diff --git a/__pycache__/server.cpython-313.pyc b/__pycache__/server.cpython-313.pyc new file mode 100644 index 0000000..cdecac7 Binary files /dev/null and b/__pycache__/server.cpython-313.pyc differ diff --git a/server.py b/server.py index 1879385..652c740 100644 --- a/server.py +++ b/server.py @@ -1,5 +1,4 @@ from flask import Flask, request, jsonify -from flask_cors import CORS from pymongo import MongoClient from dotenv import load_dotenv import os @@ -7,7 +6,8 @@ import os load_dotenv() app = Flask(__name__) -CORS(app) + +EXPECTED_PASSWORD = "secret_password" uri = os.getenv("MONGO_URI") @@ -19,19 +19,36 @@ def validate_event(event): required_keys = ["@version", "type", "TimeStamp", "data", "@timestamp"] return all(key in event for key in required_keys) -@app.route('/submit', methods=['POST']) +@app.route('/submit', methods=['POST', 'OPTIONS']) def submit_event(): + if request.method == 'OPTIONS': + resp = jsonify() + resp.headers['Access-Control-Allow-Origin'] = '*' + resp.headers['Access-Control-Allow-Methods'] = 'POST, OPTIONS' + resp.headers['Access-Control-Allow-Headers'] = 'Content-Type, X-Password' + return resp try: + + password = request.headers.get('X-Password') + if password != EXPECTED_PASSWORD: + return jsonify({"error": "Неверный пароль"}), 403 + event = request.get_json() if not event or not validate_event(event): - return jsonify({"error": "Неверный формат"}), 400 + resp = jsonify({"error": "Неверный формат"}) + resp.headers['Access-Control-Allow-Origin'] = '*' + return resp, 400 collection.insert_one(event) - return jsonify({"message": "Действие успешно сохранено"}), 200 + resp = jsonify({"message": "Действие успешно сохранено"}) + resp.headers['Access-Control-Allow-Origin'] = '*' + return resp, 200 except Exception as e: - return jsonify({"error": str(e)}), 500 + resp = jsonify({"error": str(e)}) + resp.headers['Access-Control-Allow-Origin'] = '*' + return resp, 500 if __name__ == '__main__': app.run(debug=True, host='0.0.0.0', port=5000) \ No newline at end of file