Spaces:
Sleeping
Sleeping
| from fastapi import FastAPI | |
| from fastapi.middleware.cors import CORSMiddleware | |
| from .config import settings | |
| # If FRONTEND_URL is https but JWT_COOKIE_SECURE is not set to True, warn the deployer | |
| if settings.FRONTEND_URL.startswith("https://") and not settings.JWT_COOKIE_SECURE: | |
| import warnings | |
| warnings.warn("FRONTEND_URL uses https but JWT_COOKIE_SECURE is False. Set JWT_COOKIE_SECURE=True in production so browsers accept SameSite=None cookies (requires Secure).") | |
| from .routers import auth, tasks, projects | |
| app = FastAPI( | |
| title="Task API", | |
| description="Task management API with authentication", | |
| version="1.0.0" | |
| ) | |
| # Include routers | |
| app.include_router(auth.router) | |
| app.include_router(tasks.router) | |
| app.include_router(projects.router) | |
| # CORS configuration (development and production) | |
| # Use configured frontend origin (set your Vercel URL in FRONTEND_URL production env) | |
| allow_origins = [settings.FRONTEND_URL] | |
| # Always include localhost for local development/testing convenience | |
| if "localhost" not in settings.FRONTEND_URL: | |
| allow_origins.append("http://localhost:3000") | |
| app.add_middleware( | |
| CORSMiddleware, | |
| allow_origins=list(dict.fromkeys(allow_origins)), # deduplicate if FRONTEND_URL is localhost | |
| allow_credentials=True, | |
| allow_methods=["*"], | |
| allow_headers=["*"], | |
| # Expose Set-Cookie so clients can inspect (browsers handle cookies automatically for credentials) | |
| expose_headers=["Set-Cookie"] | |
| ) | |
| async def health_check(): | |
| return {"status": "healthy"} | |
| if __name__ == "__main__": | |
| import uvicorn | |
| uvicorn.run(app, host="0.0.0.0", port=8000) |