From 6d60c5f7c77d5f16ade8df06b061848e6229ccdf Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens@goauthentik.io>
Date: Sun, 1 Sep 2024 00:11:20 +0200
Subject: [PATCH] terrible cors for testing

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 authentik/brands/middleware.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/authentik/brands/middleware.py b/authentik/brands/middleware.py
index 71650cc621..6e0ace053f 100644
--- a/authentik/brands/middleware.py
+++ b/authentik/brands/middleware.py
@@ -24,4 +24,13 @@ class BrandMiddleware:
             locale = brand.default_locale
             if locale != "":
                 activate(locale)
-        return self.get_response(request)
+        response = self.get_response(request)
+        response["Access-Control-Allow-Origin"] = "http://localhost:8080"
+        response["Access-Control-Allow-Credentials"] = "true"
+        if request.method == "OPTIONS":
+            response.status_code = 200
+            response["Access-Control-Allow-Headers"] = (
+                "authorization,sentry-trace,x-authentik-csrf,content-type"
+            )
+            response["Access-Control-Allow-Methods"] = "GET, POST, OPTIONS"
+        return response