Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Global exempt_method to OPTIONS not working #8

Open
vschettino opened this issue Jan 19, 2018 · 1 comment
Open

Global exempt_method to OPTIONS not working #8

vschettino opened this issue Jan 19, 2018 · 1 comment

Comments

@vschettino
Copy link

I'm trying to allow CORS requests from any user, without any authentication. Thus I intend to use the exempt_methods parameter of FalconAuthMiddleware, as:

auth = TokenAuthBackend(user_loader=find_user)
auth_middleware = FalconAuthMiddleware(auth, exempt_methods=['HEAD',
                                                             'OPTIONS'])

But this is not working, I still unable to make requests from the browser without getting a 401 status code. The only way I managed to do it was overriding Authentication for a specific resource, with something like:

class FooResource(BaseResource):
    auth = {
        'exempt_methods': ['OPTIONS']
    }
    ...

This is not a elegant solution because I'll need to set auth.exempt_methods in every resource.
Any idea what is going on here? Thanks in advance!
@chevinbrown
Copy link

Maybe we could get some more context?
I just implemented the same thing and haven't had issues with it respecting exempting OPTIONS.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chevinbrown @vschettino