theroyallab/tabbyAPI
1
0
Fork 0
mirror of https://github.com/theroyallab/tabbyAPI.git synced 2026-03-15 00:07:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Endpoints: Add key permission checker

Browse Source 
This is a definite way to check if an authorized key is API or admin.
The endpoint only runs if the key is valid in the first place to keep
inline with the API's security model.

Signed-off-by: kingbri <bdashore3@proton.me>
This commit is contained in:
kingbri
2024-03-18 00:45:40 -04:00
parent c9a6d9ae1f
commit 3c08f46c51
3 changed files with 51 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
common/auth.py
View File

@@ -10,6 +10,8 @@ from pydantic import BaseModel
from loguru import logger
from typing import Optional
from endpoints.OAI.types.auth import AuthPermissionResponse
class AuthKeys(BaseModel):
"""
@@ -75,6 +77,18 @@ def load_auth_keys(disable_from_config: bool):
)
async def validate_key_permission(test_key: str):
if test_key.lower().startswith("bearer"):
test_key = test_key.split(" ")[1]
if AUTH_KEYS.verify_key(test_key, "admin_key"):
return AuthPermissionResponse(permission="admin")
elif AUTH_KEYS.verify_key(test_key, "api_key"):
return AuthPermissionResponse(permission="api")
else:
raise ValueError("The provided authentication key is invalid.")
async def check_api_key(
x_api_key: str = Header(None), authorization: str = Header(None)
):