[add]: Swagger Documentation
This commit is contained in:
@@ -0,0 +1,3 @@
|
||||
from .verify_api_key import require_api_key
|
||||
from .app_id_checker import require_app_id
|
||||
from .cors import enforce_json
|
||||
@@ -0,0 +1,26 @@
|
||||
from functools import wraps
|
||||
from flask import request, jsonify
|
||||
from app.utils.logger import logger
|
||||
import os
|
||||
|
||||
# Load valid App-IDs from environment variables (comma-separated list)
|
||||
VALID_APP_ID = os.getenv("VALID_APP_ID", "app1,app2,app3").split(",")
|
||||
|
||||
def require_app_id(f):
|
||||
"""Decorator to enforce App-ID validation."""
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
app_id = request.headers.get("App-ID")
|
||||
|
||||
if not app_id:
|
||||
logger.error("Unauthorized access: Missing App-ID.")
|
||||
return jsonify({"message": "Invalid request parameters"}), 400
|
||||
|
||||
|
||||
if app_id not in VALID_APP_ID:
|
||||
logger.error(f"Unauthorized access: Invalid App-ID {app_id}.")
|
||||
return jsonify({"message": "Invalid request parameters"}), 400
|
||||
|
||||
return f(*args, **kwargs)
|
||||
|
||||
return decorated_function
|
||||
@@ -0,0 +1,7 @@
|
||||
from flask import request, jsonify
|
||||
|
||||
|
||||
def enforce_json():
|
||||
"""Middleware to enforce JSON Content-Type for incoming requests"""
|
||||
if request.method in ["POST", "PUT", "PATCH"] and request.content_type != "application/json":
|
||||
return jsonify({"message": "Invalid request parameters"}), 400
|
||||
@@ -0,0 +1,26 @@
|
||||
from functools import wraps
|
||||
from flask import request, jsonify
|
||||
from app.utils.logger import logger
|
||||
import os
|
||||
|
||||
# Load valid API key from environment variables (fallback for testing)
|
||||
VALID_API_KEY = os.getenv("VALID_API_KEY", "test-api-key-12345")
|
||||
|
||||
def require_api_key(f):
|
||||
"""Decorator to enforce API key authentication."""
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
api_key = request.headers.get("X-API-KEY")
|
||||
|
||||
|
||||
if not api_key:
|
||||
logger.error("Unauthorized access: Missing API key.")
|
||||
return jsonify({"message": "Invalid request parameters"}), 400
|
||||
|
||||
if api_key != VALID_API_KEY:
|
||||
logger.error("Unauthorized access: Invalid API key.")
|
||||
return jsonify({"message": "Invalid request parameters"}), 400
|
||||
|
||||
return f(*args, **kwargs)
|
||||
|
||||
return decorated_function
|
||||
Reference in New Issue
Block a user