Fix: Directus-Auth via Flask-Proxy (CORS umgehen)

Login und Bildliste laufen jetzt über /api/directus/* statt direkt
zu db.hejyou.com – kein CORS-Problem mehr im Browser.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-04-25 11:28:11 +02:00
parent a392b680d2
commit 278289a380
2 changed files with 48 additions and 5 deletions

44
app.py
View File

@@ -2,12 +2,16 @@ from pathlib import Path
from datetime import datetime
from uuid import uuid4
import json
import urllib.request
import urllib.error
from flask import Flask, send_from_directory, request, jsonify
from flask_cors import CORS
from PIL import Image
import ollama
DIRECTUS_URL = "https://db.hejyou.com"
BASE_DIR = Path(__file__).resolve().parent
PICTURES_DIR = BASE_DIR / "pictures"
OBJECTS_DIR = BASE_DIR / "objects_image"
@@ -34,6 +38,46 @@ def read_prompt(filepath: Path, fallback: str) -> str:
return fallback.strip()
@app.route("/api/directus/auth/login", methods=["POST"])
def directus_auth_login():
"""Proxy: Directus-Login ohne CORS-Probleme."""
try:
body = json.dumps(request.get_json()).encode("utf-8")
req = urllib.request.Request(
f"{DIRECTUS_URL}/auth/login",
data=body,
headers={"Content-Type": "application/json"},
method="POST",
)
with urllib.request.urlopen(req) as resp:
data = json.loads(resp.read().decode("utf-8"))
return jsonify(data)
except urllib.error.HTTPError as e:
data = json.loads(e.read().decode("utf-8"))
return jsonify(data), e.code
except Exception as e:
return jsonify({"errors": [{"message": str(e)}]}), 500
@app.route("/api/directus/pictures", methods=["GET"])
def directus_pictures():
"""Proxy: Directus-Bilder (status=new) ohne CORS-Probleme."""
token = request.headers.get("Authorization", "")
try:
req = urllib.request.Request(
f"{DIRECTUS_URL}/items/pictures?filter[status][_eq]=new&fields=id,media,status&sort=date_created",
headers={"Authorization": token},
)
with urllib.request.urlopen(req) as resp:
data = json.loads(resp.read().decode("utf-8"))
return jsonify(data)
except urllib.error.HTTPError as e:
data = json.loads(e.read().decode("utf-8"))
return jsonify(data), e.code
except Exception as e:
return jsonify({"errors": [{"message": str(e)}]}), 500
@app.route("/api/images", methods=["GET"])
def list_images():
"""

View File

@@ -3,7 +3,7 @@ import type { ObjectMeta, Sentence } from './types'
const DIRECTUS_URL = 'https://db.hejyou.com'
export async function directusLogin(email: string, password: string): Promise<string> {
const res = await fetch(`${DIRECTUS_URL}/auth/login`, {
const res = await fetch('/api/directus/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email, password }),
@@ -20,10 +20,9 @@ export interface DirectusPicture {
}
export async function getDirectusPictures(token: string): Promise<DirectusPicture[]> {
const res = await fetch(
`${DIRECTUS_URL}/items/pictures?filter[status][_eq]=new&fields=id,media,status&sort=date_created`,
{ headers: { Authorization: `Bearer ${token}` } }
)
const res = await fetch('/api/directus/pictures', {
headers: { Authorization: `Bearer ${token}` },
})
if (!res.ok) throw new Error('Fehler beim Laden der Directus-Bilder')
const data = await res.json()
return data.data as DirectusPicture[]