No CORS available for external domains

[yapalexei]

I would like to add CORS support for external domain access to the api even if it means just localhost (or 0.0.0.0). This way one could develop a separate client to consume the api.

pip install django-cors-headers

diff --git a/ohio/settings.py b/ohio/settings.py
index 12fcca1..d3132bf 100644
--- a/ohio/settings.py
+++ b/ohio/settings.py
@@ -29,6 +29,14 @@ DEBUG = True
 
 ALLOWED_HOSTS = ["*"]
 
+CORS_ORIGIN_ALLOW_ALL = True
+# CORS_ORIGIN_ALLOW_ALL = False
+# CORS_ORIGIN_WHITELIST = (
+#     'http://localhost:3000',
+#     'http://0.0.0.0:3000',
+# )
+# https://github.com/ottoyiu/django-cors-headers/#configuration
+
 
 INSTALLED_APPS = [
     'django.contrib.admin',
@@ -41,10 +49,12 @@ INSTALLED_APPS = [
     'rest_framework.authtoken',
     'rest_auth',
     'django_extensions',
-    'registry'
+    'registry',
+    'corsheaders'
 ]
 
 MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',

I have a branch created for this already but I don't seem to have any access rights to push a branch to create the PR. This may be due to me not authenticating properly. But just incase, I thought I'd mention the issue here for tracking.

[yapalexei]

I'm pretty sure though that I need to be added/invited as a contributor in order to create any branches/PRs.