diff options
Diffstat (limited to 'app/check_api_key.py')
| -rw-r--r-- | app/check_api_key.py | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/app/check_api_key.py b/app/check_api_key.py new file mode 100644 index 0000000..d8b92f4 --- /dev/null +++ b/app/check_api_key.py @@ -0,0 +1,22 @@ +import fastapi +from fastapi import Security, HTTPException +from fastapi.security import APIKeyHeader +import sqlalchemy + +from db import engine + +""" +Make sure the provided API key is valid +""" +api_key_header = APIKeyHeader(name="X-API-Key") + +def check_api_key(api_key_header: str = Security(api_key_header)) -> str: + with engine.begin() as conn: + response = conn.execute(sqlalchemy.text("SELECT api_key FROM keys WHERE api_key = :api_key"), {'api_key': api_key_header}).fetchone() + if response: + return response[0] + else: + raise HTTPException( + status_code=fastapi.status.HTTP_401_UNAUTHORIZED, + detail="Invalid or missing API key" + ) |