Spaces:

Detomo
/

meisaicheck-api

Running

vumichien commited on May 22

Commit

5fa8be0

1 Parent(s): 6830bc7

fix authen header

Files changed (2) hide show

custom_auth.py CHANGED Viewed

@@ -1,4 +1,4 @@
-from fastapi import Depends, HTTPException, status, Header, Query
 from typing import Optional
 from database import get_users
 from models import User, UserInDB
@@ -6,7 +6,8 @@ from token_store import token_store
 async def get_token(
-    authorization: Optional[str] = Header(None),
     token: Optional[str] = Query(
         None, description="Access token (alternative to Authorization header)"
     ),
@@ -15,17 +16,28 @@ async def get_token(
     Extract token from Authorization header or query parameter
     Supports both methods for better compatibility with various clients
     """
     # First try to get token from Authorization header
-    if authorization:
-        if authorization.startswith("Bearer "):
-            return authorization.replace("Bearer ", "")
         else:
             # If it doesn't have Bearer prefix, use as is
-            return authorization
     # Then try to get token from query parameter
     if token:
-        return token
     # If no token is provided, raise an error
     raise HTTPException(

+from fastapi import Depends, HTTPException, status, Header, Query, Request
 from typing import Optional
 from database import get_users
 from models import User, UserInDB
 async def get_token(
+    request: Request,
+    authorization: Optional[str] = Header(None, convert_underscores=False),
     token: Optional[str] = Query(
         None, description="Access token (alternative to Authorization header)"
     ),
     Extract token from Authorization header or query parameter
     Supports both methods for better compatibility with various clients
     """
+    # Debug headers
+    headers = dict(request.headers)
+    print(f"All headers: {headers}")
+    print(f"Authorization header from param: {authorization}")
+    auth_header = headers.get("authorization") or headers.get("Authorization")
+    print(f"Authorization header from request: {auth_header}")
     # First try to get token from Authorization header
+    if authorization or auth_header:
+        # Use the authorization from parameter or from request headers
+        auth = authorization or auth_header
+        # Handle "Bearer" prefix if present
+        if auth.startswith("Bearer "):
+            return auth.replace("Bearer ", "").strip()
         else:
             # If it doesn't have Bearer prefix, use as is
+            return auth.strip()
     # Then try to get token from query parameter
     if token:
+        return token.strip()
     # If no token is provided, raise an error
     raise HTTPException(

main.py CHANGED Viewed

@@ -4,6 +4,7 @@ from fastapi import FastAPI
 import uvicorn
 import traceback
 from contextlib import asynccontextmanager
 current_dir = os.path.dirname(os.path.abspath(__file__))
 sys.path.append(current_dir)
@@ -51,6 +52,16 @@ app = FastAPI(
     # Removed root_path since HF Spaces already handles it
 )
 # Include Routers
 app.include_router(health.router, tags=["Health"])
 app.include_router(auth.router, tags=["Authentication"])

 import uvicorn
 import traceback
 from contextlib import asynccontextmanager
+from fastapi.middleware.cors import CORSMiddleware
 current_dir = os.path.dirname(os.path.abspath(__file__))
 sys.path.append(current_dir)
     # Removed root_path since HF Spaces already handles it
 )
+# Configure CORS
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],  # Allows all origins
+    allow_credentials=True,
+    allow_methods=["*"],  # Allows all methods
+    allow_headers=["*"],  # Allows all headers
+    expose_headers=["*"],  # Expose all headers
+)
 # Include Routers
 app.include_router(health.router, tags=["Health"])
 app.include_router(auth.router, tags=["Authentication"])