30 lines
812 B
Python
30 lines
812 B
Python
"""CORS and other middleware configuration."""
|
|
|
|
from fastapi import FastAPI
|
|
from fastapi.middleware.cors import CORSMiddleware
|
|
from fastapi.middleware.trustedhost import TrustedHostMiddleware
|
|
|
|
from app.core.config import settings
|
|
|
|
|
|
def setup_middleware(app: FastAPI) -> None:
|
|
"""Configure application middleware."""
|
|
|
|
# CORS middleware
|
|
app.add_middleware(
|
|
CORSMiddleware,
|
|
allow_origins=settings.CORS_ORIGINS,
|
|
allow_credentials=True,
|
|
allow_methods=["*"],
|
|
allow_headers=["*"],
|
|
)
|
|
|
|
# Security headers (optional, add more as needed)
|
|
# Note: TrustedHostMiddleware not added by default in dev
|
|
# Uncomment for production:
|
|
# app.add_middleware(
|
|
# TrustedHostMiddleware,
|
|
# allowed_hosts=["yourdomain.com", "*.yourdomain.com"]
|
|
# )
|
|
|