Build [v1.9.18]
This commit is contained in:
@@ -51,6 +51,20 @@ if server_ip and server_ip != "localhost":
|
||||
if ip_o not in ALLOWED_ORIGINS:
|
||||
ALLOWED_ORIGINS.append(ip_o)
|
||||
|
||||
# [NEW] Add Extra Allowed Origins (Tailscale, VPN, etc.)
|
||||
extra_origins_raw = os.environ.get("EXTRA_ALLOWED_ORIGINS", "")
|
||||
if extra_origins_raw:
|
||||
for extra_ip in [o.strip() for o in extra_origins_raw.split(",") if o.strip()]:
|
||||
# Generate standard combinations for this extra origin
|
||||
ext_combos = [
|
||||
f"http://{extra_ip}:{front_port}",
|
||||
f"https://{extra_ip}:{front_ssl_port}",
|
||||
f"https://{extra_ip}:{back_ssl_port}",
|
||||
]
|
||||
for combo in ext_combos:
|
||||
if combo not in ALLOWED_ORIGINS:
|
||||
ALLOWED_ORIGINS.append(combo)
|
||||
|
||||
log.info(f"CORS allowed origins: {ALLOWED_ORIGINS}")
|
||||
|
||||
# Add CORS middleware FIRST (before rate limiter)
|
||||
|
||||
@@ -20,13 +20,19 @@ limiter = Limiter(key_func=get_remote_address)
|
||||
pwd_context = CryptContext(schemes=["pbkdf2_sha256"], deprecated="auto")
|
||||
|
||||
def get_ldap_config():
|
||||
# Read from root /config directory
|
||||
root_dir = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
|
||||
config_dir = os.path.join(root_dir, "config")
|
||||
config_path = os.path.join(config_dir, "ldap_config.json")
|
||||
# Priority 1: Check in DATA_DIR (for Docker production)
|
||||
config_path = os.path.join(database.DATA_DIR, "config", "ldap_config.json")
|
||||
if os.path.exists(config_path):
|
||||
with open(config_path, "r") as f:
|
||||
return json.load(f)
|
||||
|
||||
# Priority 2: Fallback to source-relative config (for local dev)
|
||||
root_dir = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
|
||||
source_config_path = os.path.join(root_dir, "config", "ldap_config.json")
|
||||
if os.path.exists(source_config_path):
|
||||
with open(source_config_path, "r") as f:
|
||||
return json.load(f)
|
||||
|
||||
return {"ldap_enabled": False}
|
||||
|
||||
def authenticate_ldap(username, password):
|
||||
|
||||
Reference in New Issue
Block a user