Skip to content

Commit

Permalink
remove API key auth from /admin
Browse files Browse the repository at this point in the history
  • Loading branch information
nicola-corbellini committed Sep 9, 2023
1 parent 28d77fb commit 9a6d923
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 6 deletions.
8 changes: 7 additions & 1 deletion core/cat/api_auth.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
import os
import fnmatch

from fastapi import Request
from fastapi import Security, HTTPException
from fastapi.security.api_key import APIKeyHeader

Expand All @@ -15,13 +17,15 @@
api_key_header = APIKeyHeader(name="access_token", auto_error=False)


def check_api_key(api_key: str = Security(api_key_header)) -> None | str:
def check_api_key(request: Request, api_key: str = Security(api_key_header)) -> None | str:
"""Authenticate endpoint.
Check the provided key is available in API keys list.
Parameters
----------
request : Request
HTTP request.
api_key : str
API keys to be checked.
Expand All @@ -38,6 +42,8 @@ def check_api_key(api_key: str = Security(api_key_header)) -> None | str:
"""
if not API_KEY:
return None
if fnmatch.fnmatch(request.url.path, "/admin*"):
return None
if api_key in API_KEY:
return api_key
else:
Expand Down
7 changes: 4 additions & 3 deletions core/cat/main.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,12 +34,14 @@ async def lifespan(app: FastAPI):

yield


def custom_generate_unique_id(route: APIRoute):
return f"{route.name}"


# REST API
cheshire_cat_api = FastAPI(
lifespan=lifespan,
lifespan=lifespan,
dependencies=[Depends(check_api_key)],
generate_unique_id_function=custom_generate_unique_id
)
Expand All @@ -66,7 +68,6 @@ def custom_generate_unique_id(route: APIRoute):
cheshire_cat_api.include_router(upload.router, tags=["Rabbit Hole"], prefix="/rabbithole")
cheshire_cat_api.include_router(websocket.router, tags=["Websocket"])


# mount static files
# this cannot be done via fastapi.APIrouter:
# https://github.com/tiangolo/fastapi/discussions/9070
Expand Down Expand Up @@ -95,7 +96,7 @@ async def validation_exception_handler(request, exc):

# RUN!
if __name__ == "__main__":

# debugging utilities, to deactivate put `DEBUG=false` in .env
debug_config = {}
if os.getenv("DEBUG", "true") == "true":
Expand Down
1 change: 0 additions & 1 deletion core/cat/routes/static/admin.py
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ def get_injected_admin():
"CORE_HOST": os.getenv("CORE_HOST"),
"CORE_PORT": os.getenv("CORE_PORT"),
"CORE_USE_SECURE_PROTOCOLS": os.getenv("CORE_USE_SECURE_PROTOCOLS"),
"API_KEY": os.getenv("API_KEY"),
})

# the admin sttic build is created during docker build from this repo:
Expand Down
3 changes: 2 additions & 1 deletion core/cat/routes/websocket.py
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import traceback
import asyncio

from fastapi import APIRouter, WebSocket, WebSocketDisconnect
from fastapi import APIRouter, WebSocketDisconnect, WebSocket
from cat.log import log
from fastapi.concurrency import run_in_threadpool

Expand All @@ -24,6 +24,7 @@ async def connect(self, websocket: WebSocket):
"""
Accept the incoming WebSocket connection and add it to the active connections list.
"""

await websocket.accept()
self.active_connections.append(websocket)

Expand Down

0 comments on commit 9a6d923

Please sign in to comment.