diff --git a/app/api.py b/app/api.py
index 0aaa9a607613aeaa1756d7b1117830f59a1433e5..5114917256ced70f815291ef072783dd5be4adb5 100644
--- a/app/api.py
+++ b/app/api.py
@@ -17,7 +17,6 @@ def api_post(request, domain, sAPI, passwordProtected, password):
username = "error"
try:
username = sAPI.loads(request.json['apikey'])
- print(username)
except:
pass
@@ -29,32 +28,40 @@ def api_post(request, domain, sAPI, passwordProtected, password):
try:
longURL = request.json['long']
except:
- return jsonify(
+ resp = jsonify(
status="2",
message="long url is missing"
)
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
if "short" in request.json:
domain_ = short.split("/")[0]
if not domain_ in domain:
- return jsonify(
+ resp = jsonify(
status="3",
message="domain for short link is not in allowed domain list"
)
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
if passwordProtected:
try:
pw = request.json["password"]
if( pw != password):
- return jsonify(
+ resp = jsonify(
status="5",
message="Wrong password."
- )
+ )
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
except:
- return jsonify(
+ resp = jsonify(
status="5",
message="Wrong password."
)
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
with connect('db/urls.db') as conn: #Check if another user already used the short link
@@ -73,16 +80,20 @@ def api_post(request, domain, sAPI, passwordProtected, password):
'INSERT INTO WEB_URL (LONG_URL, SHORT_URL, USERNAME) VALUES (?, ?, ?)',
[longURL, short, username]
)
- return jsonify(
+ resp = jsonify(
status="0",
message="ok",
url="https://{}/{}".format(domain[0], short)
)
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
else:
- return jsonify(
+ resp = jsonify(
status="4",
message="short url already in use"
)
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
if (__name__ == "__main__"):
print("This file is not made for direct call, please run the main.py")