07dc69217a
- Add specific Netlify frontend domain to allowed origins - Replace wildcard origin with explicit list of allowed origins - Add additional CORS configuration for better performance and security - Expose headers for better API communication
47 lines
1.3 KiB
Python
47 lines
1.3 KiB
Python
from typing import List
|
|
from pydantic import field_validator
|
|
from pydantic_settings import BaseSettings
|
|
from pathlib import Path
|
|
|
|
|
|
class Settings(BaseSettings):
|
|
PROJECT_NAME: str = "E-Commerce API"
|
|
VERSION: str = "0.1.0"
|
|
API_V1_STR: str = "/api/v1"
|
|
ROOT_PATH: str = "" # For deployments behind proxies/subpaths, can be set via env var
|
|
|
|
# CORS Settings
|
|
# List of allowed origins for CORS (Cross-Origin Resource Sharing)
|
|
CORS_ORIGINS: List[str] = [
|
|
"http://localhost",
|
|
"http://localhost:3000",
|
|
"http://localhost:8000",
|
|
"https://exquisite-puppy-b0f53e.netlify.app"
|
|
]
|
|
|
|
@field_validator("CORS_ORIGINS", mode="before")
|
|
@classmethod
|
|
def validate_cors_origins(cls, v):
|
|
if isinstance(v, str) and not v.startswith("["):
|
|
return [i.strip() for i in v.split(",")]
|
|
elif isinstance(v, (list, str)):
|
|
return v
|
|
raise ValueError(v)
|
|
|
|
# JWT Settings
|
|
SECRET_KEY: str = "supersecretkey" # Change in production
|
|
ALGORITHM: str = "HS256"
|
|
ACCESS_TOKEN_EXPIRE_MINUTES: int = 30
|
|
|
|
# Database Settings
|
|
DB_DIR: Path = Path("/app") / "storage" / "db"
|
|
|
|
class Config:
|
|
env_file = ".env"
|
|
case_sensitive = True
|
|
|
|
|
|
settings = Settings()
|
|
|
|
# Ensure DB directory exists
|
|
settings.DB_DIR.mkdir(parents=True, exist_ok=True) |