run at `http://localhost:8005` and MongoDB `http://localhost:27017`
diff --git a/backend/routes/auth.js b/backend/routes/auth.js
index 408b343..f3bba06 100644
--- a/backend/routes/auth.js
+++ b/backend/routes/auth.js
@@ -73,6 +73,9 @@ router.post('/login', async (req, res) => {
 router.post('/pay_adhesion', async (req, res) => {
     const student_number = req.body.student_number;
 
+    res.header("Access-Control-Allow-Origin", "*");
+    res.header("Access-Control-Allow-Headers", "X-Requested-With");
+
     if (!student_number)
         return res.status(400);
 
@@ -143,6 +146,8 @@ router.post('/me/update', passport.authenticate('jwt', {session: false}), async
 
 router.get('/etudiants', async (req, res) => {
     const users = await User.find();
+    res.header("Access-Control-Allow-Origin", "*");
+    res.header("Access-Control-Allow-Headers", "X-Requested-With");
     return res.status(200).json(users);
 });
 
-- 
GitLab