Spaces:
Running
Running
Update app.py
Browse files
app.py
CHANGED
|
@@ -23,18 +23,7 @@ async def is_session_valid(session_token: str) -> bool:
|
|
| 23 |
async def proxy(full_path: str, request: Request):
|
| 24 |
url = f"{BACKEND_URL}/{full_path}"
|
| 25 |
|
| 26 |
-
#
|
| 27 |
-
user_auth = request.headers.get("authorization")
|
| 28 |
-
session_token = None
|
| 29 |
-
if user_auth and user_auth.lower().startswith("bearer "):
|
| 30 |
-
session_token = user_auth.split(" ", 1)[1]
|
| 31 |
-
|
| 32 |
-
# Valida sessão, exceto para rotas públicas
|
| 33 |
-
if full_path not in ["user/login", "user/register", "user/session"]:
|
| 34 |
-
if not session_token or not await is_session_valid(session_token):
|
| 35 |
-
return Response(content="Não autorizado", status_code=401)
|
| 36 |
-
|
| 37 |
-
# Copia headers originais e sobrescreve Authorization com AUTH_HEADER
|
| 38 |
headers = dict(request.headers)
|
| 39 |
headers["Authorization"] = AUTH_HEADER
|
| 40 |
|
|
@@ -53,6 +42,7 @@ async def proxy(full_path: str, request: Request):
|
|
| 53 |
params=dict(request.query_params)
|
| 54 |
)
|
| 55 |
|
|
|
|
| 56 |
return Response(
|
| 57 |
content=resp.content,
|
| 58 |
status_code=resp.status_code,
|
|
|
|
| 23 |
async def proxy(full_path: str, request: Request):
|
| 24 |
url = f"{BACKEND_URL}/{full_path}"
|
| 25 |
|
| 26 |
+
# Copia headers originais e adiciona Authorization
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 27 |
headers = dict(request.headers)
|
| 28 |
headers["Authorization"] = AUTH_HEADER
|
| 29 |
|
|
|
|
| 42 |
params=dict(request.query_params)
|
| 43 |
)
|
| 44 |
|
| 45 |
+
# Retorna resposta do backend
|
| 46 |
return Response(
|
| 47 |
content=resp.content,
|
| 48 |
status_code=resp.status_code,
|