feat(auth): integrate Google OAuth2 and secure cookie management
- Configured CORS middleware to allow cross-origin requests from the frontend. - Implemented Google OAuth2 login flow and post-auth frontend redirection. - Managed secure HTTP-only cookies for access, refresh, and state tokens.
This commit is contained in:
+15
@@ -1,4 +1,6 @@
|
||||
import os
|
||||
from fastapi import FastAPI, Depends, HTTPException
|
||||
from fastapi.middleware.cors import CORSMiddleware
|
||||
from strawberry import Schema
|
||||
from strawberry.fastapi import GraphQLRouter
|
||||
|
||||
@@ -19,6 +21,19 @@ Base.metadata.create_all(bind=engine)
|
||||
# 创建 FastAPI 实例
|
||||
app = FastAPI()
|
||||
|
||||
# 获取环境变量字符串,并转成列表
|
||||
origins_str = os.getenv("CORS_ORIGINS", "http://localhost:3000")
|
||||
origins = [origin.strip() for origin in origins_str.split(",")]
|
||||
|
||||
# 配置 CORS 中间件,允许前端访问
|
||||
app.add_middleware(
|
||||
CORSMiddleware,
|
||||
allow_origins=origins,
|
||||
allow_credentials=True,
|
||||
allow_methods=["*"],
|
||||
allow_headers=["*"],
|
||||
)
|
||||
|
||||
# 组装 GraphQL Schema
|
||||
schema = Schema(query=Query, mutation=Mutation)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user