password added

README.md

@@ -19,7 +19,7 @@ The application requires the following environment variables to be set:
 
 *   `NOTION_COOKIE`: Your Notion `token_v2` cookie value. This is used for authentication with the Notion API. You can typically find this in your browser's developer tools while logged into Notion.
 *   `NOTION_SPACE_ID`: The ID of your Notion workspace. You can usually find this in the URL when browsing your Notion workspace (it's the part after your domain and before the first page ID, often a UUID).
-*   `PROXY_PASSWORD` (Optional): The password required for HTTP Basic Authentication to access the API endpoints. If not set, it defaults to `123456`.
+*   `PROXY_AUTH_TOKEN` (Optional): The Bearer token required for authentication to access the API endpoints. If not set, it defaults to `default_token`.
 
 ## Running Locally (without Docker)
 
@@ -32,20 +32,20 @@ The application requires the following environment variables to be set:
     ```dotenv
     NOTION_COOKIE="your_cookie_value_here"
     NOTION_SPACE_ID="your_space_id_here"
-    # PROXY_PASSWORD="your_secure_password" # Optional, defaults to 123456
+    # PROXY_AUTH_TOKEN="your_secure_token" # Optional, defaults to default_token
     ```
 4.  Run the application using Uvicorn:
     ```bash
     uvicorn main:app --reload --port 7860
     ```
-    The server will be available at `http://localhost:7860`. You will need to provide the correct password (either the default `123456` or the one set in `.env`) via HTTP Basic Authentication.
+    The server will be available at `http://localhost:7860`. You will need to provide the correct token (either the default `default_token` or the one set in `.env`) via an `Authorization: Bearer <token>` header.
 
 ## Running with Docker Compose (Recommended for Local Dev)
 
 This method uses the `docker-compose.yml` file for a streamlined local development setup. It automatically builds the image if needed and loads environment variables directly from your `.env` file.
 
 1.  Ensure you have Docker and Docker Compose installed.
-2.  Make sure your `.env` file exists in the project root with your `NOTION_COOKIE`, `NOTION_SPACE_ID`, and optionally `PROXY_PASSWORD`. If `PROXY_PASSWORD` is not in the `.env` file, the default `123456` will be used.
+2.  Make sure your `.env` file exists in the project root with your `NOTION_COOKIE`, `NOTION_SPACE_ID`, and optionally `PROXY_AUTH_TOKEN`. If `PROXY_AUTH_TOKEN` is not in the `.env` file, the default `default_token` will be used.
 3.  Run the following command in the project root:
     ```bash
     docker-compose up --build -d
@@ -73,10 +73,10 @@ This method involves building and running the Docker container manually, passing
     docker run -p 7860:7860 \
       -e NOTION_COOKIE="your_cookie_value" \
       -e NOTION_SPACE_ID="your_space_id" \
-      -e PROXY_PASSWORD="your_secure_password" \ # Set your desired password here
+      -e PROXY_AUTH_TOKEN="your_token" \ # Set your desired token here
       notion-api-bridge
     ```
-    The server will be available at `http://localhost:7860` (or whichever host port you mapped to the container's 7860). You will need to use the password provided in the `-e PROXY_PASSWORD` flag for authentication.
+    The server will be available at `http://localhost:7860` (or whichever host port you mapped to the container's 7860). You will need to use the token provided in the `-e PROXY_AUTH_TOKEN` flag via an `Authorization: Bearer <token>` header for authentication.
 
