Spaces:
Running
Running
Update app.py
Browse files
app.py
CHANGED
|
@@ -5,7 +5,7 @@ import warnings
|
|
| 5 |
import logging
|
| 6 |
import urllib.parse
|
| 7 |
from concurrent.futures import ThreadPoolExecutor
|
| 8 |
-
from fastapi import FastAPI, File, UploadFile, Form, HTTPException
|
| 9 |
from fastapi.middleware.cors import CORSMiddleware
|
| 10 |
from PIL import Image
|
| 11 |
import io
|
|
@@ -21,11 +21,24 @@ logging.getLogger("transformers").setLevel(logging.ERROR)
|
|
| 21 |
|
| 22 |
app = FastAPI()
|
| 23 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 24 |
app.add_middleware(
|
| 25 |
CORSMiddleware,
|
| 26 |
-
allow_origins=
|
| 27 |
allow_credentials=True,
|
| 28 |
-
allow_methods=["
|
| 29 |
allow_headers=["*"],
|
| 30 |
)
|
| 31 |
|
|
@@ -593,7 +606,15 @@ def get_skin_type(image):
|
|
| 593 |
def home(): return {"status": "Pure Sense API v10 (Curated Products)"}
|
| 594 |
|
| 595 |
@app.post("/analyze")
|
| 596 |
-
async def analyze_skin(
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 597 |
contents = await file.read()
|
| 598 |
|
| 599 |
is_valid, msg = check_image_quality(contents)
|
|
|
|
| 5 |
import logging
|
| 6 |
import urllib.parse
|
| 7 |
from concurrent.futures import ThreadPoolExecutor
|
| 8 |
+
from fastapi import FastAPI, File, UploadFile, Form, HTTPException, Header
|
| 9 |
from fastapi.middleware.cors import CORSMiddleware
|
| 10 |
from PIL import Image
|
| 11 |
import io
|
|
|
|
| 21 |
|
| 22 |
app = FastAPI()
|
| 23 |
|
| 24 |
+
# --- GÜVENLİK AYARLARI ---
|
| 25 |
+
# API Key - Gerçek uygulamada environment variable kullanın
|
| 26 |
+
API_KEY = os.getenv("PURESENSE_API_KEY", "ps_live_2024_secure_key_x7k9m")
|
| 27 |
+
|
| 28 |
+
# İzin verilen originler (CORS)
|
| 29 |
+
ALLOWED_ORIGINS = [
|
| 30 |
+
"https://puresense.app",
|
| 31 |
+
"capacitor://localhost",
|
| 32 |
+
"http://localhost",
|
| 33 |
+
"http://localhost:3000",
|
| 34 |
+
"http://127.0.0.1",
|
| 35 |
+
]
|
| 36 |
+
|
| 37 |
app.add_middleware(
|
| 38 |
CORSMiddleware,
|
| 39 |
+
allow_origins=ALLOWED_ORIGINS,
|
| 40 |
allow_credentials=True,
|
| 41 |
+
allow_methods=["GET", "POST"],
|
| 42 |
allow_headers=["*"],
|
| 43 |
)
|
| 44 |
|
|
|
|
| 606 |
def home(): return {"status": "Pure Sense API v10 (Curated Products)"}
|
| 607 |
|
| 608 |
@app.post("/analyze")
|
| 609 |
+
async def analyze_skin(
|
| 610 |
+
file: UploadFile = File(...),
|
| 611 |
+
is_premium: bool = Form(False),
|
| 612 |
+
x_api_key: str = Header(None, alias="X-API-Key")
|
| 613 |
+
):
|
| 614 |
+
# API Key doğrulaması
|
| 615 |
+
if x_api_key != API_KEY:
|
| 616 |
+
raise HTTPException(status_code=401, detail="Geçersiz veya eksik API anahtarı")
|
| 617 |
+
|
| 618 |
contents = await file.read()
|
| 619 |
|
| 620 |
is_valid, msg = check_image_quality(contents)
|