Merge pull request 'Add basic API auth' (#4) from inex/selfprivacy-rest-api:json-manipulations into master

Reviewed-on: https://git.selfprivacy.org/ilchub/selfprivacy-rest-api/pulls/4
2025-01-05 23:54:19 +00:00 · 2021-11-16 12:35:53 +02:00 · 2021-11-16 12:35:53 +02:00 · 48da8c2228
parent af4907dda5 6c3609f590
commit 48da8c2228
1 changed files with 15 additions and 1 deletions
--- a/selfprivacy_api/app.py
+++ b/selfprivacy_api/app.py
@ -1,6 +1,7 @@
 #!/usr/bin/env python3
-from flask import Flask
+from flask import Flask, request, jsonify
 from flask_restful import Api
+import os

 from selfprivacy_api.resources.users import Users
 from selfprivacy_api.resources.common import DecryptDisk
@ -10,6 +11,19 @@ def create_app():
    app = Flask(__name__)
    api = Api(app)

+    app.config['AUTH_TOKEN'] = os.environ.get('AUTH_TOKEN')
+
+    # Check bearer token
+    @app.before_request
+    def check_auth():
+        auth = request.headers.get("Authorization")
+        if auth is None:
+            return jsonify({"error": "Missing Authorization header"}), 401
+
+        # Check if token is valid
+        if auth != "Bearer " + app.config['AUTH_TOKEN']:
+            return jsonify({"error": "Invalid token"}), 401
+    
    api.add_resource(Users, "/users")
    api.add_resource(DecryptDisk, "/decryptDisk")
    from selfprivacy_api.resources.system import api_system