pre remote host

This commit is contained in:
CaffeineFueled 2025-06-08 22:13:26 +02:00
parent 9569f90aba
commit 86d66717c1
6 changed files with 90 additions and 18 deletions

31
main.py
View file

@ -8,6 +8,11 @@ from datetime import datetime
from pathlib import Path
import re
import bleach
import os
from dotenv import load_dotenv
# Load environment variables
load_dotenv()
# Initialize FastAPI application
app = FastAPI(
@ -20,17 +25,29 @@ app = FastAPI(
INPUT_DIR = Path("input")
INPUT_DIR.mkdir(exist_ok=True) # Create directory if it doesn't exist
# Authentication tokens
INPUT_TOKEN = "input_token_123" # Token for POST endpoints
READ_TOKEN = "read_token_456" # Token for GET endpoints
# Load API keys from environment variables (with fallback for backward compatibility)
INPUT_API_KEYS = [
key.strip() for key in os.getenv("INPUT_API_KEYS", "input_token_123").split(",")
if key.strip()
]
READ_API_KEYS = [
key.strip() for key in os.getenv("READ_API_KEYS", "read_token_456").split(",")
if key.strip()
]
# Validate that we have at least one key for each operation
if not INPUT_API_KEYS:
raise ValueError("At least one INPUT_API_KEY must be configured")
if not READ_API_KEYS:
raise ValueError("At least one READ_API_KEY must be configured")
# Security schemes
input_security = HTTPBearer()
read_security = HTTPBearer()
def verify_input_token(credentials: HTTPAuthorizationCredentials = Depends(input_security)):
"""Verify bearer token for input operations"""
if credentials.credentials != INPUT_TOKEN:
"""Verify bearer token for input operations (supports multiple API keys)"""
if credentials.credentials not in INPUT_API_KEYS:
raise HTTPException(
status_code=401,
detail="Invalid authentication token for input operations"
@ -38,8 +55,8 @@ def verify_input_token(credentials: HTTPAuthorizationCredentials = Depends(input
return credentials
def verify_read_token(credentials: HTTPAuthorizationCredentials = Depends(read_security)):
"""Verify bearer token for read operations"""
if credentials.credentials != READ_TOKEN:
"""Verify bearer token for read operations (supports multiple API keys)"""
if credentials.credentials not in READ_API_KEYS:
raise HTTPException(
status_code=401,
detail="Invalid authentication token for read operations"