This commit is contained in:
Eugene Yurtsev
2025-04-08 16:13:37 -04:00
parent cc4dfd34e2
commit 4afcc976ba
+9 -7
View File
@@ -23,14 +23,16 @@ APP_SECRET = _get_app_secret()
@auth.authenticate
async def authenticate(authorization: str) -> Auth.types.MinimalUserDict:
# Validate credentials (e.g., API key, JWT token)
if not authorization or not hmac.compare_digest(authorization, APP_SECRET):
raise Auth.exceptions.HTTPException(status_code=401, detail="Unauthorized")
# Expecting a header like: "Bearer <token>"
if not authorization or not authorization.startswith("Bearer "):
raise Auth.exceptions.HTTPException(status_code=401, detail="Missing or invalid Authorization header")
token = authorization.removeprefix("Bearer ").strip()
# Validate the token using HMAC constant-time comparison
if not hmac.compare_digest(token, APP_SECRET):
raise Auth.exceptions.HTTPException(status_code=401, detail="Invalid token")
# Return user info - only identity and is_authenticated are required
# Add any additional fields you need for authorization
return {
"identity": "authenticated-user",
}