Spaces:
Sleeping
Sleeping
Update app.py
Browse files
app.py
CHANGED
|
@@ -13,8 +13,7 @@ load_dotenv()
|
|
| 13 |
SUPABASE_URL = os.getenv("SUPABASE_URL")
|
| 14 |
SUPABASE_SERVICE_KEY = os.getenv("SUPABASE_SERVICE_ROLE_KEY")
|
| 15 |
JWT_SECRET_KEY = os.getenv("JWT_SECRET_KEY")
|
| 16 |
-
ALGORITHM = "HS256"
|
| 17 |
-
# This should be the URL of your deployed frontend app (e.g., Vercel)
|
| 18 |
|
| 19 |
# --- Initialization ---
|
| 20 |
app = FastAPI()
|
|
@@ -31,20 +30,19 @@ except Exception as e:
|
|
| 31 |
supabase = None
|
| 32 |
|
| 33 |
# Configure CORS (Cross-Origin Resource Sharing)
|
| 34 |
-
# This allows your frontend to make requests to this backend
|
| 35 |
app.add_middleware(
|
| 36 |
CORSMiddleware,
|
| 37 |
allow_origins=["*"],
|
| 38 |
-
allow_credentials=False,
|
| 39 |
allow_methods=["*"],
|
| 40 |
allow_headers=["*"],
|
| 41 |
)
|
| 42 |
|
| 43 |
-
# --- API Endpoint ---
|
| 44 |
@app.get("/get-itinerary")
|
| 45 |
async def get_itinerary_data(authorization: str = Header(...)):
|
| 46 |
"""
|
| 47 |
-
Verifies the user's custom JWT and fetches their
|
| 48 |
"""
|
| 49 |
if not supabase:
|
| 50 |
raise HTTPException(status_code=500, detail="Database connection not configured.")
|
|
@@ -58,13 +56,14 @@ async def get_itinerary_data(authorization: str = Header(...)):
|
|
| 58 |
# 2. Verify and decode the JWT
|
| 59 |
payload = jwt.decode(token, JWT_SECRET_KEY, algorithms=[ALGORITHM])
|
| 60 |
|
| 61 |
-
# 3. Extract user ID
|
| 62 |
user_id = payload.get("user_id")
|
| 63 |
if user_id is None:
|
| 64 |
raise HTTPException(status_code=401, detail="User ID not found in token payload")
|
| 65 |
|
| 66 |
-
# 4. Query Supabase for
|
| 67 |
-
#
|
|
|
|
| 68 |
response = supabase.table("itineraries") \
|
| 69 |
.select("id, created_at, itinerary_data") \
|
| 70 |
.eq("user_id", user_id) \
|
|
|
|
| 13 |
SUPABASE_URL = os.getenv("SUPABASE_URL")
|
| 14 |
SUPABASE_SERVICE_KEY = os.getenv("SUPABASE_SERVICE_ROLE_KEY")
|
| 15 |
JWT_SECRET_KEY = os.getenv("JWT_SECRET_KEY")
|
| 16 |
+
ALGORITHM = "HS256"
|
|
|
|
| 17 |
|
| 18 |
# --- Initialization ---
|
| 19 |
app = FastAPI()
|
|
|
|
| 30 |
supabase = None
|
| 31 |
|
| 32 |
# Configure CORS (Cross-Origin Resource Sharing)
|
|
|
|
| 33 |
app.add_middleware(
|
| 34 |
CORSMiddleware,
|
| 35 |
allow_origins=["*"],
|
| 36 |
+
allow_credentials=False,
|
| 37 |
allow_methods=["*"],
|
| 38 |
allow_headers=["*"],
|
| 39 |
)
|
| 40 |
|
| 41 |
+
# --- API Endpoint (MODIFIED to fetch all itineraries) ---
|
| 42 |
@app.get("/get-itinerary")
|
| 43 |
async def get_itinerary_data(authorization: str = Header(...)):
|
| 44 |
"""
|
| 45 |
+
Verifies the user's custom JWT and fetches ALL their itineraries from Supabase.
|
| 46 |
"""
|
| 47 |
if not supabase:
|
| 48 |
raise HTTPException(status_code=500, detail="Database connection not configured.")
|
|
|
|
| 56 |
# 2. Verify and decode the JWT
|
| 57 |
payload = jwt.decode(token, JWT_SECRET_KEY, algorithms=[ALGORITHM])
|
| 58 |
|
| 59 |
+
# 3. Extract user ID
|
| 60 |
user_id = payload.get("user_id")
|
| 61 |
if user_id is None:
|
| 62 |
raise HTTPException(status_code=401, detail="User ID not found in token payload")
|
| 63 |
|
| 64 |
+
# 4. Query Supabase for all itineraries, newest first
|
| 65 |
+
# We removed .single() and .limit(1) to get a list
|
| 66 |
+
# We also added "id" and "created_at" to help the frontend
|
| 67 |
response = supabase.table("itineraries") \
|
| 68 |
.select("id, created_at, itinerary_data") \
|
| 69 |
.eq("user_id", user_id) \
|