46 lines
1.4 KiB
Python
Executable File
46 lines
1.4 KiB
Python
Executable File
"""
|
|
Linux BenchTools - Security & Authentication
|
|
"""
|
|
|
|
from fastapi import Header, HTTPException, status
|
|
from app.core.config import settings
|
|
|
|
|
|
async def verify_token(authorization: str = Header(None)) -> bool:
|
|
"""
|
|
Verify API token from Authorization header
|
|
Expected format: "Bearer <token>"
|
|
"""
|
|
if not authorization:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Missing authorization header",
|
|
headers={"WWW-Authenticate": "Bearer"},
|
|
)
|
|
|
|
try:
|
|
scheme, token = authorization.split()
|
|
|
|
if scheme.lower() != "bearer":
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Invalid authentication scheme. Expected: Bearer",
|
|
headers={"WWW-Authenticate": "Bearer"},
|
|
)
|
|
|
|
if token != settings.API_TOKEN:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Invalid authentication token",
|
|
headers={"WWW-Authenticate": "Bearer"},
|
|
)
|
|
|
|
return True
|
|
|
|
except ValueError:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Invalid authorization header format. Expected: Bearer <token>",
|
|
headers={"WWW-Authenticate": "Bearer"},
|
|
)
|