Endpoints: Add key permission checker
This is a definite way to check if an authorized key is API or admin. The endpoint only runs if the key is valid in the first place to keep inline with the API's security model. Signed-off-by: kingbri <bdashore3@proton.me>
This commit is contained in:
kingbri
parent
c9a6d9ae1f
commit
3c08f46c51
3 changed files with 51 additions and 2 deletions
|
|
@ -10,6 +10,8 @@ from pydantic import BaseModel
|
|||
from loguru import logger
|
||||
from typing import Optional
|
||||
|
||||
from endpoints.OAI.types.auth import AuthPermissionResponse
|
||||
|
||||
|
||||
class AuthKeys(BaseModel):
|
||||
"""
|
||||
|
|
@ -75,6 +77,18 @@ def load_auth_keys(disable_from_config: bool):
|
|||
)
|
||||
|
||||
|
||||
async def validate_key_permission(test_key: str):
|
||||
if test_key.lower().startswith("bearer"):
|
||||
test_key = test_key.split(" ")[1]
|
||||
|
||||
if AUTH_KEYS.verify_key(test_key, "admin_key"):
|
||||
return AuthPermissionResponse(permission="admin")
|
||||
elif AUTH_KEYS.verify_key(test_key, "api_key"):
|
||||
return AuthPermissionResponse(permission="api")
|
||||
else:
|
||||
raise ValueError("The provided authentication key is invalid.")
|
||||
|
||||
|
||||
async def check_api_key(
|
||||
x_api_key: str = Header(None), authorization: str = Header(None)
|
||||
):
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue