Trying to call a Django API via React. But CORS does not seem to be working properly.
settings.py (django)
ALLOWED_HOSTS = ['*']
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'oauth2_provider',
'rest_framework',
'accounts',
'products',
'corsheaders',
]
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'oauth2_provider.middleware.OAuth2TokenMiddleware',
]
CORS_ORIGIN_ALLOW_ALL = True
API in chrome browser,
GET /products/view/
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
[
{
"id": 5,
"name": "product_updated",
"image": "...",
"cost": "50.00",
"avail_quantity": 100,
"desc": "Good",
"rating": "3.60",
"users_rated": 100
},
{
"id": 14,
"name": "Dark Coffee",
"image": "...",
"cost": "50.00",
"avail_quantity": 100,
"desc": "Good",
"rating": "3.60",
"users_rated": 100
}
]
React component:
import React, { Component } from 'react'
class Dashboard extends Component {
constructor(props) {
super(props)
this.state = {
text: '127.0.0.1:8000',
productList: []
}
this.fetchProducts = this.fetchProducts.bind(this)
}
fetchProducts(){
fetch(`http://127.0.0.1:8000/products/view`, {
method: "GET",
}).then(res=> res.json())
.then(res=> {
console.log(res, typeof res, res.length)
this.setState({productList: res})
})
console.log(this.state.productList)
}
componentWillMount(){
this.fetchProducts()
}
render() {
var list = []
for (let i = this.state.productList.length-1; i >= 0; i--) {
list.push(<li>{this.state.productList[i].name}</li>)
console.log(list)
}
return (
<div className="dashboard">
<h1>Welcome To Bear State Coffee!</h1>
<h3>Products: </h3>
<ul>
{list}
</ul>
</div>
)
}
}
export default Dashboard
Console on running Dashboard on react server
Failed to load http://127.0.0.1:8000/products/view: Redirect from 'http://127.0.0.1:8000/products/view' to 'http://127.0.0.1:8000/products/view/' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. localhost/:1 Uncaught (in promise) TypeError: Failed to fetch
Edit: Set of response from browser (http://127.0.0.1:8000/products/view/)
OPTIONS /products/view/
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"name": "Products",
"description": "GET: For viewing all products",
"renders": [
"application/json",
"text/html"
],
"parses": [
"application/json",
"application/x-www-form-urlencoded",
"multipart/form-data"
]
}
http://127.0.0.1:8000/products/viewfrom the browser? The solution provided by @rahamin will 'work', in that it will stop CORS errors in development. However, as soon as you move this to Production, it will fail for users who don't have that extension. – roryhewitt