fix: add HTTPSRedirectMiddleware to prevent mixed content errors

app/main.py

@@ -1,15 +1,27 @@
 """JIRA AI Fixer - Enterprise Issue Analysis Platform."""
 from contextlib import asynccontextmanager
-from fastapi import FastAPI
+from fastapi import FastAPI, Request
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.staticfiles import StaticFiles
-from fastapi.responses import FileResponse
+from fastapi.responses import FileResponse, RedirectResponse
+from starlette.middleware.base import BaseHTTPMiddleware
 import os
 
 from app.core.config import settings
 from app.core.database import init_db
 from app.api import api_router
 
+class HTTPSRedirectMiddleware(BaseHTTPMiddleware):
+    """Force HTTPS in redirects when behind reverse proxy."""
+    async def dispatch(self, request: Request, call_next):
+        response = await call_next(request)
+        # Fix Location header to use HTTPS if behind proxy
+        if response.status_code in (301, 302, 303, 307, 308):
+            location = response.headers.get("location", "")
+            if location.startswith("http://"):
+                response.headers["location"] = location.replace("http://", "https://", 1)
+        return response
+
 @asynccontextmanager
 async def lifespan(app: FastAPI):
     # Startup
@@ -24,9 +36,13 @@ app = FastAPI(
     docs_url="/api/docs",
     redoc_url="/api/redoc",
     openapi_url="/api/openapi.json",
-    lifespan=lifespan
+    lifespan=lifespan,
+    redirect_slashes=False  # Disable automatic slash redirects
 )
 
+# Add HTTPS redirect middleware
+app.add_middleware(HTTPSRedirectMiddleware)
+
 # CORS
 app.add_middleware(
     CORSMiddleware,