Spaces:

devcool20
/

SalesDocSpace

Sleeping

App Files Files Community

devcool20 commited on Jun 22

Commit

34f4c74

verified ·

1 Parent(s): f46acd8

Update app.py

Browse files

Files changed (1) hide show

app.py +36 -5

app.py CHANGED Viewed

@@ -1,7 +1,7 @@
 import os
 import sys
 from flask import Flask, request, jsonify
-from flask_cors import CORS # Ensure Flask-CORS is imported
 import numpy as np
 import json
 import google.api_core.exceptions
@@ -18,10 +18,41 @@ load_dotenv()
 app = Flask(__name__)
-# --- CRITICAL FIX: CORS Configuration ---
-# This MUST EXACTLY match your Vercel frontend URL, WITHOUT a trailing slash.
-# We explicitly allow Content-Type and Authorization headers for preflight requests.
-CORS(app, resources={r"/*": {"origins": "https://sales-doc.vercel.app", "allow_headers": ["Content-Type", "Authorization"]}})
 # --- Global Model Instances ---
 sales_agent = None

 import os
 import sys
 from flask import Flask, request, jsonify
+from flask_cors import CORS # Keep this import, but we'll use it differently for now
 import numpy as np
 import json
 import google.api_core.exceptions
 app = Flask(__name__)
+# --- AGGRESSIVE CORS CONFIGURATION ---
+# This attempts to ensure CORS headers are *always* sent.
+# Define your allowed origin explicitly.
+ALLOWED_ORIGIN = "https://sales-doc.vercel.app"
+@app.before_request
+def handle_options_requests():
+    """Handle CORS preflight OPTIONS requests."""
+    if request.method == 'OPTIONS':
+        response = app.make_response('')
+        response.headers.add('Access-Control-Allow-Origin', ALLOWED_ORIGIN)
+        response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization')
+        response.headers.add('Access-Control-Allow-Methods', 'GET,POST,PUT,DELETE,OPTIONS')
+        response.headers.add('Access-Control-Allow-Credentials', 'true') # If your frontend sends credentials
+        response.headers.add('Access-Control-Max-Age', '86400') # Cache preflight for 24 hours
+        print(f"DEBUG: Handling OPTIONS preflight request from {request.origin}")
+        print(f"DEBUG: Setting CORS headers for OPTIONS: {response.headers}")
+        return response
+@app.after_request
+def add_cors_headers(response):
+    """Add CORS headers to all responses."""
+    response.headers.add('Access-Control-Allow-Origin', ALLOWED_ORIGIN)
+    response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization')
+    response.headers.add('Access-Control-Allow-Methods', 'GET,POST,PUT,DELETE,OPTIONS')
+    response.headers.add('Access-Control-Allow-Credentials', 'true')
+    print(f"DEBUG: Adding CORS headers to response for origin {request.origin if request.origin else 'N/A'}")
+    print(f"DEBUG: Response headers: {response.headers}")
+    return response
+# You can comment out the Flask-CORS extension initialization if using manual headers,
+# or keep it if it's not causing conflicts. For this aggressive approach, we'll
+# rely on the manual headers.
+# CORS(app, resources={r"/*": {"origins": ALLOWED_ORIGIN, "allow_headers": ["Content-Type", "Authorization"]}})
 # --- Global Model Instances ---
 sales_agent = None