feat(auth): integrate Google OAuth2 and secure cookie management

- Configured CORS middleware to allow cross-origin requests from the frontend.
- Implemented Google OAuth2 login flow and post-auth frontend redirection.
- Managed secure HTTP-only cookies for access, refresh, and state tokens.
This commit is contained in:
2026-05-19 23:55:03 +08:00
parent 2b5e193046
commit c68d88b8c1
2 changed files with 67 additions and 11 deletions
+15
View File
@@ -1,4 +1,6 @@
import os
from fastapi import FastAPI, Depends, HTTPException
from fastapi.middleware.cors import CORSMiddleware
from strawberry import Schema
from strawberry.fastapi import GraphQLRouter
@@ -19,6 +21,19 @@ Base.metadata.create_all(bind=engine)
# 创建 FastAPI 实例
app = FastAPI()
# 获取环境变量字符串,并转成列表
origins_str = os.getenv("CORS_ORIGINS", "http://localhost:3000")
origins = [origin.strip() for origin in origins_str.split(",")]
# 配置 CORS 中间件,允许前端访问
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
# 组装 GraphQL Schema
schema = Schema(query=Query, mutation=Mutation)