Bearer-token auth for API access: keys from the VALID_API_KEYS secret (one per line), constant-time compare, fails closed on missing/invalid Authorization; document gradio_client/raw-HTTP usage dca4d05
nxj18 commited on