CORS troubleshooting

2026-02-10 22:16:37 +08:00
parent 827dfdcaf5
commit 29c9f0139e
2 changed files with 13 additions and 3 deletions
--- a/9
+++ b/9
@@ -1,13 +1,16 @@
 ai-gateway.ldex.dev {
-    # 1. Force CORS headers for every request
+    # 1. Force CORS headers and DELETE duplicates from backend
    header {
+        -Access-Control-Allow-Origin
+        -Access-Control-Allow-Methods
+        -Access-Control-Allow-Headers
        Access-Control-Allow-Origin *
        Access-Control-Allow-Methods "GET, POST, OPTIONS"
        Access-Control-Allow-Headers "*"
        Access-Control-Expose-Headers "*"
    }

-    # 2. Immediately handle OPTIONS requests (the preflight)
+    # 2. Immediately handle OPTIONS requests
    @options {
        method OPTIONS
    }
@@ -15,6 +18,6 @@ ai-gateway.ldex.dev {
        respond "" 204
    }

-    # 3. Proxy everything else to the app
+    # 3. Proxy everything else
    reverse_proxy ai-gateway:8000
 }
--- a/app/api/deps.py
+++ b/app/api/deps.py
@@ -20,6 +20,13 @@ async def get_api_key(
    # Use header if provided, otherwise fallback to query param
    api_key = api_key_h or api_key_q

+    # DEBUG LOGGING FOR 403 TROUBLESHOOTING
+    print(f"DEBUG: Auth Check - Header: {'Yes' if api_key_h else 'No'}, Query: {'Yes' if api_key_q else 'No'}")
+    if api_key:
+        print(f"DEBUG: API Key received (prefix): {api_key[:5]}...")
+    else:
+        print("DEBUG: API Key is MISSING from both header and query params")
+
    if not api_key:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,