Spaces:
Running
Running
File size: 1,599 Bytes
76db545 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 | """CORS, structured request logging, and rate-limit middleware."""
from __future__ import annotations
import logging
import time
import uuid
from fastapi import FastAPI, Request, Response
from fastapi.middleware.cors import CORSMiddleware
from slowapi import Limiter, _rate_limit_exceeded_handler
from slowapi.errors import RateLimitExceeded
from slowapi.util import get_remote_address
logger = logging.getLogger(__name__)
limiter = Limiter(key_func=get_remote_address, default_limits=["60/minute"])
def register_middleware(app: FastAPI) -> None:
"""Attach all middleware to the FastAPI app."""
# CORS — allow WhatsApp webhook domain and local development
app.add_middleware(
CORSMiddleware,
allow_origins=["*"], # Tighten in production with specific domains
allow_credentials=True,
allow_methods=["GET", "POST"],
allow_headers=["*"],
)
# Rate limiting
app.state.limiter = limiter
app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)
@app.middleware("http")
async def logging_middleware(request: Request, call_next) -> Response:
request_id = str(uuid.uuid4())[:8]
t0 = time.perf_counter()
response = await call_next(request)
elapsed_ms = int((time.perf_counter() - t0) * 1000)
logger.info(
"req_id=%s method=%s path=%s status=%d latency_ms=%d",
request_id, request.method, request.url.path,
response.status_code, elapsed_ms,
)
response.headers["X-Request-ID"] = request_id
return response
|