theroyallab/tabbyAPI
1
0
Fork 0
mirror of https://github.com/theroyallab/tabbyAPI.git synced 2026-04-27 17:51:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auth: Revert x-admin-key allowance in API key check

Browse Source 
These kinda clash with each other. Use the correct header for the
correct endpoint.

Signed-off-by: kingbri <bdashore3@proton.me>
This commit is contained in:
kingbri
2024-07-11 12:33:06 -04:00
parent dfb4c51d5f
commit 10890913b8
1 changed files with 1 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
common/auth.py
View File

@@ -107,8 +107,7 @@ def get_key_permission(request: Request):
async def check_api_key( async def check_api_key(
x_api_key: str = Header(None), x_api_key: str = Header(None),
x_admin_key: str = Header(None), authorization: str = Header(None)
authorization: str = Header(None),
): ):
"""Check if the API key is valid.""" """Check if the API key is valid."""
@@ -121,11 +120,6 @@ async def check_api_key(
raise HTTPException(401, "Invalid API key") raise HTTPException(401, "Invalid API key")
return x_api_key return x_api_key
if x_admin_key:
if not AUTH_KEYS.verify_key(x_admin_key, "admin_key"):
raise HTTPException(401, "Invalid API key")
return x_admin_key
if authorization: if authorization:
split_key = authorization.split(" ") split_key = authorization.split(" ")
if len(split_key) < 2: if len(split_key) < 2: