gitea/checklist
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: Add ALLOWED_ORIGINS to settings with cors_origins property

Browse Source
This commit is contained in:
ronalds
2025-11-18 18:34:19 -03:00
parent 08fc88668d
commit e7a380f36e
3 changed files with 19 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.env.production
View File

@@ -10,8 +10,8 @@ SECRET_KEY=CAMBIAR-CLAVE-SECRETA-MINIMO-32-CARACTERES-SUPER-SEGURA
OPENAI_API_KEY=tu-openai-api-key-aqui OPENAI_API_KEY=tu-openai-api-key-aqui
ENVIRONMENT=production ENVIRONMENT=production
# CORS - Separar múltiples dominios con comas # CORS - URL del FRONTEND (de donde vienen las peticiones)
ALLOWED_ORIGINS=http://checklist-rons-0e8a3a-63dbc4-72-61-106-199.traefik.me,http://checklist-rons-0e8a3a-63dbc4-72-61-106-199.traefik.me ALLOWED_ORIGINS=http://checklist-frontend-n5eten-9cb24a-72-61-106-199.traefik.me
# Frontend - URL del backend en Dockploy # Frontend - Vacío para usar URL relativa con proxy de Nginx
VITE_API_URL=http://checklist-rons-0e8a3a-63dbc4-72-61-106-199.traefik.me VITE_API_URL=

9
backend/app/core/config.py
View File

@@ -16,12 +16,21 @@ class Settings(BaseSettings):
# Environment # Environment
ENVIRONMENT: str = "development" ENVIRONMENT: str = "development"
# CORS - Orígenes permitidos separados por coma
ALLOWED_ORIGINS: str = "http://localhost:3000,http://localhost:5173"
# Uploads # Uploads
UPLOAD_DIR: str = "uploads" UPLOAD_DIR: str = "uploads"
MAX_FILE_SIZE: int = 10 * 1024 * 1024 # 10MB MAX_FILE_SIZE: int = 10 * 1024 * 1024 # 10MB
@property
def cors_origins(self) -> list:
"""Convierte el string de origins separado por comas en una lista"""
return [origin.strip() for origin in self.ALLOWED_ORIGINS.split(",") if origin.strip()]
class Config: class Config:
env_file = ".env" env_file = ".env"
case_sensitive = True case_sensitive = True
extra = "ignore" # Permite variables extras sin error
settings = Settings() settings = Settings()

9
backend/app/main.py
View File

@@ -9,6 +9,7 @@ from datetime import datetime, timedelta
from app.core.database import engine, get_db, Base from app.core.database import engine, get_db, Base
from app.core.security import verify_password, get_password_hash, create_access_token, decode_access_token from app.core.security import verify_password, get_password_hash, create_access_token, decode_access_token
from app.core.config import settings
from app import models, schemas from app import models, schemas
# Crear tablas # Crear tablas
@@ -16,16 +17,18 @@ Base.metadata.create_all(bind=engine)
app = FastAPI(title="Checklist Inteligente API", version="1.0.0") app = FastAPI(title="Checklist Inteligente API", version="1.0.0")
# CORS - Configuración dinámica para desarrollo y producción # CORS - Usar configuración de settings
allowed_origins = os.getenv("ALLOWED_ORIGINS", "http://localhost:5173,http://localhost:3000").split(",")
app.add_middleware( app.add_middleware(
CORSMiddleware, CORSMiddleware,
allow_origins=allowed_origins, allow_origins=settings.cors_origins,
allow_credentials=True, allow_credentials=True,
allow_methods=["*"], allow_methods=["*"],
allow_headers=["*"], allow_headers=["*"],
) )
# Log para debug
print(f"🌐 CORS configured for origins: {settings.cors_origins}")
security = HTTPBearer() security = HTTPBearer()
# Dependency para obtener usuario actual # Dependency para obtener usuario actual