Create auth.py
Browse files
auth.py
ADDED
|
@@ -0,0 +1,37 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
from fastapi import HTTPException, Depends
|
| 2 |
+
from fastapi.security import APIKeyQuery
|
| 3 |
+
from typing import Annotated, Optional
|
| 4 |
+
import os
|
| 5 |
+
import uuid
|
| 6 |
+
|
| 7 |
+
AUTH_TOKEN = os.getenv("AUTH_TOKEN")
|
| 8 |
+
api_key_query = APIKeyQuery(name="token", auto_error=False)
|
| 9 |
+
|
| 10 |
+
async def verify_token(token: Annotated[str, Optional[str], Depends(api_key_query)]):
|
| 11 |
+
if not AUTH_TOKEN:
|
| 12 |
+
raise HTTPException(
|
| 13 |
+
status_code=500,
|
| 14 |
+
detail="AUTH_TOKEN not configured on server"
|
| 15 |
+
)
|
| 16 |
+
|
| 17 |
+
if not token:
|
| 18 |
+
raise HTTPException(
|
| 19 |
+
status_code=401,
|
| 20 |
+
detail="Token is required"
|
| 21 |
+
)
|
| 22 |
+
|
| 23 |
+
try:
|
| 24 |
+
uuid.UUID(token)
|
| 25 |
+
except ValueError:
|
| 26 |
+
raise HTTPException(
|
| 27 |
+
status_code=400,
|
| 28 |
+
detail="Invalid token format. Token must be a valid UUID"
|
| 29 |
+
)
|
| 30 |
+
|
| 31 |
+
if token != AUTH_TOKEN:
|
| 32 |
+
raise HTTPException(
|
| 33 |
+
status_code=401,
|
| 34 |
+
detail="Invalid token"
|
| 35 |
+
)
|
| 36 |
+
|
| 37 |
+
return token
|