From 122eab7394d1759cd43920a86f0d4f2089f5141a Mon Sep 17 00:00:00 2001 From: Kurbanov Bulat Date: Sun, 14 Nov 2021 10:58:52 +0300 Subject: [PATCH] Add API_KEY checking --- fastapi_book_server/app/depends.py | 9 +++++++++ fastapi_book_server/app/views/author.py | 4 +++- fastapi_book_server/app/views/author_annotation.py | 4 +++- fastapi_book_server/app/views/book.py | 2 ++ fastapi_book_server/app/views/book_annotation.py | 4 +++- fastapi_book_server/app/views/sequence.py | 4 +++- fastapi_book_server/app/views/sequence_info.py | 4 +++- fastapi_book_server/app/views/source.py | 2 ++ fastapi_book_server/app/views/translation.py | 4 +++- fastapi_book_server/core/auth.py | 4 ++++ fastapi_book_server/core/config.py | 2 ++ 11 files changed, 37 insertions(+), 6 deletions(-) create mode 100644 fastapi_book_server/app/depends.py create mode 100644 fastapi_book_server/core/auth.py diff --git a/fastapi_book_server/app/depends.py b/fastapi_book_server/app/depends.py new file mode 100644 index 0000000..b99768e --- /dev/null +++ b/fastapi_book_server/app/depends.py @@ -0,0 +1,9 @@ +from fastapi import Security, HTTPException, status + +from core.auth import default_security +from core.config import env_config + + +async def check_token(api_key: str = Security(default_security)): + if api_key != env_config.API_KEY: + raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Wrong api key!") diff --git a/fastapi_book_server/app/views/author.py b/fastapi_book_server/app/views/author.py index 6336ceb..7b06100 100644 --- a/fastapi_book_server/app/views/author.py +++ b/fastapi_book_server/app/views/author.py @@ -8,11 +8,13 @@ from app.models import Author as AuthorDB, AuthorAnnotation as AuthorAnnotationD from app.serializers.author import Author, CreateAuthor, UpdateAuthor, AuthorBook, TranslatedBook from app.serializers.author_annotation import AuthorAnnotation from app.services.author import AuthorTGRMSearchService +from app.depends import check_token author_router = APIRouter( prefix="/api/v1/authors", tags=["author"], + dependencies=[Depends(check_token)], ) @@ -23,7 +25,7 @@ async def get_authors(): ) -@author_router.post("/", response_model=Author) +@author_router.post("/", response_model=Author, dependencies=[Depends(Params)]) async def create_author(data: CreateAuthor): author = await AuthorDB.objects.create( **data.dict() diff --git a/fastapi_book_server/app/views/author_annotation.py b/fastapi_book_server/app/views/author_annotation.py index 21989d4..00f5d5b 100644 --- a/fastapi_book_server/app/views/author_annotation.py +++ b/fastapi_book_server/app/views/author_annotation.py @@ -5,11 +5,13 @@ from fastapi_pagination.ext.ormar import paginate from app.models import AuthorAnnotation as AuthorAnnotationDB from app.serializers.author_annotation import AuthorAnnotation, CreateAuthorAnnotation, UpdateAuthorAnnotation +from app.depends import check_token author_annotation_router = APIRouter( prefix="/api/v1/author_annotations", - tags=["author_annotation"] + tags=["author_annotation"], + dependencies=[Depends(check_token)], ) diff --git a/fastapi_book_server/app/views/book.py b/fastapi_book_server/app/views/book.py index 6f59625..56492e2 100644 --- a/fastapi_book_server/app/views/book.py +++ b/fastapi_book_server/app/views/book.py @@ -9,11 +9,13 @@ from app.utils.pagination import CustomPage from app.models import Book as BookDB, Author as AuthorDB, AuthorAnnotation as AuthorAnnotationDB from app.serializers.book import Book, CreateBook, UpdateBook, CreateRemoteBook from app.services.book import BookTGRMSearchService, BookCreator +from app.depends import check_token book_router = APIRouter( prefix="/api/v1/books", tags=["book"], + dependencies=[Depends(check_token)], ) diff --git a/fastapi_book_server/app/views/book_annotation.py b/fastapi_book_server/app/views/book_annotation.py