Fix: Directus-Auth via Flask-Proxy (CORS umgehen)
Login und Bildliste laufen jetzt über /api/directus/* statt direkt zu db.hejyou.com – kein CORS-Problem mehr im Browser. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
44
app.py
44
app.py
@@ -2,12 +2,16 @@ from pathlib import Path
|
||||
from datetime import datetime
|
||||
from uuid import uuid4
|
||||
import json
|
||||
import urllib.request
|
||||
import urllib.error
|
||||
|
||||
from flask import Flask, send_from_directory, request, jsonify
|
||||
from flask_cors import CORS
|
||||
from PIL import Image
|
||||
import ollama
|
||||
|
||||
DIRECTUS_URL = "https://db.hejyou.com"
|
||||
|
||||
BASE_DIR = Path(__file__).resolve().parent
|
||||
PICTURES_DIR = BASE_DIR / "pictures"
|
||||
OBJECTS_DIR = BASE_DIR / "objects_image"
|
||||
@@ -34,6 +38,46 @@ def read_prompt(filepath: Path, fallback: str) -> str:
|
||||
return fallback.strip()
|
||||
|
||||
|
||||
@app.route("/api/directus/auth/login", methods=["POST"])
|
||||
def directus_auth_login():
|
||||
"""Proxy: Directus-Login ohne CORS-Probleme."""
|
||||
try:
|
||||
body = json.dumps(request.get_json()).encode("utf-8")
|
||||
req = urllib.request.Request(
|
||||
f"{DIRECTUS_URL}/auth/login",
|
||||
data=body,
|
||||
headers={"Content-Type": "application/json"},
|
||||
method="POST",
|
||||
)
|
||||
with urllib.request.urlopen(req) as resp:
|
||||
data = json.loads(resp.read().decode("utf-8"))
|
||||
return jsonify(data)
|
||||
except urllib.error.HTTPError as e:
|
||||
data = json.loads(e.read().decode("utf-8"))
|
||||
return jsonify(data), e.code
|
||||
except Exception as e:
|
||||
return jsonify({"errors": [{"message": str(e)}]}), 500
|
||||
|
||||
|
||||
@app.route("/api/directus/pictures", methods=["GET"])
|
||||
def directus_pictures():
|
||||
"""Proxy: Directus-Bilder (status=new) ohne CORS-Probleme."""
|
||||
token = request.headers.get("Authorization", "")
|
||||
try:
|
||||
req = urllib.request.Request(
|
||||
f"{DIRECTUS_URL}/items/pictures?filter[status][_eq]=new&fields=id,media,status&sort=date_created",
|
||||
headers={"Authorization": token},
|
||||
)
|
||||
with urllib.request.urlopen(req) as resp:
|
||||
data = json.loads(resp.read().decode("utf-8"))
|
||||
return jsonify(data)
|
||||
except urllib.error.HTTPError as e:
|
||||
data = json.loads(e.read().decode("utf-8"))
|
||||
return jsonify(data), e.code
|
||||
except Exception as e:
|
||||
return jsonify({"errors": [{"message": str(e)}]}), 500
|
||||
|
||||
|
||||
@app.route("/api/images", methods=["GET"])
|
||||
def list_images():
|
||||
"""
|
||||
|
||||
@@ -3,7 +3,7 @@ import type { ObjectMeta, Sentence } from './types'
|
||||
const DIRECTUS_URL = 'https://db.hejyou.com'
|
||||
|
||||
export async function directusLogin(email: string, password: string): Promise<string> {
|
||||
const res = await fetch(`${DIRECTUS_URL}/auth/login`, {
|
||||
const res = await fetch('/api/directus/auth/login', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({ email, password }),
|
||||
@@ -20,10 +20,9 @@ export interface DirectusPicture {
|
||||
}
|
||||
|
||||
export async function getDirectusPictures(token: string): Promise<DirectusPicture[]> {
|
||||
const res = await fetch(
|
||||
`${DIRECTUS_URL}/items/pictures?filter[status][_eq]=new&fields=id,media,status&sort=date_created`,
|
||||
{ headers: { Authorization: `Bearer ${token}` } }
|
||||
)
|
||||
const res = await fetch('/api/directus/pictures', {
|
||||
headers: { Authorization: `Bearer ${token}` },
|
||||
})
|
||||
if (!res.ok) throw new Error('Fehler beim Laden der Directus-Bilder')
|
||||
const data = await res.json()
|
||||
return data.data as DirectusPicture[]
|
||||
|
||||
Reference in New Issue
Block a user