fix: AppAuthMiddleware add_middleware 重新加回
This commit is contained in:
@@ -400,6 +400,9 @@ class SecurityHeadersMiddleware:
|
|||||||
|
|
||||||
app.add_middleware(SecurityHeadersMiddleware)
|
app.add_middleware(SecurityHeadersMiddleware)
|
||||||
|
|
||||||
|
# AppAuth: protect /app/ HTML pages behind refresh-cookie (standalone, before JWT/DB/CORS)
|
||||||
|
app.add_middleware(AppAuthMiddleware)
|
||||||
|
|
||||||
# F2a-10 / F2d-02: global JWT gate for all /api/* (inside DbSession — uses request.state.db)
|
# F2a-10 / F2d-02: global JWT gate for all /api/* (inside DbSession — uses request.state.db)
|
||||||
app.add_middleware(JwtAuthMiddleware)
|
app.add_middleware(JwtAuthMiddleware)
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user