[update]: .gitignore file

This commit is contained in:
VivianDee
2025-03-21 16:26:58 +01:00
parent 2380d72d34
commit 43dc5bd835
46 changed files with 423 additions and 705 deletions
+3
View File
@@ -0,0 +1,3 @@
from .verify_api_key import require_api_key
from .app_id_checker import require_app_id
from .cors import enforce_json
+26
View File
@@ -0,0 +1,26 @@
from functools import wraps
from flask import request, jsonify
from app.utils.logger import logger
import os
# Load valid App-IDs from environment variables (comma-separated list)
VALID_APP_ID = os.getenv("VALID_APP_ID", "app1,app2,app3").split(",")
def require_app_id(f):
"""Decorator to enforce App-ID validation."""
@wraps(f)
def decorated_function(*args, **kwargs):
app_id = request.headers.get("App-ID")
if not app_id:
logger.error("Unauthorized access: Missing App-ID.")
return jsonify({"message": "Invalid request parameters"}), 400
if app_id not in VALID_APP_ID:
logger.error(f"Unauthorized access: Invalid App-ID {app_id}.")
return jsonify({"message": "Invalid request parameters"}), 400
return f(*args, **kwargs)
return decorated_function
+6 -8
View File
@@ -1,9 +1,7 @@
# app/middlewares/cors.py
from flask import request
from flask import request, jsonify
def cors_headers(response):
"""Allow cross-origin requests"""
response.headers["Access-Control-Allow-Origin"] = "*"
response.headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, PATCH, DELETE"
response.headers["Access-Control-Allow-Headers"] = "Authorization, Content-Type"
return response
def enforce_json():
"""Middleware to enforce JSON Content-Type for incoming requests"""
if request.method in ["POST", "PUT", "PATCH"] and request.content_type != "application/json":
return jsonify({"message": "Invalid request parameters"}), 400
-14
View File
@@ -1,14 +0,0 @@
# app/middlewares/encryption.py
from cryptography.fernet import Fernet
import os
ENCRYPTION_KEY = os.getenv("ENCRYPTION_KEY", Fernet.generate_key())
cipher = Fernet(ENCRYPTION_KEY)
def encrypt_data(data):
"""Encrypt sensitive data"""
return cipher.encrypt(data.encode()).decode()
def decrypt_data(data):
"""Decrypt sensitive data"""
return cipher.decrypt(data.encode()).decode()
-11
View File
@@ -1,11 +0,0 @@
# app/middlewares/request_validator.py
from flask import request
from app.helpers.response_helper import ResponseHelper
def validate_json():
"""Ensure request has valid JSON"""
if not request.is_json:
return ResponseHelper.error(
message="Request must be JSON",
status_code=415
)
+23 -6
View File
@@ -1,8 +1,25 @@
# app/middlewares/auth.py
from functools import wraps
from flask import request, jsonify
from app.utils.logger import logger
import os
def require_api_key():
"""Middleware to check if API key is present"""
api_key = request.headers.get("X-API-KEY")
if not api_key:
return jsonify({"error": "Missing API key"}), 403
# Load valid API key from environment variables (fallback for testing)
VALID_API_KEY = os.getenv("VALID_API_KEY", "test-api-key-12345")
def require_api_key(f):
"""Decorator to enforce API key authentication."""
@wraps(f)
def decorated_function(*args, **kwargs):
api_key = request.headers.get("X-API-KEY")
if not api_key:
logger.error("Unauthorized access: Missing API key.")
return jsonify({"message": "Invalid request parameters"}), 400
if api_key != VALID_API_KEY:
logger.error("Unauthorized access: Invalid API key.")
return jsonify({"message": "Invalid request parameters"}), 400
return f(*args, **kwargs)
return decorated_function