feat: Add systemd service, configure API for proxy deployment, and enhance mobile audio playback with token authentication.

qwen3-tts-backend/api/jobs.py

@@ -9,7 +9,9 @@ from slowapi.util import get_remote_address
 
 from core.database import get_db
 from core.config import settings
+from core.security import decode_access_token
 from db.models import Job, JobStatus, User
+from db.crud import get_user_by_username
 from api.auth import get_current_user
 
 logger = logging.getLogger(__name__)
@@ -18,6 +20,42 @@ router = APIRouter(prefix="/jobs", tags=["jobs"])
 limiter = Limiter(key_func=get_remote_address)
 
 
+async def get_user_from_token_or_query(
+    request: Request,
+    token: Optional[str] = Query(None),
+    db: Session = Depends(get_db)
+) -> User:
+    auth_token = None
+
+    auth_header = request.headers.get("Authorization")
+    if auth_header and auth_header.startswith("Bearer "):
+        auth_token = auth_header.split(" ")[1]
+    elif token:
+        auth_token = token
+
+    if not auth_token:
+        raise HTTPException(
+            status_code=401,
+            detail="Missing authentication token"
+        )
+
+    username = decode_access_token(auth_token)
+    if username is None:
+        raise HTTPException(
+            status_code=401,
+            detail="Invalid or expired token"
+        )
+
+    user = get_user_by_username(db, username=username)
+    if user is None:
+        raise HTTPException(
+            status_code=401,
+            detail="User not found"
+        )
+
+    return user
+
+
 @router.get("/{job_id}")
 @limiter.limit("30/minute")
 async def get_job(
@@ -140,7 +178,7 @@ async def delete_job(
 async def download_job_output(
     request: Request,
     job_id: int,
-    current_user: User = Depends(get_current_user),
+    current_user: User = Depends(get_user_from_token_or_query),
     db: Session = Depends(get_db)
 ):
     job = db.query(Job).filter(Job.id == job_id).first()

qwen3-tts-backend/config.py

@@ -12,7 +12,7 @@ class Settings(BaseSettings):
     DATABASE_URL: str = Field(default="sqlite:///./qwen_tts.db")
     CACHE_DIR: str = Field(default="./voice_cache")
     OUTPUT_DIR: str = Field(default="./outputs")
-    BASE_URL: str = Field(default="http://localhost:8000")
+    BASE_URL: str = Field(default="")
 
     MODEL_DEVICE: str = Field(default="cuda:0")
     MODEL_BASE_PATH: str = Field(default="../Qwen")

qwen3-tts-backend/main.py

@@ -119,13 +119,14 @@ app = FastAPI(
 app.state.limiter = limiter
 app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)
 
-app.add_middleware(
-    CORSMiddleware,
-    allow_origins=["*"],
-    allow_credentials=True,
-    allow_methods=["*"],
-    allow_headers=["*"],
-)
+if settings.LOG_LEVEL == "debug":
+    app.add_middleware(
+        CORSMiddleware,
+        allow_origins=["http://localhost:5173", "http://127.0.0.1:5173"],
+        allow_credentials=True,
+        allow_methods=["*"],
+        allow_headers=["*"],
+    )
 
 app.include_router(auth.router)
 app.include_router(jobs.router)