From d0741fde6ef940381b197d591ae07c02cfa8e292 Mon Sep 17 00:00:00 2001
From: rubenwardy <rw@rubenwardy.com>
Date: Wed, 24 Nov 2021 15:49:00 +0000
Subject: [PATCH] Also allow Authorization header

---
 app/blueprints/api/endpoints.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/blueprints/api/endpoints.py b/app/blueprints/api/endpoints.py
index deae99f..87523e3 100644
--- a/app/blueprints/api/endpoints.py
+++ b/app/blueprints/api/endpoints.py
@@ -35,7 +35,7 @@ def cors_allowed(f):
 		res = f(*args, **kwargs)
 		res.headers["Access-Control-Allow-Origin"] = "*"
 		res.headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE, OPTIONS"
-		res.headers["Access-Control-Allow-Headers"] = "Content-Type"
+		res.headers["Access-Control-Allow-Headers"] = "Content-Type, Authorization"
 		return res
 	return inner