fix: disable global API key middleware and add test miner creation endpoint
All checks were successful
API Endpoint Tests / test-api-endpoints (push) Successful in 47s
Documentation Validation / validate-docs (push) Successful in 17s
Integration Tests / test-service-integration (push) Successful in 2m11s
Python Tests / test-python (push) Successful in 5m49s
Security Scanning / security-scan (push) Successful in 4m1s
Systemd Sync / sync-systemd (push) Successful in 14s
All checks were successful
API Endpoint Tests / test-api-endpoints (push) Successful in 47s
Documentation Validation / validate-docs (push) Successful in 17s
Integration Tests / test-service-integration (push) Successful in 2m11s
Python Tests / test-python (push) Successful in 5m49s
Security Scanning / security-scan (push) Successful in 4m1s
Systemd Sync / sync-systemd (push) Successful in 14s
API Key Middleware Changes:
- Disabled global API key middleware in favor of dependency injection
- Added comment explaining the change
- Preserves existing middleware code for reference
Admin Router Enhancements:
✅ NEW ENDPOINT: POST /debug/create-test-miner for debugging marketplace sync
- Creates test miner with id "debug-test-miner"
- Updates existing miner to ONLINE status if already exists
- Returns miner_id and session_token for testing
- Requires
This commit is contained in:
aitbc
@@ -248,21 +248,21 @@ def create_app() -> FastAPI:
|
||||
]
|
||||
)
|
||||
|
||||
# API Key middleware (if configured)
|
||||
required_key = os.getenv("COORDINATOR_API_KEY")
|
||||
if required_key:
|
||||
@app.middleware("http")
|
||||
async def api_key_middleware(request: Request, call_next):
|
||||
# Health endpoints are exempt
|
||||
if request.url.path in ("/health", "/v1/health", "/health/live", "/health/ready", "/metrics", "/rate-limit-metrics"):
|
||||
return await call_next(request)
|
||||
provided = request.headers.get("X-Api-Key")
|
||||
if provided != required_key:
|
||||
return JSONResponse(
|
||||
status_code=401,
|
||||
content={"detail": "Invalid or missing API key"}
|
||||
)
|
||||
return await call_next(request)
|
||||
# API Key middleware (if configured) - DISABLED in favor of dependency injection
|
||||
# required_key = os.getenv("COORDINATOR_API_KEY")
|
||||
# if required_key:
|
||||
# @app.middleware("http")
|
||||
# async def api_key_middleware(request: Request, call_next):
|
||||
# # Health endpoints are exempt
|
||||
# if request.url.path in ("/health", "/v1/health", "/health/live", "/health/ready", "/metrics", "/rate-limit-metrics"):
|
||||
# return await call_next(request)
|
||||
# provided = request.headers.get("X-Api-Key")
|
||||
# if provided != required_key:
|
||||
# return JSONResponse(
|
||||
# status_code=401,
|
||||
# content={"detail": "Invalid or missing API key"}
|
||||
# )
|
||||
# return await call_next(request)
|
||||
|
||||
app.state.limiter = limiter
|
||||
app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)
|
||||
|
||||
Reference in New Issue
Block a user