♻️ Refactor and update CORS, remove trailing slash from new Pydantic v2 (#617)

src/backend/app/core/config.py

@@ -16,12 +16,11 @@ class Settings(BaseSettings):
     SECRET_KEY: str = secrets.token_urlsafe(32)
     # 60 minutes * 24 hours * 8 days = 8 days
     ACCESS_TOKEN_EXPIRE_MINUTES: int = 60 * 24 * 8
-    SERVER_NAME: str
     SERVER_HOST: AnyHttpUrl
     # BACKEND_CORS_ORIGINS is a JSON-formatted list of origins
     # e.g: '["http://localhost", "http://localhost:4200", "http://localhost:3000", \
     # "http://localhost:8080", "http://local.dockertoolbox.tiangolo.com"]'
-    BACKEND_CORS_ORIGINS: list[AnyHttpUrl] = []
+    BACKEND_CORS_ORIGINS: list[AnyHttpUrl] | str = []
 
     @field_validator("BACKEND_CORS_ORIGINS", mode="before")
     @classmethod
@@ -38,7 +37,7 @@ class Settings(BaseSettings):
     @field_validator("SENTRY_DSN", mode="before")
     @classmethod
     def sentry_dsn_can_be_blank(cls, v: str) -> str | None:
-        if len(v) == 0:
+        if not v:
             return None
         return v
 
@@ -65,7 +64,8 @@ class Settings(BaseSettings):
     SMTP_HOST: str | None = None
     SMTP_USER: str | None = None
     SMTP_PASSWORD: str | None = None
-    EMAILS_FROM_EMAIL: str | None = None  #TODO: update type to EmailStr when sqlmodel supports it
+    # TODO: update type to EmailStr when sqlmodel supports it
+    EMAILS_FROM_EMAIL: str | None = None
     EMAILS_FROM_NAME: str | None = None
 
     @field_validator("EMAILS_FROM_NAME")
@@ -86,8 +86,10 @@ class Settings(BaseSettings):
             and info.data.get("EMAILS_FROM_EMAIL")
         )
 
-    EMAIL_TEST_USER: str = "test@example.com"  #TODO: update type to EmailStr when sqlmodel supports it
-    FIRST_SUPERUSER: str  #TODO: update type to EmailStr when sqlmodel supports it
+    # TODO: update type to EmailStr when sqlmodel supports it
+    EMAIL_TEST_USER: str = "test@example.com"
+    # TODO: update type to EmailStr when sqlmodel supports it
+    FIRST_SUPERUSER: str
     FIRST_SUPERUSER_PASSWORD: str
     USERS_OPEN_REGISTRATION: bool = False
     model_config = SettingsConfigDict(case_sensitive=True)

src/backend/app/main.py

@@ -20,7 +20,9 @@ app = FastAPI(
 if settings.BACKEND_CORS_ORIGINS:
     app.add_middleware(
         CORSMiddleware,
-        allow_origins=[str(origin) for origin in settings.BACKEND_CORS_ORIGINS],
+        allow_origins=[
+            str(origin).strip("/") for origin in settings.BACKEND_CORS_ORIGINS
+        ],
         allow_credentials=True,
         allow_methods=["*"],
         allow_headers=["*"],