Added middleware

marcelomizuno · marcelomizuno · commit bac2fded78ee · 2025-04-07T17:35:31.000-03:00
diff --git a/backend/app/api/routes/utils.py b/backend/app/api/routes/utils.py
@@ -29,3 +29,18 @@ def test_email(email_to: EmailStr) -> Message:
 @router.get("/health-check/")
 async def health_check() -> bool:
     return True
+
+
+@router.get("/cors-debug", tags=["utils"], response_model=dict)
+def cors_debug() -> dict:
+    """
+    Endpoint for debugging CORS settings
+    """
+    from app.core.config import settings
+    
+    return {
+        "cors_origins": settings.BACKEND_CORS_ORIGINS,
+        "all_cors_origins": settings.all_cors_origins,
+        "frontend_host": settings.FRONTEND_HOST,
+        "environment": settings.ENVIRONMENT,
+    }
diff --git a/backend/app/core/middleware.py b/backend/app/core/middleware.py
@@ -0,0 +1,73 @@
+import logging
+from typing import Callable
+
+from fastapi import FastAPI, Request, Response
+from starlette.middleware.base import BaseHTTPMiddleware
+from starlette.middleware.cors import CORSMiddleware
+from starlette.types import ASGIApp
+
+from app.core.config import settings
+
+logger = logging.getLogger(__name__)
+
+
+class CustomCORSMiddleware(BaseHTTPMiddleware):
+    def __init__(
+        self,
+        app: ASGIApp,
+    ) -> None:
+        super().__init__(app)
+        self.allowed_origins = settings.all_cors_origins
+        logger.info(f"Configured CORS origins: {self.allowed_origins}")
+    
+    async def dispatch(self, request: Request, call_next: Callable) -> Response:
+        origin = request.headers.get("origin", "")
+        logger.info(f"Request from origin: {origin}")
+        
+        # Handle preflight OPTIONS requests explicitly
+        if request.method == "OPTIONS":
+            response = Response(status_code=200)
+            self._set_cors_headers(response, origin)
+            return response
+            
+        # For all other requests, continue with normal processing
+        response = await call_next(request)
+        
+        # Add CORS headers to response
+        self._set_cors_headers(response, origin)
+        
+        return response
+    
+    def _set_cors_headers(self, response: Response, origin: str) -> None:
+        if not origin:
+            return
+            
+        # Force add origin if in production environment
+        if settings.ENVIRONMENT != "local" and origin:
+            response.headers["Access-Control-Allow-Origin"] = origin
+            response.headers["Access-Control-Allow-Credentials"] = "true"
+            response.headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE, OPTIONS"
+            response.headers["Access-Control-Allow-Headers"] = "Authorization, Content-Type, Accept"
+            response.headers["Access-Control-Max-Age"] = "3600"
+            logger.info(f"Added CORS headers for origin: {origin}")
+        elif origin in self.allowed_origins:
+            response.headers["Access-Control-Allow-Origin"] = origin
+            response.headers["Access-Control-Allow-Credentials"] = "true"
+            response.headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE, OPTIONS"
+            response.headers["Access-Control-Allow-Headers"] = "Authorization, Content-Type, Accept"
+            response.headers["Access-Control-Max-Age"] = "3600"
+            logger.info(f"Added CORS headers for origin: {origin}")
+        else:
+            logger.warning(f"Origin not allowed: {origin}")
+
+
+def setup_cors(app: FastAPI) -> None:
+    """Configure CORS for the application."""
+    
+    # Remove any existing CORS middleware
+    app.middleware_stack = app.build_middleware_stack()
+    
+    # Add our custom CORS middleware
+    app.add_middleware(CustomCORSMiddleware)
+    
+    logger.info("Custom CORS middleware configured")
diff --git a/backend/app/main.py b/backend/app/main.py
@@ -1,33 +1,57 @@
-import sentry_sdk
+import logging
+from contextlib import asynccontextmanager
+
 from fastapi import FastAPI
-from fastapi.routing import APIRoute
-from starlette.middleware.cors import CORSMiddleware
+from fastapi.staticfiles import StaticFiles
 
 from app.api.main import api_router
 from app.core.config import settings
+from app.core.middleware import setup_cors
+
+logging.basicConfig(
+    level=logging.INFO,
+    format="%(asctime)s %(levelname)s: %(message)s",
+    datefmt="%Y-%m-%d %H:%M:%S",
+)
+logger = logging.getLogger(__name__)
 
 
-def custom_generate_unique_id(route: APIRoute) -> str:
-    return f"{route.tags[0]}-{route.name}"
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    """
+    Function that runs before the application starts,
+    and again when the application is shutting down.
 
+    For now, just a placeholder, but we can use this to setup
+    database connections, etc.
+    """
+    yield
 
-if settings.SENTRY_DSN and settings.ENVIRONMENT != "local":
-    sentry_sdk.init(dsn=str(settings.SENTRY_DSN), enable_tracing=True)
 
 app = FastAPI(
-    title=settings.PROJECT_NAME,
-    openapi_url=f"{settings.API_V1_STR}/openapi.json",
-    generate_unique_id_function=custom_generate_unique_id,
+    title=settings.PROJECT_NAME, openapi_url=f"{settings.API_V1_STR}/openapi.json", lifespan=lifespan
 )
 
-# Set all CORS enabled origins
-if settings.all_cors_origins:
-    app.add_middleware(
-        CORSMiddleware,
-        allow_origins=settings.all_cors_origins,
-        allow_credentials=True,
-        allow_methods=["*"],
-        allow_headers=["*"],
-    )
+# Use our custom CORS middleware instead of the default FastAPI one
+setup_cors(app)
 
 app.include_router(api_router, prefix=settings.API_V1_STR)
+
+# Mount the static files directory to serve static files
+# app.mount("/static", StaticFiles(directory="static"), name="static")
+
+
+@app.get("/")
+def root():
+    """
+    Root endpoint for health checks
+    """
+    return {"message": "Hello! This is the API root. Go to /docs for API documentation."}
+
+
+@app.get("/health")
+def health_check():
+    """
+    Health check endpoint
+    """
+    return {"status": "ok"}
diff --git a/backend/app/models.py b/backend/app/models.py
@@ -47,6 +47,7 @@ class User(UserBase, table=True):
     id: uuid.UUID = Field(default_factory=uuid.uuid4, primary_key=True)
     hashed_password: str
     items: list["Item"] = Relationship(back_populates="owner", cascade_delete=True)
+    tickets: list["Ticket"] = Relationship(back_populates="user", sa_relationship_kwargs={"cascade": "all, delete-orphan"})
 
 
 # Properties to return via API, id is always required
@@ -208,8 +209,3 @@ class TicketsPublic(SQLModel):
     data: list[TicketPublic]
     count: int
     page: int
-
-
-# Update User model to include tickets relationship
-User.model_rebuild()
-setattr(User, "tickets", Relationship(back_populates="user", sa_relationship_kwargs={"cascade": "all, delete-orphan"}))
diff --git a/backend/app/tests/api/routes/test_tickets.py b/backend/app/tests/api/routes/test_tickets.py
diff --git a/backend/app/tests/utils/ticket.py b/backend/app/tests/utils/ticket.py
