Adding CORS headers to the backend

sebasutp · Jul 24, 2024 · 26c5b89 · 26c5b89
1 parent 496b3f0
commit 26c5b89
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 6 deletions.
diff --git a/app/api.py b/app/api.py
@@ -4,14 +4,23 @@
 from typing import Annotated
 
 from fastapi import Body, Depends, FastAPI, HTTPException
+from fastapi.middleware.cors import CORSMiddleware
 from fastapi.security import OAuth2PasswordRequestForm
 from sqlmodel import Session, select
 
 from app.auth import auth_handler
 from app.auth import crypto
 from app import model
 
+
 app_obj = FastAPI()
+app_obj.add_middleware(
+    CORSMiddleware,
+    allow_origins=['*'],
+    allow_credentials=True,  # Set to True if cookies are needed
+    allow_methods=["*"],  # Allow all methods (GET, POST, etc.)
+    allow_headers=["*"],  # Allow all headers
+)
 
 
 @app_obj.on_event("startup")
@@ -48,7 +57,7 @@ async def login(
         A `model.Token` object containing the access token and token type.
     """
     user = model.UserLogin(email=form_data.username,
-                           password=form_data.password)
+                        password=form_data.password)
     db_user = auth_handler.check_and_get_user(user, session)
     if not db_user:
         raise HTTPException(
@@ -61,7 +70,7 @@ async def login(
 async def get_screenshots(
     *,
     session: Session = Depends(model.get_db_session),
-        current_user_id: model.UserId = Depends(auth_handler.get_current_user_id)):
+    current_user_id: model.UserId = Depends(auth_handler.get_current_user_id)):
     """
     Retrieves a list of screenshots owned by the currently authenticated user.
 
@@ -85,11 +94,11 @@ async def get_screenshots(
     return session.exec(statement)
 
 
-@app_obj.get("/screenshots/{id}", tags=["screenshots"], response_model=model.Screenshot)
+@app_obj.get("/screenshots/{screenshot_id}", tags=["screenshots"], response_model=model.Screenshot)
 async def get_single_screenshot(
     *,
     session: Session = Depends(model.get_db_session),
-        screenshot_id: str):
+    screenshot_id: str):
     """
     Retrieves a specific screenshot by its external ID.
 
@@ -123,7 +132,7 @@ async def add_screenshots(
     *,
     session: Session = Depends(model.get_db_session),
     current_user_id: model.UserId = Depends(auth_handler.get_current_user_id),
-        screenshot: model.ScreenshotCreate):
+    screenshot: model.ScreenshotCreate):
     """
     Creates a new screenshot for the currently authenticated user.
 
@@ -157,7 +166,7 @@ async def add_screenshots(
 async def create_user(
     *,
     session: Session = Depends(model.get_db_session),
-        user: model.UserCreate = Body(...)):
+    user: model.UserCreate = Body(...)):
     """
     Creates a new user account.
 

diff --git a/app/model.py b/app/model.py
@@ -44,6 +44,14 @@ class User(UserCreate, table=True):
     id: int = Field(default=None, primary_key=True)
     #screenshots: list["Screenshot"] = Relationship(back_populates="owner")
 
+class ApiTokenCreate(SQLModel):
+    name: str = Field(...)
+    token: str = Field(...)
+
+class ApiToken(ApiTokenCreate, table=True)
+    id: int = Field(default=None, primary_key=True)
+    owner_id: int | None = Field(default=None, foreign_key="user.id")
+
 class ScreenshotCreate(SQLModel):
     url: str = Field(...)
     img: str = Field(...)