Add new frontend - fix 15

gateway/app/middleware/auth.py

@@ -54,6 +54,10 @@ class AuthMiddleware(BaseHTTPMiddleware):
     async def dispatch(self, request: Request, call_next) -> Response:
         """Process request with enhanced authentication"""
         
+        # Skip authentication for OPTIONS requests (CORS preflight)
+        if request.method == "OPTIONS":
+            return await call_next(request)
+        
         # Skip authentication for public routes
         if self._is_public_route(request.url.path):
             return await call_next(request)

gateway/app/routes/auth.py

@@ -44,6 +44,19 @@ class AuthProxy:
     ) -> Response:
         """Forward request to auth service with proper error handling"""
         
+        # Handle OPTIONS requests directly for CORS
+        if request.method == "OPTIONS":
+            return Response(
+                status_code=200,
+                headers={
+                    "Access-Control-Allow-Origin": settings.CORS_ORIGINS_LIST,
+                    "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+                    "Access-Control-Allow-Headers": "Content-Type, Authorization, X-Tenant-ID",
+                    "Access-Control-Allow-Credentials": "true",
+                    "Access-Control-Max-Age": "86400"  # Cache preflight for 24 hours
+                }
+            )
+            
         try:
             # Get auth service URL (with service discovery if available)
             auth_url = await self._get_auth_service_url()