Server : Apache System : Linux dedi-14684855.grupobig.com 5.14.0-611.49.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Apr 21 16:39:08 EDT 2026 x86_64 User : grupo692 ( 1004) PHP Version : 8.2.31 Disable Function : NONE Directory : /opt/dash_backend_new/app/ |
from dotenv import load_dotenv
load_dotenv()
import os
from fastapi import FastAPI, Depends, Request
from fastapi.middleware.cors import CORSMiddleware
from fastapi.openapi.utils import get_openapi
from .oracle_client import init_oracle_client_once
from .auth import router as auth_router
from .queries import router as vendas_router
from .dashboard import router as dashboard_router
from .unidades import router as unidades_router
from .tenant_oracle_db import get_tenant_context
init_oracle_client_once()
app = FastAPI(
title="DashMobile GrupoBiG",
version="1.0.0",
)
def custom_openapi():
if app.openapi_schema:
return app.openapi_schema
schema = get_openapi(
title=app.title,
version=app.version,
routes=app.routes,
description=(
"API do DashMobile.\n\n"
"✅ Para testar no Swagger:\n"
"1) Clique em Authorize e informe X-Empresa\n"
"2) Faça login em /auth/login e copie o token\n"
"3) Clique em Authorize e informe o token em HTTPBearer (Bearer)\n"
),
)
components = schema.setdefault("components", {})
security_schemes = components.setdefault("securitySchemes", {})
security_schemes["EmpresaHeader"] = {
"type": "apiKey",
"in": "header",
"name": "X-Empresa",
"description": "Código da empresa/tenant. Ex: av7",
}
schema["security"] = [{"EmpresaHeader": []}]
for _, methods in schema.get("paths", {}).items():
for _, operation in methods.items():
if not isinstance(operation, dict):
continue
op_sec = operation.get("security")
if not op_sec:
continue
has_empresa = any(isinstance(sec, dict) and "EmpresaHeader" in sec for sec in op_sec)
if not has_empresa:
op_sec.insert(0, {"EmpresaHeader": []})
operation["security"] = op_sec
app.openapi_schema = schema
return app.openapi_schema
app.openapi = custom_openapi
def _parse_bool(value: str) -> bool:
v = (value or "").strip().lower()
return v in ("1", "true", "yes", "y", "on")
# -----------------------------------------------------------------------------
# CORS configurável por ambiente (DEV pode liberar tudo)
# -----------------------------------------------------------------------------
cors_allow_all = _parse_bool(os.getenv("CORS_ALLOW_ALL", "false"))
cors_origins_env = (os.getenv("CORS_ORIGINS") or "").strip()
default_origins = [
"http://localhost:5010",
"http://127.0.0.1:5010",
"http://localhost",
"http://127.0.0.1",
]
if cors_allow_all:
allow_origins = ["*"]
else:
if cors_origins_env:
allow_origins = [o.strip() for o in cors_origins_env.split(",") if o.strip()]
else:
allow_origins = default_origins
app.add_middleware(
CORSMiddleware,
allow_origins=allow_origins,
allow_credentials=False,
allow_methods=["*"],
allow_headers=["*"],
)
@app.middleware("http")
async def private_network_access_middleware(request: Request, call_next):
response = await call_next(request)
if request.headers.get("access-control-request-private-network") == "true":
response.headers["Access-Control-Allow-Private-Network"] = "true"
return response
@app.get("/health")
def health_check():
return {"status": "ok"}
@app.get("/")
def read_root():
return {"message": "API do DashMobile está rodando."}
app.include_router(auth_router)
app.include_router(vendas_router)
app.include_router(dashboard_router)
app.include_router(unidades_router)
@app.get("/_debug/oracle")
def debug_oracle(ctx=Depends(get_tenant_context)):
return {
"empresa": ctx.empresa,
"unidades": ctx.unidades,
"oracle_ok": True,
"dsn": ctx.oracle_dsn,
}