Skip to content

Api key auth

Manage API key validation for FastAPI routes.

get_api_key(credentials=Depends(security)) async

Validate the provided API key against known third-party keys and returns it if valid, else raises HTTP 403.

Source code in gso/auth/api_key_auth.py
async def get_api_key(
    credentials: HTTPAuthorizationCredentials = Depends(security),  # noqa: B008
) -> str:
    """Validate the provided API key against known third-party keys and returns it if valid, else raises HTTP 403."""
    settings = load_oss_params()
    api_key = credentials.credentials

    # TODO: This is a simulated database of API keys which should be replace with a real one
    if api_key in settings.THIRD_PARTY_API_KEYS.values():
        return api_key

    raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Invalid API Key")