Update app.py
Browse files
app.py
CHANGED
|
@@ -1,6 +1,6 @@
|
|
| 1 |
"""
|
| 2 |
ORBIT β Flask Application (SaaS Edition)
|
| 3 |
-
Backend: Google OAuth Β· SQLite Β· Multi-provider LLM routing
|
| 4 |
"""
|
| 5 |
import os
|
| 6 |
import json
|
|
@@ -30,6 +30,15 @@ app.config.from_object(Config)
|
|
| 30 |
CORS(app)
|
| 31 |
db.init_app(app)
|
| 32 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 33 |
# ββ OAuth Setup βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
|
| 34 |
oauth = OAuth(app)
|
| 35 |
google = oauth.register(
|
|
@@ -276,7 +285,7 @@ def api_chat():
|
|
| 276 |
headers = {
|
| 277 |
"Content-Type": "application/json",
|
| 278 |
"Authorization": f"Bearer {api_key}",
|
| 279 |
-
"HTTP-Referer": "https://orbit-
|
| 280 |
"X-Title": "ORBIT Educational Assistant",
|
| 281 |
}
|
| 282 |
composed = [{"role": "system", "content": SYSTEM_PROMPT}]
|
|
@@ -428,6 +437,4 @@ if __name__ == "__main__":
|
|
| 428 |
# Cetak info untuk log server
|
| 429 |
print(f"[ORBIT] Starting server on port {port}...")
|
| 430 |
|
| 431 |
-
|
| 432 |
-
# Kita set False secara manual atau pastikan Config.DEBUG di config.py adalah False
|
| 433 |
-
app.run(host="0.0.0.0", port=port, debug=False)
|
|
|
|
| 1 |
"""
|
| 2 |
ORBIT β Flask Application (SaaS Edition)
|
| 3 |
+
Backend: Google OAuth Β· SQLite/PostgreSQL Β· Multi-provider LLM routing
|
| 4 |
"""
|
| 5 |
import os
|
| 6 |
import json
|
|
|
|
| 30 |
CORS(app)
|
| 31 |
db.init_app(app)
|
| 32 |
|
| 33 |
+
# ββ FIX IFRAME & SECURITY HEADERS βββββββββββββββββββββββββββββββββββββββββββ
|
| 34 |
+
@app.after_request
|
| 35 |
+
def add_header(response):
|
| 36 |
+
# Mengizinkan domain .my.id lo untuk membungkus app ini dalam iframe
|
| 37 |
+
response.headers['Content-Security-Policy'] = "frame-ancestors 'self' https://orbit-ai.my.id https://*.my.id"
|
| 38 |
+
# Menghapus batasan X-Frame-Options agar bisa tampil di domain luar
|
| 39 |
+
response.headers.pop('X-Frame-Options', None)
|
| 40 |
+
return response
|
| 41 |
+
|
| 42 |
# ββ OAuth Setup βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
|
| 43 |
oauth = OAuth(app)
|
| 44 |
google = oauth.register(
|
|
|
|
| 285 |
headers = {
|
| 286 |
"Content-Type": "application/json",
|
| 287 |
"Authorization": f"Bearer {api_key}",
|
| 288 |
+
"HTTP-Referer": "https://orbit-ai.my.id",
|
| 289 |
"X-Title": "ORBIT Educational Assistant",
|
| 290 |
}
|
| 291 |
composed = [{"role": "system", "content": SYSTEM_PROMPT}]
|
|
|
|
| 437 |
# Cetak info untuk log server
|
| 438 |
print(f"[ORBIT] Starting server on port {port}...")
|
| 439 |
|
| 440 |
+
app.run(host="0.0.0.0", port=port, debug=False)
|
|
|
|
|
|