Document that APIs need API key

2025-02-06 01:50:37 +00:00
parent 49e59fa5e1
commit bba53e59d4
3 changed files with 46 additions and 2 deletions
--- a/core/scripts/webpanel/openapi/openapi.py
+++ b/core/scripts/webpanel/openapi/openapi.py
@ -0,0 +1,39 @@
+from fastapi import FastAPI
+
+from config import CONFIGS
+
+
+def setup_openapi_schema(app: FastAPI):
+    """Set up the OpenAPI schema for the API.
+
+    The OpenAPI schema is modified to include the API key in the
+    "Authorization" header. All routes under /api/v1/ are modified to
+    require the API key.
+    """
+
+    app.openapi_schema = app.openapi()
+
+    app.openapi_schema["servers"] = [
+        {
+            "url": f"/{CONFIGS.ROOT_PATH}",
+            "description": "Root path of the API"
+        }
+    ]
+
+    # Define API key in the OpenAPI schema
+    # It's a header with the name "Authorization"
+    app.openapi_schema["components"]["securitySchemes"] = {
+        "ApiKeyAuth": {
+            "type": "apiKey",
+            "in": "header",
+            "name": "Authorization"
+        }
+    }
+
+    # Apply the API key requirement to all paths under /api/v1/ dynamically
+    for path, operations in app.openapi_schema["paths"].items():
+        if path.startswith("/api/v1/"):  # Apply security to routes starting with /api/v1/
+            for operation in operations.values():
+                if "security" not in operation:
+                    operation["security"] = []
+                operation["security"].append({"ApiKeyAuth": []})