chore: initialize clean history without secrets
Some checks failed
CI / lint-and-compile (push) Has been cancelled
Some checks failed
CI / lint-and-compile (push) Has been cancelled
This commit is contained in:
root
34
app/auth.py
Normal file
34
app/auth.py
Normal file
@@ -0,0 +1,34 @@
|
||||
from __future__ import annotations
|
||||
|
||||
from fastapi import HTTPException, Request, status
|
||||
|
||||
|
||||
def require_bearer(request: Request, api_keys: list[str]) -> None:
|
||||
if not api_keys:
|
||||
return
|
||||
|
||||
auth = request.headers.get("authorization", "")
|
||||
if not auth.startswith("Bearer "):
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail={
|
||||
"error": {
|
||||
"message": "Missing or invalid Authorization header",
|
||||
"type": "invalid_request_error",
|
||||
"code": "invalid_api_key",
|
||||
}
|
||||
},
|
||||
)
|
||||
|
||||
token = auth[len("Bearer ") :].strip()
|
||||
if token not in api_keys:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail={
|
||||
"error": {
|
||||
"message": "Invalid API key",
|
||||
"type": "invalid_request_error",
|
||||
"code": "invalid_api_key",
|
||||
}
|
||||
},
|
||||
)
|
||||
Reference in New Issue
Block a user