index 223ba6d..3ff3b3f 100644 --- a/fastapi_book_server/app/views/book_annotation.py +++ b/fastapi_book_server/app/views/book_annotation.py @@ -5,11 +5,13 @@ from fastapi_pagination.ext.ormar import paginate from app.models import BookAnnotation as BookAnnotationDB from app.serializers.book_annotation import BookAnnotation, CreateBookAnnotation, UpdateBookAnnotation +from app.depends import check_token book_annotation_router = APIRouter( prefix="/api/v1/book_annotations", - tags=["book_annotation"] + tags=["book_annotation"], + dependencies=[Depends(check_token)] ) diff --git a/fastapi_book_server/app/views/sequence.py b/fastapi_book_server/app/views/sequence.py index a1a1bad..4165f07 100644 --- a/fastapi_book_server/app/views/sequence.py +++ b/fastapi_book_server/app/views/sequence.py @@ -7,11 +7,13 @@ from app.utils.pagination import CustomPage from app.models import Sequence as SequenceDB from app.serializers.sequence import Sequence, CreateSequence from app.services.sequence import SequenceTGRMSearchService +from app.depends import check_token sequence_router = APIRouter( prefix="/api/v1/sequences", - tags=["sequence"] + tags=["sequence"], + dependencies=[Depends(check_token)], ) diff --git a/fastapi_book_server/app/views/sequence_info.py b/fastapi_book_server/app/views/sequence_info.py index a13d9d7..c1816ce 100644 --- a/fastapi_book_server/app/views/sequence_info.py +++ b/fastapi_book_server/app/views/sequence_info.py @@ -9,11 +9,13 @@ from app.utils.pagination import CustomPage from app.models import SequenceInfo as SequenceInfoDB from app.serializers.sequence_info import SequenceInfo, CreateSequenceInfo, CreateRemoteSequenceInfo from app.services.sequence_info import SequenceInfoCreator +from app.depends import check_token sequence_info_router = APIRouter( prefix="/api/v1/sequence_info", - tags=["sequence_info"] + tags=["sequence_info"], + dependencies=[Depends(check_token)], ) diff --git a/fastapi_book_server/app/views/source.py b/fastapi_book_server/app/views/source.py index 452c970..aa4637c 100644 --- a/fastapi_book_server/app/views/source.py +++ b/fastapi_book_server/app/views/source.py @@ -5,11 +5,13 @@ from fastapi_pagination.ext.ormar import paginate from app.models import Source as SourceDB from app.serializers.source import Source, CreateSource +from app.depends import check_token source_router = APIRouter( prefix="/api/v1/sources", tags=["source"], + dependencies=[Depends(check_token)], ) diff --git a/fastapi_book_server/app/views/translation.py b/fastapi_book_server/app/views/translation.py index ca9f46b..3a3ccc7 100644 --- a/fastapi_book_server/app/views/translation.py +++ b/fastapi_book_server/app/views/translation.py @@ -9,11 +9,13 @@ from app.utils.pagination import CustomPage from app.models import Translation as TranslationDB from app.serializers.translation import Translation, CreateTranslation, CreateRemoteTranslation from app.services.translation import TranslationCreator +from app.depends import check_token translation_router = APIRouter( prefix="/api/v1/translation", - tags=["translation"] + tags=["translation"], + dependencies=[Depends(check_token)], ) diff --git a/fastapi_book_server/core/auth.py b/fastapi_book_server/core/auth.py new file mode 100644 index 0000000..7cc07b5 --- /dev/null +++ b/fastapi_book_server/core/auth.py @@ -0,0 +1,4 @@ +from fastapi.security import APIKeyHeader + + +default_security = APIKeyHeader(name="Authorization") diff --git a/fastapi_book_server/core/config.py b/fastapi_book_server/core/config.py index 3916d1b..3270288 100644 --- a/fastapi_book_server/core/config.py +++ b/fastapi_book_server/core/config.py @@ -2,6 +2,8 @@ from pydantic import BaseSettings class EnvConfig(BaseSettings): + API_KEY: str + POSTGRES_USER: str POSTGRES_PASSWORD: str POSTGRES_HOST: str