From b729b37e07df01c1027c33a13bd58c4e3b4f9217 Mon Sep 17 00:00:00 2001
From: Thor77 <thor77@thor77.org>
Date: Tue, 13 Nov 2018 16:09:23 +0100
Subject: [PATCH] Allow access from all origins

---
 Gemfile               | 2 ++
 Gemfile.lock          | 2 ++
 config/application.rb | 7 +++++++
 3 files changed, 11 insertions(+)

diff --git a/Gemfile b/Gemfile
index 7f68ac8..a685f81 100644
--- a/Gemfile
+++ b/Gemfile
@@ -32,6 +32,8 @@ gem 'bootsnap', '>= 1.1.0', require: false
 gem 'devise'
 gem 'devise_token_auth'
 
+gem 'rack-cors'
+
 group :development, :test do
   # Call 'byebug' anywhere in the code to stop execution and get a debugger console
   gem 'byebug', platforms: %i[mri mingw x64_mingw]
diff --git a/Gemfile.lock b/Gemfile.lock
index 5375364..8d374d3 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -98,6 +98,7 @@ GEM
     powerpack (0.1.2)
     puma (3.12.0)
     rack (2.0.5)
+    rack-cors (1.0.2)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     railroady (1.5.3)
@@ -192,6 +193,7 @@ DEPENDENCIES
   devise_token_auth
   listen (>= 3.0.5, < 3.2)
   puma (~> 3.11)
+  rack-cors
   railroady
   rails (~> 5.2.1)
   rubocop
diff --git a/config/application.rb b/config/application.rb
index 914d716..eccaef4 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -33,5 +33,12 @@ module TurniereBackend
     # Middleware like session, flash, cookies can be added back manually.
     # Skip views, helpers and assets when generating a new resource.
     config.api_only = true
+
+    config.middleware.insert_before 0, Rack::Cors do
+      allow do
+        origins '*'
+        resource '*', headers: :any, methods: :any
+      end
+    end
   end
 end