From e4b2466f4010d21453e6917ae809c2d25f1b29d0 Mon Sep 17 00:00:00 2001
From: William Brawner <me@wbrawner.com>
Date: Fri, 14 Feb 2020 20:51:11 -0700
Subject: [PATCH] Fix CORS

---
 .../budgetserver/config/SecurityConfig.kt     | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt b/src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt
index cd949ac..d08c3e6 100644
--- a/src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt
+++ b/src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt
@@ -2,6 +2,7 @@ package com.wbrawner.budgetserver.config
 
 import com.wbrawner.budgetserver.passwordresetrequest.PasswordResetRequestRepository
 import com.wbrawner.budgetserver.user.UserRepository
+import org.springframework.boot.web.servlet.FilterRegistrationBean
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.core.env.Environment
@@ -15,8 +16,12 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 import org.springframework.security.crypto.password.PasswordEncoder
 import org.springframework.security.provisioning.JdbcUserDetailsManager
+import org.springframework.web.cors.CorsConfiguration
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource
+import org.springframework.web.filter.CorsFilter
 import javax.sql.DataSource
 
+
 @Configuration
 @EnableWebSecurity
 open class SecurityConfig(
@@ -46,6 +51,20 @@ open class SecurityConfig(
         @Bean
         get() = BCryptPasswordEncoder()
 
+    @Bean
+    open fun corsFilter(): FilterRegistrationBean<*>? {
+        val source = UrlBasedCorsConfigurationSource()
+        val config = CorsConfiguration()
+        config.allowCredentials = true
+        config.addAllowedOrigin("*")
+        config.addAllowedHeader("*")
+        config.addAllowedMethod("*")
+        source.registerCorsConfiguration("/**", config)
+        val bean: FilterRegistrationBean<*> = FilterRegistrationBean(CorsFilter(source))
+        bean.order = 0
+        return bean
+    }
+
     public override fun configure(auth: AuthenticationManagerBuilder?) {
         auth!!.authenticationProvider(authenticationProvider)
     }