| | from fastapi import HTTPException, Header |
| | from typing import Optional |
| | import os |
| | from dotenv import load_dotenv |
| | from app.utils.logger import logger |
| |
|
| | |
| | logger.info(f"当前工作目录: {os.getcwd()}") |
| | logger.info("尝试加载.env文件...") |
| | load_dotenv(override=True) |
| |
|
| | |
| | ALLOW_API_KEY = os.getenv("ALLOW_API_KEY") |
| | logger.info(f"ALLOW_API_KEY环境变量状态: {'已设置' if ALLOW_API_KEY else '未设置'}") |
| |
|
| | if not ALLOW_API_KEY: |
| | raise ValueError("ALLOW_API_KEY environment variable is not set") |
| |
|
| | |
| | logger.info(f"Loaded API key starting with: {ALLOW_API_KEY[:4] if len(ALLOW_API_KEY) >= 4 else ALLOW_API_KEY}") |
| |
|
| |
|
| | async def verify_api_key(authorization: Optional[str] = Header(None)) -> None: |
| | """验证API密钥 |
| | |
| | Args: |
| | authorization (Optional[str], optional): Authorization header中的API密钥. Defaults to Header(None). |
| | |
| | Raises: |
| | HTTPException: 当Authorization header缺失或API密钥无效时抛出401错误 |
| | """ |
| | if authorization is None: |
| | logger.warning("请求缺少Authorization header") |
| | raise HTTPException( |
| | status_code=401, |
| | detail="Missing Authorization header" |
| | ) |
| | |
| | api_key = authorization.replace("Bearer ", "").strip() |
| | if api_key != ALLOW_API_KEY: |
| | logger.warning(f"无效的API密钥: {api_key}") |
| | raise HTTPException( |
| | status_code=401, |
| | detail="Invalid API key" |
| | ) |
| | |
| | logger.info("API密钥验证通过") |
| |
|
