Spaces:
Sleeping
Sleeping
| from fastapi import FastAPI, Request, Response, HTTPException, Cookie | |
| from fastapi.responses import JSONResponse | |
| from fastapi.middleware.cors import CORSMiddleware | |
| from typing import Optional | |
| app = FastAPI() | |
| app.add_middleware( | |
| CORSMiddleware, | |
| allow_origins=["https://ancient-time-545042.framer.app"], | |
| allow_credentials=True, | |
| allow_methods=["GET", "POST", "OPTIONS"], | |
| allow_headers=[ | |
| "Content-Type", | |
| "Authorization", | |
| "Access-Control-Allow-Credentials", | |
| "Access-Control-Allow-Origin", | |
| "Access-Control-Allow-Headers", | |
| ], | |
| expose_headers=["Set-Cookie"] | |
| ) | |
| def greet_json(request: Request): | |
| response = JSONResponse(content={ | |
| "Hello": "World!", | |
| "cookies": request.cookies | |
| }) | |
| return response | |
| async def auth(request: Request): | |
| data = await request.json() | |
| if data.get("username") == "admin" and data.get("password") == "password": | |
| # Create response | |
| response = JSONResponse( | |
| content={"message": "Authentication successful"}, | |
| status_code=200 | |
| ) | |
| # Set cookie with correct parameters for cross-origin | |
| response.set_cookie( | |
| key="comfy_session", | |
| value="dummy_session_value", | |
| httponly=True, | |
| secure=True, | |
| samesite="none", # Required for cross-origin | |
| # Don't set domain to allow the cookie to be set on the Framer domain | |
| max_age=1800, # 30 minutes | |
| path="/" | |
| ) | |
| return response | |
| raise HTTPException(status_code=401, detail="Invalid credentials") | |
| def protected_route(comfy_session: Optional[str] = Cookie(None)): | |
| if comfy_session != "dummy_session_value": | |
| raise HTTPException(status_code=401, detail="Unauthorized") | |
| return {"message": "Access granted to protected route"} | |