Spaces:

MikePGxAI
/

PA

Sleeping

MikePGxAI commited on Dec 24, 2025

Commit

11fad67

verified ·

1 Parent(s): 464eed6

Update app.py

Files changed (1) hide show

app.py CHANGED Viewed

@@ -1,9 +1,11 @@
 import os
 import tempfile
-from fastapi import FastAPI, UploadFile, File
 from fastapi.middleware.cors import CORSMiddleware
 from openai import OpenAI
 app = FastAPI()
 app.add_middleware(
@@ -16,11 +18,29 @@ app.add_middleware(
 client = OpenAI(api_key=os.environ["OPENAI_API_KEY"])
 @app.post("/v1/stt")
 async def stt(
     audio: UploadFile = File(...),
-    metadata: str | None = None
 ):
     with tempfile.NamedTemporaryFile(suffix=".m4a") as tmp:
         tmp.write(await audio.read())
         tmp.flush()

 import os
 import tempfile
+from fastapi import FastAPI, UploadFile, File, Header, HTTPException
 from fastapi.middleware.cors import CORSMiddleware
 from openai import OpenAI
+APP_SHARED_SECRET = os.environ.get("APP_SHARED_SECRET", "")
 app = FastAPI()
 app.add_middleware(
 client = OpenAI(api_key=os.environ["OPENAI_API_KEY"])
+def require_secret(x_app_secret: str | None) -> None:
+    if APP_SHARED_SECRET and x_app_secret != APP_SHARED_SECRET:
+        raise HTTPException(status_code=401, detail="Unauthorized")
+@app.post("/v1/session")
+async def session(x_app_secret: str | None = Header(default=None)):
+    require_secret(x_app_secret)
+    return {
+        "token": "hf-dev",
+        "expiresAt": None,
+        "requestId": None
+    }
 @app.post("/v1/stt")
 async def stt(
     audio: UploadFile = File(...),
+    metadata: str | None = None,
+    x_app_secret: str | None = Header(default=None)
 ):
+    require_secret(x_app_secret)
     with tempfile.NamedTemporaryFile(suffix=".m4a") as tmp:
         tmp.write(await audio.read())
         tmp.flush()