Nicolas Cantu
088eab84b7
- Add ia_dev submodule (projects/smart_ide on forge 4nk) - Document APIs, orchestrator, gateway, local-office, rollout - Add systemd/scripts layout; relocate setup scripts - Remove obsolete nginx/enso-only docs from this repo scope
30 lines
874 B
Python
30 lines
874 B
Python
"""API key authentication. No fallback: missing or invalid key returns 401."""
|
|
import logging
|
|
from typing import Annotated
|
|
|
|
from fastapi import Header, HTTPException
|
|
|
|
from app.config import get_api_keys
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
HEADER = "X-API-Key"
|
|
|
|
|
|
def _valid_keys() -> list[str]:
|
|
return get_api_keys()
|
|
|
|
|
|
def require_api_key(
|
|
x_api_key: Annotated[str | None, Header(alias=HEADER)] = None,
|
|
) -> str:
|
|
"""Dependency: validate X-API-Key header and return the key id (same value)."""
|
|
if not x_api_key or not x_api_key.strip():
|
|
logger.warning("Missing %s header", HEADER)
|
|
raise HTTPException(status_code=401, detail="Missing API key")
|
|
key = x_api_key.strip()
|
|
if key not in _valid_keys():
|
|
logger.warning("Invalid API key attempt")
|
|
raise HTTPException(status_code=401, detail="Invalid API key")
|
|
return key
|