- Created a new eveai_chat plugin to support the new dynamic possibilities of the Specialists. Currently only supports standard Rag retrievers (i.e. no extra arguments).

2024-11-26 13:35:29 +01:00
parent 7702a6dfcc
commit 07d89d204f
42 changed files with 1771 additions and 989 deletions
--- a/eveai_api/init.py
+++ b/eveai_api/init.py
@@ -5,10 +5,12 @@ from flask_jwt_extended import get_jwt_identity, verify_jwt_in_request
 from sqlalchemy.exc import SQLAlchemyError
 from werkzeug.exceptions import HTTPException

-from common.extensions import db, api_rest, jwt, minio_client, simple_encryption
+from common.extensions import db, api_rest, jwt, minio_client, simple_encryption, cors
 import os
 import logging.config

+from common.models.user import TenantDomain
+from common.utils.cors_utils import get_allowed_origins
 from common.utils.database import Database
 from config.logging_config import LOGGING
 from .api.document_api import document_ns
@@ -54,7 +56,32 @@ def create_app(config_file=None):
    register_error_handlers(app)

    @app.before_request
-    def before_request():
+    def check_cors():
+        if request.method == 'OPTIONS':
+            app.logger.debug("Handling OPTIONS request")
+            return '', 200  # Allow OPTIONS to pass through
+
+        origin = request.headers.get('Origin')
+        if not origin:
+            return  # Not a CORS request
+
+        # Get tenant ID from request
+        if verify_jwt_in_request():
+            tenant_id = get_jwt_identity()
+            if not tenant_id:
+                return
+        else:
+            return
+
+        # Check if origin is allowed for this tenant
+        allowed_origins = get_allowed_origins(tenant_id)
+
+        if origin not in allowed_origins:
+            app.logger.warning(f'Origin {origin} not allowed for tenant {tenant_id}')
+            return {'error': 'Origin not allowed'}, 403
+
+    @app.before_request
+    def set_tenant_schema():
        # Check if this a health check request
        if request.path.startswith('/_healthz') or request.path.startswith('/healthz'):
            pass
@@ -83,6 +110,17 @@ def register_extensions(app):
    jwt.init_app(app)
    minio_client.init_app(app)
    simple_encryption.init_app(app)
+    cors.init_app(app, resources={
+        r"/api/v1/*": {
+            "origins": "*",
+            "methods": ["GET", "POST", "PUT", "OPTIONS"],
+            "allow_headers": ["Content-Type", "Authorization", "X-Requested-With"],
+            "expose_headers": ["Content-Length", "Content-Range"],
+            "supports_credentials": True,
+            "max_age": 1728000,  # 20 days
+            "allow_credentials": True
+        }
+    })


 def register_namespaces(app):