Flask-sentinel /oauth/token endpoint CORS issue

It's possible that because the content-type is not text/plain, the browser is issuing an OPTIONS request. and as stated in the console error the response does not set the 'Access-Control-Allow-Origin' header.

From looking at Eve's docs, it seems you need to set the X_EXPOSE_HEADERS variable with ['Access-Control-Allow-Origin'] that:

"Allows API maintainers to specify which headers are exposed within a CORS response. Allowed values are: None or a list of headers names. Defaults to None."

The browser expects to receive the 'Access-Control-Allow-Origin', thus the failure.Try to allow this header in the response from the API

In your Flask app, try setting the 'Access-Control-Allow-Origin' header in your response, i.e.,

response.headers.add('Access-Control-Allow-Origin', '*')

That should most likely solve the issue.

I have sorted out how to fix this though I am not completely satisfied.

Here the steps I've followed:

• I have forked the Flask Sentinel repository
• I have installed Flas-CORS with Pip
• I have edited the flask_sentinel/flask_sentinel.py file by importing flask_cors
• Before this line I've inserted this piece of code:

CORS(app, origins=['http://192.168.1.y:3000','https://192.168.1.y:3000'])

• I went back to my Eve project and installed Flask-Sentinel through my forked repository with Pip instead of the original one