Spaces:
Sleeping
Sleeping
File size: 1,636 Bytes
bda4716 924b937 bda4716 3ddec08 bda4716 3ddec08 bda4716 3ddec08 bda4716 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from .config import settings
# If FRONTEND_URL is https but JWT_COOKIE_SECURE is not set to True, warn the deployer
if settings.FRONTEND_URL.startswith("https://") and not settings.JWT_COOKIE_SECURE:
import warnings
warnings.warn("FRONTEND_URL uses https but JWT_COOKIE_SECURE is False. Set JWT_COOKIE_SECURE=True in production so browsers accept SameSite=None cookies (requires Secure).")
from .routers import auth, tasks, projects
app = FastAPI(
title="Task API",
description="Task management API with authentication",
version="1.0.0"
)
# Include routers
app.include_router(auth.router)
app.include_router(tasks.router)
app.include_router(projects.router)
# CORS configuration (development and production)
# Use configured frontend origin (set your Vercel URL in FRONTEND_URL production env)
allow_origins = [settings.FRONTEND_URL]
# Always include localhost for local development/testing convenience
if "localhost" not in settings.FRONTEND_URL:
allow_origins.append("http://localhost:3000")
app.add_middleware(
CORSMiddleware,
allow_origins=list(dict.fromkeys(allow_origins)), # deduplicate if FRONTEND_URL is localhost
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
# Expose Set-Cookie so clients can inspect (browsers handle cookies automatically for credentials)
expose_headers=["Set-Cookie"]
)
@app.get("/api/health")
async def health_check():
return {"status": "healthy"}
if __name__ == "__main__":
import uvicorn
uvicorn.run(app, host="0.0.0.0", port=8000) |