from tornado.web import RequestHandler


class CorsHandler(RequestHandler):
    def set_default_headers(self):
        self.set_header(
                'Access-Control-Allow-Origin',
                self.request.headers.get('Origin', '*'))
        self.set_header('Access-Control-Allow-Credentials', 'true')
        self.set_header(
                'Access-Control-Allow-Headers',
                'X-Requested-With, Authorization')
        self.set_header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS')

    def options(self):
        self.set_status(204)
        self.finish()