dashboard
repositories
activity
search
login
APPS
/
ops-dashboard
summary
reflog
commits
tree
compare
forks
blame
|
history
|
raw
|
HEAD
feat: Rewrite dashboard with sidebar nav, drill-down, and registry-based co...
Matthias Nott
2026-02-21
485476a297c111e37fec9913535a63a2383ca06e
[APPS/ops-dashboard.git]
/
app
/
app
/
auth.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
import os
from fastapi import HTTPException, Security, Query
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from typing import Optional
_AUTH_TOKEN = os.environ.get("AUTH_TOKEN", "changeme")
_bearer_scheme = HTTPBearer(auto_error=False)
async def verify_token(
credentials: Optional[HTTPAuthorizationCredentials] = Security(_bearer_scheme),
token: Optional[str] = Query(default=None),
) -> str:
"""
Verify the bearer token from Authorization header or ?token= query param.
Raises 401 if missing or invalid.
"""
provided: Optional[str] = None
if credentials is not None:
provided = credentials.credentials
elif token is not None:
provided = token
if provided is None or provided != _AUTH_TOKEN:
raise HTTPException(
status_code=401,
detail="Invalid or missing authentication token",
headers={"WWW-Authenticate": "Bearer"},
)
return provided
