import logging from contextlib import asynccontextmanager from fastapi import FastAPI from fastapi.middleware.cors import CORSMiddleware from slowapi import _rate_limit_exceeded_handler from slowapi.errors import RateLimitExceeded from slowapi.middleware import SlowAPIMiddleware from app.config import settings from app.database import close_db, init_db from app.middleware.rate_limiter import limiter from app.routers import auth, health, history, scan, apikey, report, code_scan from app.routers import scheduled_scans from app.services.scheduler import start_scheduler, stop_scheduler logging.basicConfig( level=logging.DEBUG if settings.debug else logging.INFO, format="%(asctime)s | %(levelname)-8s | %(name)s | %(message)s", ) logger = logging.getLogger(__name__) @asynccontextmanager async def lifespan(app: FastAPI): import app.models # noqa: F401 — register models with Base.metadata await init_db() logger.info("Database initialized") start_scheduler() yield stop_scheduler() await close_db() logger.info("Database connection closed") def create_app() -> FastAPI: application = FastAPI( title=settings.app_name, version=settings.app_version, docs_url="/docs" if settings.debug else None, redoc_url="/redoc" if settings.debug else None, lifespan=lifespan, ) application.state.limiter = limiter application.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler) application.add_middleware(SlowAPIMiddleware) application.add_middleware( CORSMiddleware, allow_origins=settings.cors_origin_list, allow_credentials=True, allow_methods=["*"], allow_headers=["*"], ) application.include_router(health.router) application.include_router(auth.router) application.include_router(scan.router) application.include_router(history.router) application.include_router(apikey.router) application.include_router(report.router) application.include_router(code_scan.router) application.include_router(scheduled_scans.router) logger.info(f"{settings.app_name} v{settings.app_version} initialized") return application app = create_app()