From b8ebddbe94f90e000b37abcba0faa70b75a26d47 Mon Sep 17 00:00:00 2001
From: gitea_admin <admin@dlytica.com>
Date: Sat, 21 Feb 2026 23:39:03 +0000
Subject: [PATCH] fix: add admin CORS + optional header

---
 app/main.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/app/main.py b/app/main.py
index 6d562bd..08fc2a4 100644
--- a/app/main.py
+++ b/app/main.py
@@ -32,11 +32,14 @@ app.add_middleware(
     allow_origins=[
         f"https://app.{s.DOMAIN}",
         f"https://data.{s.DOMAIN}",
+        f"https://admin.{s.DOMAIN}",
         "http://localhost:3000",
+        "http://localhost:8080",
     ],
     allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"],
+    expose_headers=["*"],
 )
 
 app.include_router(auth.router)