 ## Deploying to Hugging Face Spaces
 
@@ -87,16 +87,17 @@ This application is designed to be easily deployed as a Docker Space on Hugging
 3.  **Add Secrets:** In your Space settings, navigate to the "Secrets" section. Add two secrets:
     *   `NOTION_COOKIE`: Paste your Notion `token_v2` cookie value.
     *   `NOTION_SPACE_ID`: Paste your Notion Space ID.
-    *   `PROXY_PASSWORD`: Paste the desired password for API authentication (e.g., a strong, generated password). If you omit this, the default `123456` will be used, which is **not recommended** for public spaces.
+    *   `PROXY_AUTH_TOKEN`: Paste the desired Bearer token for API authentication (e.g., a strong, generated token). If you omit this, the default `default_token` will be used.
     Hugging Face will securely inject these secrets as environment variables into your running container.
 4.  **Deployment:** Hugging Face Spaces will automatically build the Docker image from your `Dockerfile` and run the container. It detects applications running on port 7860 (as specified in the `Dockerfile` and metadata).
-5.  **Accessing the API:** Once the Space is running, you can access the API endpoint at the Space's public URL, providing the password via HTTP Basic Authentication. The username can be anything (e.g., `user`), but the password must match the `PROXY_PASSWORD` secret you set (or the default `123456`).
+5.  **Accessing the API:** Once the Space is running, you can access the API endpoint at the Space's public URL, providing the token via an `Authorization: Bearer <token>` header. The token must match the `PROXY_AUTH_TOKEN` secret you set (or the default `default_token`).
 
-    **Example using `curl` (replace `your_password` and URL):**
+    **Example using `curl` (replace `your_token` and URL):**
     ```bash
-    # Example for Hugging Face Space
+    # Example for Hugging Face Space (using token from HF Secret)
+    # Replace YOUR_HF_TOKEN with the value you set in the PROXY_AUTH_TOKEN secret
     curl -X POST https://your-username-your-space-name.hf.space/v1/chat/completions \
-      -u user:your_password \
+      -H "Authorization: Bearer YOUR_HF_TOKEN" \
       -H "Content-Type: application/json" \
       -d '{
             "model": "notion-model", # Specify a Notion model like "openai-gpt-4.1"
@@ -105,9 +106,10 @@ This application is designed to be easily deployed as a Docker Space on Hugging
             "notion_model": "openai-gpt-4.1" # Required field for Notion
           }'
 
-    # Example for Localhost (using default password 123456)
+    # Example for Localhost (using default token 'default_token')
+    # If you set a different token in .env or via -e, use that instead.
     curl -X POST http://localhost:7860/v1/chat/completions \
-      -u user:123456 \
+      -H "Authorization: Bearer default_token" \
       -H "Content-Type: application/json" \
       -d '{
             "model": "notion-model",

main.py

@@ -4,7 +4,7 @@ import json
 import time
 import httpx
 from fastapi import FastAPI, Request, HTTPException, Depends, status
-from fastapi.security import HTTPBasic, HTTPBasicCredentials
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
 from fastapi.responses import StreamingResponse
 from dotenv import load_dotenv
 import secrets # Added for secure comparison
@@ -33,19 +33,18 @@ if not NOTION_SPACE_ID:
     NOTION_SPACE_ID = str(uuid.uuid4()) # Default or raise error
 
 # --- Authentication ---
-PROXY_PASSWORD = os.getenv("PROXY_PASSWORD", "123456") # Default password
-security = HTTPBasic()
+EXPECTED_TOKEN = os.getenv("PROXY_AUTH_TOKEN", "default_token") # Default token
+security = HTTPBearer()
 
-def authenticate(credentials: HTTPBasicCredentials = Depends(security)):
-    """Compares provided password with the proxy password."""
-    correct_password = secrets.compare_digest(credentials.password, PROXY_PASSWORD)
-    if not correct_password:
+def authenticate(credentials: HTTPAuthorizationCredentials = Depends(security)):
+    """Compares provided token with the expected token."""
+    correct_token = secrets.compare_digest(credentials.credentials, EXPECTED_TOKEN)
+    if not correct_token:
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Incorrect password",
-            headers={"WWW-Authenticate": "Basic"},
+            detail="Invalid authentication credentials",
+            # WWW-Authenticate header removed for Bearer
         )
-    # Username is ignored as per requirement
     return True # Indicate successful authentication
 
 # --- FastAPI App ---