SelfPrivacy/selfprivacy-rest-api
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git synced 2024-11-18 08:29:14 +00:00
Code Issues Projects Releases Wiki Activity

Add basic API auth

Browse source
This commit is contained in:
Inex Code 2021-11-16 12:32:10 +02:00
parent 767c504a1d
commit 6c3609f590
1 changed files with 15 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
selfprivacy_api/app.py
View file

@ -1,6 +1,7 @@
#!/usr/bin/env python3
from flask import Flask
from flask import Flask, request, jsonify
from flask_restful import Api
import os
from selfprivacy_api.resources.users import Users
from selfprivacy_api.resources.common import DecryptDisk
@ -10,6 +11,19 @@ def create_app():
app = Flask(__name__)
api = Api(app)
app.config['AUTH_TOKEN'] = os.environ.get('AUTH_TOKEN')
# Check bearer token
@app.before_request
def check_auth():
auth = request.headers.get("Authorization")
if auth is None:
return jsonify({"error": "Missing Authorization header"}), 401
# Check if token is valid
if auth != "Bearer " + app.config['AUTH_TOKEN']:
return jsonify({"error": "Invalid token"}), 401
api.add_resource(Users, "/users")
api.add_resource(DecryptDisk, "/decryptDisk")
from selfprivacy_api.resources.system import api_system