Spaces:
Running
Running
Commit
·
d67404e
1
Parent(s):
a9aa030
moved authentication
Browse files- app/auth.py +13 -2
- app/config.py +1 -16
app/auth.py
CHANGED
|
@@ -1,7 +1,18 @@
|
|
| 1 |
from fastapi import HTTPException, Header, Depends
|
| 2 |
from fastapi.security import APIKeyHeader
|
| 3 |
from typing import Optional
|
| 4 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 5 |
|
| 6 |
# API Key security scheme
|
| 7 |
api_key_header = APIKeyHeader(name="Authorization", auto_error=False)
|
|
@@ -25,7 +36,7 @@ async def get_api_key(authorization: Optional[str] = Header(None)):
|
|
| 25 |
api_key = authorization.replace("Bearer ", "")
|
| 26 |
|
| 27 |
# Validate the API key
|
| 28 |
-
if not
|
| 29 |
raise HTTPException(
|
| 30 |
status_code=401,
|
| 31 |
detail="Invalid API key"
|
|
|
|
| 1 |
from fastapi import HTTPException, Header, Depends
|
| 2 |
from fastapi.security import APIKeyHeader
|
| 3 |
from typing import Optional
|
| 4 |
+
from config import API_KEY # Import API_KEY directly for use in local validation
|
| 5 |
+
|
| 6 |
+
# Function to validate API key (moved from config.py)
|
| 7 |
+
def validate_api_key(api_key_to_validate: str) -> bool:
|
| 8 |
+
"""
|
| 9 |
+
Validate the provided API key against the configured key.
|
| 10 |
+
"""
|
| 11 |
+
if not API_KEY: # API_KEY is imported from config
|
| 12 |
+
# If no API key is configured, authentication is disabled (or treat as invalid)
|
| 13 |
+
# Depending on desired behavior, for now, let's assume if API_KEY is not set, all keys are invalid unless it's an empty string match
|
| 14 |
+
return False # Or True if you want to disable auth when API_KEY is not set
|
| 15 |
+
return api_key_to_validate == API_KEY
|
| 16 |
|
| 17 |
# API Key security scheme
|
| 18 |
api_key_header = APIKeyHeader(name="Authorization", auto_error=False)
|
|
|
|
| 36 |
api_key = authorization.replace("Bearer ", "")
|
| 37 |
|
| 38 |
# Validate the API key
|
| 39 |
+
if not validate_api_key(api_key): # Call local validate_api_key
|
| 40 |
raise HTTPException(
|
| 41 |
status_code=401,
|
| 42 |
detail="Invalid API key"
|
app/config.py
CHANGED
|
@@ -19,19 +19,4 @@ VERTEX_EXPRESS_API_KEY_VAL = os.environ.get("VERTEX_EXPRESS_API_KEY")
|
|
| 19 |
FAKE_STREAMING_ENABLED = os.environ.get("FAKE_STREAMING", "false").lower() == "true"
|
| 20 |
FAKE_STREAMING_INTERVAL_SECONDS = float(os.environ.get("FAKE_STREAMING_INTERVAL", "1.0"))
|
| 21 |
|
| 22 |
-
#
|
| 23 |
-
def validate_api_key(api_key: str) -> bool:
|
| 24 |
-
"""
|
| 25 |
-
Validate the provided API key against the configured key
|
| 26 |
-
|
| 27 |
-
Args:
|
| 28 |
-
api_key: The API key to validate
|
| 29 |
-
|
| 30 |
-
Returns:
|
| 31 |
-
bool: True if the key is valid, False otherwise
|
| 32 |
-
"""
|
| 33 |
-
if not API_KEY:
|
| 34 |
-
# If no API key is configured, authentication is disabled
|
| 35 |
-
return True
|
| 36 |
-
|
| 37 |
-
return api_key == API_KEY
|
|
|
|
| 19 |
FAKE_STREAMING_ENABLED = os.environ.get("FAKE_STREAMING", "false").lower() == "true"
|
| 20 |
FAKE_STREAMING_INTERVAL_SECONDS = float(os.environ.get("FAKE_STREAMING_INTERVAL", "1.0"))
|
| 21 |
|
| 22 |
+
# Validation logic moved to app/auth.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|