CORS replacement

server.py

@@ -1,5 +1,4 @@
 from flask import Flask, request, jsonify
-from flask_cors import CORS
 from pymongo import MongoClient
 from dotenv import load_dotenv
 import os
@@ -7,7 +6,8 @@ import os
 load_dotenv()
 
 app = Flask(__name__)
-CORS(app)
+
+EXPECTED_PASSWORD = "secret_password"
 
 uri = os.getenv("MONGO_URI")
 
@@ -19,19 +19,36 @@ def validate_event(event):
     required_keys = ["@version", "type", "TimeStamp", "data", "@timestamp"]
     return all(key in event for key in required_keys)
 
-@app.route('/submit', methods=['POST'])
+@app.route('/submit', methods=['POST', 'OPTIONS'])
 def submit_event():
+    if request.method == 'OPTIONS':
+        resp = jsonify()
+        resp.headers['Access-Control-Allow-Origin'] = '*'
+        resp.headers['Access-Control-Allow-Methods'] = 'POST, OPTIONS'
+        resp.headers['Access-Control-Allow-Headers'] = 'Content-Type, X-Password'
+        return resp
     try:
+
+        password = request.headers.get('X-Password')
+        if password != EXPECTED_PASSWORD:
+            return jsonify({"error": "Неверный пароль"}), 403
+        
         event = request.get_json()
 
         if not event or not validate_event(event):
-            return jsonify({"error": "Неверный формат"}), 400
+            resp = jsonify({"error": "Неверный формат"})
+            resp.headers['Access-Control-Allow-Origin'] = '*'
+            return resp, 400
 
         collection.insert_one(event)
 
-        return jsonify({"message": "Действие успешно сохранено"}), 200
+        resp = jsonify({"message": "Действие успешно сохранено"})
+        resp.headers['Access-Control-Allow-Origin'] = '*'
+        return resp, 200
     except Exception as e:
-        return jsonify({"error": str(e)}), 500
+        resp = jsonify({"error": str(e)})
+        resp.headers['Access-Control-Allow-Origin'] = '*'
+        return resp, 500
     
 if __name__ == '__main__':
     app.run(debug=True, host='0.0.0.0', port=5000)