Spaces:
Running
Running
Update app.py
Browse files
app.py
CHANGED
|
@@ -9,7 +9,6 @@ AUTH_HEADER = os.environ.get("AUTH_HEADER")
|
|
| 9 |
|
| 10 |
async def is_session_valid(session_token: str) -> bool:
|
| 11 |
async with httpx.AsyncClient() as client:
|
| 12 |
-
print(session_token)
|
| 13 |
resp = await client.get(
|
| 14 |
f"{BACKEND_URL}/user/session",
|
| 15 |
params={"token": session_token},
|
|
@@ -30,12 +29,12 @@ async def proxy(full_path: str, request: Request):
|
|
| 30 |
if user_auth and user_auth.lower().startswith("bearer "):
|
| 31 |
session_token = user_auth.split(" ", 1)[1]
|
| 32 |
|
| 33 |
-
# Valida sessão, exceto para rotas públicas
|
| 34 |
if full_path not in ["user/login", "user/register", "user/session"]:
|
| 35 |
if not session_token or not await is_session_valid(session_token):
|
| 36 |
return Response(content="Não autorizado", status_code=401)
|
| 37 |
|
| 38 |
-
# Copia headers originais e
|
| 39 |
headers = dict(request.headers)
|
| 40 |
headers["Authorization"] = AUTH_HEADER
|
| 41 |
for h in ["host", "content-length", "accept-encoding", "connection"]:
|
|
|
|
| 9 |
|
| 10 |
async def is_session_valid(session_token: str) -> bool:
|
| 11 |
async with httpx.AsyncClient() as client:
|
|
|
|
| 12 |
resp = await client.get(
|
| 13 |
f"{BACKEND_URL}/user/session",
|
| 14 |
params={"token": session_token},
|
|
|
|
| 29 |
if user_auth and user_auth.lower().startswith("bearer "):
|
| 30 |
session_token = user_auth.split(" ", 1)[1]
|
| 31 |
|
| 32 |
+
# Valida sessão, exceto para rotas públicas
|
| 33 |
if full_path not in ["user/login", "user/register", "user/session"]:
|
| 34 |
if not session_token or not await is_session_valid(session_token):
|
| 35 |
return Response(content="Não autorizado", status_code=401)
|
| 36 |
|
| 37 |
+
# Copia headers originais e sobrescreve Authorization com AUTH_HEADER
|
| 38 |
headers = dict(request.headers)
|
| 39 |
headers["Authorization"] = AUTH_HEADER
|
| 40 |
for h in ["host", "content-length", "accept-encoding", "connection"]:
|