from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from app.config import settings
from app.db import init_db
from app.routers import auth, dashboard, assessments, evidence, risks, policies, suppliers, questionnaires, reports

app = FastAPI(title="SecureFlow API", version="0.1.0", description="Cybersecurity readiness and compliance alignment SaaS. SecureFlow does not certify compliance.")
app.add_middleware(CORSMiddleware, allow_origins=[o.strip() for o in settings.cors_origins.split(',')], allow_credentials=True, allow_methods=["*"], allow_headers=["*"])
for r in [auth.router,dashboard.router,assessments.router,evidence.router,risks.router,policies.router,suppliers.router,questionnaires.router,reports.router]:
    app.include_router(r, prefix="/api")
@app.on_event("startup")
def startup():
    init_db()
@app.get("/health")
def health(): return {"ok": True}