22 lines
693 B
Python
22 lines
693 B
Python
from flask import request, jsonify
|
|
from ..config import Config
|
|
from .logger import get_logger
|
|
|
|
logger = get_logger('mirofish.auth')
|
|
|
|
_SKIP_PATHS = {'/health'}
|
|
|
|
|
|
def check_api_key():
|
|
"""Flask before_request handler — enforces X-Api-Key when API_KEY is configured."""
|
|
if not Config.API_KEY:
|
|
return # API key auth is disabled; log a warning once at startup instead
|
|
|
|
if request.path in _SKIP_PATHS:
|
|
return
|
|
|
|
provided = request.headers.get('X-Api-Key', '')
|
|
if not provided or provided != Config.API_KEY:
|
|
logger.warning(f"Unauthorized request to {request.method} {request.path}")
|
|
return jsonify({"success": False, "error": "Unauthorized"}), 401
|