LLM/DocsGPT
1
0
Fork 0
mirror of https://github.com/arc53/DocsGPT.git synced 2026-01-20 14:00:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: implement internal API authentication mechanism

Browse Source
This commit is contained in:
Alex
2025-12-04 15:52:45 +00:00
parent 9b9f95710a
commit e68da34c13
5 changed files with 23 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
application/api/internal/routes.py
View File

@@ -1,7 +1,7 @@
import os
import datetime
import json
from flask import Blueprint, request, send_from_directory
from flask import Blueprint, request, send_from_directory, jsonify
from werkzeug.utils import secure_filename
from bson.objectid import ObjectId
import logging
@@ -24,6 +24,16 @@ current_dir = os.path.dirname(
internal = Blueprint("internal", __name__)
@internal.before_request
def verify_internal_key():
"""Verify INTERNAL_KEY for all internal endpoint requests."""
if settings.INTERNAL_KEY:
internal_key = request.headers.get("X-Internal-Key")
if not internal_key or internal_key != settings.INTERNAL_KEY:
logger.warning(f"Unauthorized internal API access attempt from {request.remote_addr}")
return jsonify({"error": "Unauthorized", "message": "Invalid or missing internal key"}), 401
@internal.route("/api/download", methods=["get"])
def download_file():
user = secure_filename(request.args.get("user"))