✨ feat: cors middleware

Author: Zerohertz

app/core/configs.py

@@ -1,8 +1,9 @@
 from enum import Enum
+from typing import Annotated, List
 
-from pydantic import computed_field
+from pydantic import computed_field, field_validator
 from pydantic_core import MultiHostUrl
-from pydantic_settings import BaseSettings
+from pydantic_settings import BaseSettings, NoDecode
 
 
 class ENVIRONMENT(Enum):
@@ -33,17 +34,28 @@ class Configs(BaseSettings):
     DB_TABLE_CREATE: bool = True
 
     # --------- AUTH SETTINGS --------- #
-    GOOGLE_OAUTH_CLIENT_ID: str
-    GOOGLE_OAUTH_CLIENT_SECRET: str
-    GITHUB_OAUTH_CLIENT_ID: str
-    GITHUB_OAUTH_CLIENT_SECRET: str
+    ALLOW_ORIGINS: Annotated[List[str], NoDecode] = []
+
+    @field_validator("ALLOW_ORIGINS", mode="before")
+    @classmethod
+    def allow_origins(cls, value: str) -> List[str]:
+        if value:
+            return value.split(",")
+        return []
+
     # openssl rand -hex 32
     JWT_SECRET_KEY: str
     JWT_ALGORITHM: str
+
     ADMIN_NAME: str
     ADMIN_EMAIL: str
     ADMIN_PASSWORD: str
 
+    GOOGLE_OAUTH_CLIENT_ID: str
+    GOOGLE_OAUTH_CLIENT_SECRET: str
+    GITHUB_OAUTH_CLIENT_ID: str
+    GITHUB_OAUTH_CLIENT_SECRET: str
+
     @property
     def DB_SCHEME(self) -> str:
         if self.DB_DRIVER:

app/main.py

@@ -1,4 +1,5 @@
 from fastapi import FastAPI
+from fastapi.middleware.cors import CORSMiddleware
 from fastapi.openapi.docs import (
     get_swagger_ui_html,
     get_swagger_ui_oauth2_redirect_html,
@@ -32,8 +33,20 @@
 app.mount("/static", StaticFiles(directory="static"), name="static")
 for routers in [v1_routers]:
     app.include_router(routers)
-for middleware in [SessionMiddleware, LoggingMiddleware]:
-    app.add_middleware(middleware)
+for middleware, kwargs in [
+    (SessionMiddleware, {}),
+    (
+        CORSMiddleware,
+        dict(
+            allow_origins=configs.ALLOW_ORIGINS,
+            allow_methods=("GET", "POST", "PUT", "DELETE", "OPTIONS"),
+            allow_headers=("Authorization", "Content-Type"),
+            allow_credentials=True,
+        ),
+    ),
+    (LoggingMiddleware, {}),
+]:
+    app.add_middleware(middleware, **kwargs)
 
 
 @app.get("/docs", include_in_schema=False)

k8s/postgresql/configmap.yaml

@@ -11,6 +11,7 @@ data:
     TZ="Asia/Seoul"
     DB_ECHO=true
     DB_TABLE_CREATE=true
+    ALLOW_ORIGINS=http://localhost:5173,https://svelte-cookbook.vercel.app
   prod.env: |
     PORT="8000"
     PROJECT_NAME="Zerohertz's FastAPI Cookbook (prod)"