From c7a6702b0b16c46b046917f9834e7dfe5f55c4b6 Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Sat, 7 Feb 2026 21:09:03 +0000 Subject: [PATCH] feat: add CORS and TrustedHost middlewares to FastAPI app Add `CORSMiddleware` and `TrustedHostMiddleware` to `src/regression_model_template/controller/kafka_app.py` to improve security. Configuration is managed via `ALLOWED_ORIGINS` and `ALLOWED_HOSTS` environment variables. Co-authored-by: lgcorzo <46710567+lgcorzo@users.noreply.github.com> --- .../controller/kafka_app.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/regression_model_template/controller/kafka_app.py b/src/regression_model_template/controller/kafka_app.py index b04c716..714f13c 100644 --- a/src/regression_model_template/controller/kafka_app.py +++ b/src/regression_model_template/controller/kafka_app.py @@ -12,6 +12,8 @@ import uvicorn import pandas as pd from fastapi import FastAPI, HTTPException +from fastapi.middleware.cors import CORSMiddleware +from fastapi.middleware.trustedhost import TrustedHostMiddleware from pydantic import BaseModel from confluent_kafka import Producer, Consumer, KafkaError, Message @@ -29,6 +31,8 @@ DEFAULT_OUTPUT_TOPIC = os.getenv("DEFAULT_OUTPUT_TOPIC", "output_topic") DEFAULT_FASTAPI_HOST = os.getenv("DEFAULT_FASTAPI_HOST", "127.0.0.1") DEFAULT_FASTAPI_PORT = int(os.getenv("DEFAULT_FASTAPI_PORT", 8100)) +ALLOWED_ORIGINS = os.getenv("ALLOWED_ORIGINS", "*").split(",") +ALLOWED_HOSTS = os.getenv("ALLOWED_HOSTS", "*").split(",") LOGGING_FORMAT = "%(asctime)s - %(levelname)s - %(message)s" @@ -43,6 +47,19 @@ version="1.0.0", ) +# Add Middlewares +app.add_middleware( + CORSMiddleware, + allow_origins=ALLOWED_ORIGINS, + allow_credentials=True, + allow_methods=["*"], + allow_headers=["*"], +) +app.add_middleware( + TrustedHostMiddleware, + allowed_hosts=ALLOWED_HOSTS, +) + # Data Models class PredictionRequest(BaseModel):