Spaces:
Sleeping
Sleeping
Update app.py
Browse files
app.py
CHANGED
|
@@ -16,13 +16,26 @@ REFRESH_TOKEN_EXPIRATION_DAYS = int(os.getenv("REFRESH_TOKEN_EXPIRATION_DAYS", 7
|
|
| 16 |
ALLOWED_ORIGIN = os.getenv("ALLOWED_ORIGIN")
|
| 17 |
|
| 18 |
|
|
|
|
|
|
|
| 19 |
hashed_password = os.getenv("DUMMY_USER_KEY")
|
| 20 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 21 |
# Fake database of API keys (hashed)
|
| 22 |
API_KEYS_DB = {
|
| 23 |
"user1": hashed_password
|
| 24 |
}
|
| 25 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 26 |
app = FastAPI()
|
| 27 |
|
| 28 |
# Configure CORS for security (allow only trusted frontend)
|
|
|
|
| 16 |
ALLOWED_ORIGIN = os.getenv("ALLOWED_ORIGIN")
|
| 17 |
|
| 18 |
|
| 19 |
+
|
| 20 |
+
# Load environment variables
|
| 21 |
hashed_password = os.getenv("DUMMY_USER_KEY")
|
| 22 |
|
| 23 |
+
if hashed_password:
|
| 24 |
+
# Ensure it's stored as a hashed password (not plain text)
|
| 25 |
+
hashed_password = bcrypt.hashpw(hashed_password.encode(), bcrypt.gensalt()).decode()
|
| 26 |
+
|
| 27 |
# Fake database of API keys (hashed)
|
| 28 |
API_KEYS_DB = {
|
| 29 |
"user1": hashed_password
|
| 30 |
}
|
| 31 |
|
| 32 |
+
def verify_api_key(api_key: str) -> bool:
|
| 33 |
+
"""Check if the provided API key is valid."""
|
| 34 |
+
for hashed_key in API_KEYS_DB.values():
|
| 35 |
+
if hashed_key and bcrypt.checkpw(api_key.encode(), hashed_key.encode()):
|
| 36 |
+
return True
|
| 37 |
+
return False
|
| 38 |
+
|
| 39 |
app = FastAPI()
|
| 40 |
|
| 41 |
# Configure CORS for security (allow only trusted frontend)
|