letsbe
/
letsbe-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
letsbe-hub/app/dependencies/admin_auth.py

29 lines
717 B
Python
Raw Blame History

"""Admin authentication dependency."""
import secrets
from typing import Annotated
from fastapi import Header, HTTPException, status
from app.config import settings
def validate_admin_key(
x_admin_api_key: Annotated[str, Header(description="Admin API key")],
) -> str:
"""
Validate the admin API key.
Uses constant-time comparison to prevent timing attacks.
"""
if not secrets.compare_digest(x_admin_api_key, settings.ADMIN_API_KEY):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid admin API key",
)
return x_admin_api_key
# Type alias for dependency injection
AdminKeyDep = Annotated[str, validate_admin_key]
Reference in New Issue View Git Blame Copy Permalink