johnpccd/image_management_api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix Swagger authorization

Browse Source
This commit is contained in:
John MELEK 2025-05-26 18:28:04 +00:00
parent 8f39689a50
commit 90f4d4336d
3 changed files with 50 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
deployment/terraform/terraform.tfstate
View File

@ -1,7 +1,7 @@
{
"version": 4,
"terraform_version": "1.12.1",
"serial": 482,
"serial": 485,
"lineage": "a183cd95-f987-8698-c6dd-84e933c394a5",
"outputs": {
"cloud_function_name": {
@ -174,7 +174,7 @@
"effective_annotations": {
"run.googleapis.com/ingress": "all",
"run.googleapis.com/ingress-status": "all",
"run.googleapis.com/operation-id": "0425a798-bd0b-4453-83ba-38983e678875",
"run.googleapis.com/operation-id": "273b1403-cab6-4397-8714-83b0d8b96d2e",
"run.googleapis.com/urls": "[\"https://contoso-761163285547.us-central1.run.app\",\"https://contoso-p64zpdtkta-uc.a.run.app\"]",
"serving.knative.dev/creator": "johnpccd3@gmail.com",
"serving.knative.dev/lastModifier": "johnpccd3@gmail.com"
@ -186,12 +186,12 @@
"generation": 1,
"labels": null,
"namespace": "gen-lang-client-0424120530",
"resource_version": "AAY2Deo4Uy8",
"resource_version": "AAY2DhNWeIk",
"self_link": "/apis/serving.knative.dev/v1/namespaces/761163285547/services/contoso",
"terraform_labels": {
"goog-terraform-provisioned": "true"
},
"uid": "65c83cd2-1e60-4541-a922-6132aabb9311"
"uid": "5fbbdac4-c4de-4a73-b144-3a2d5206401b"
}
],
"name": "contoso",
@ -218,14 +218,14 @@
"type": "RoutesReady"
}
],
"latest_created_revision_name": "contoso-00001-w6c",
"latest_ready_revision_name": "contoso-00001-w6c",
"latest_created_revision_name": "contoso-00001-t4p",
"latest_ready_revision_name": "contoso-00001-t4p",
"observed_generation": 1,
"traffic": [
{
"latest_revision": true,
"percent": 100,
"revision_name": "contoso-00001-w6c",
"revision_name": "contoso-00001-t4p",
"tag": "",
"url": ""
}
@ -393,7 +393,7 @@
"schema_version": 0,
"attributes": {
"condition": [],
"etag": "BwY2DeqBDyE=",
"etag": "BwY2DhPXkYo=",
"id": "v1/projects/gen-lang-client-0424120530/locations/us-central1/services/contoso/roles/run.invoker/allUsers",
"location": "us-central1",
"member": "allUsers",
@ -802,7 +802,7 @@
"delete_protection_state": "DELETE_PROTECTION_DISABLED",
"deletion_policy": "ABANDON",
"earliest_version_time": "2025-05-26T17:30:34.654251Z",
"etag": "IJPvj6vewY0DMLiE6qfXwY0D",
"etag": "IOjogY/hwY0DMLiE6qfXwY0D",
"id": "projects/gen-lang-client-0424120530/databases/contoso-imagedb",
"key_prefix": "",
"location_id": "us-central1",

18
deployment/terraform/terraform.tfstate.backup
View File

@ -1,7 +1,7 @@
{
"version": 4,
"terraform_version": "1.12.1",
"serial": 479,
"serial": 482,
"lineage": "a183cd95-f987-8698-c6dd-84e933c394a5",
"outputs": {
"cloud_function_name": {
@ -174,7 +174,7 @@
"effective_annotations": {
"run.googleapis.com/ingress": "all",
"run.googleapis.com/ingress-status": "all",
"run.googleapis.com/operation-id": "fd6ae30c-0621-41c4-998b-cbf693bd98da",
"run.googleapis.com/operation-id": "0425a798-bd0b-4453-83ba-38983e678875",
"run.googleapis.com/urls": "[\"https://contoso-761163285547.us-central1.run.app\",\"https://contoso-p64zpdtkta-uc.a.run.app\"]",
"serving.knative.dev/creator": "johnpccd3@gmail.com",
"serving.knative.dev/lastModifier": "johnpccd3@gmail.com"
@ -186,12 +186,12 @@
"generation": 1,
"labels": null,
"namespace": "gen-lang-client-0424120530",
"resource_version": "AAY2DdPXaEU",
"resource_version": "AAY2Deo4Uy8",
"self_link": "/apis/serving.knative.dev/v1/namespaces/761163285547/services/contoso",
"terraform_labels": {
"goog-terraform-provisioned": "true"
},
"uid": "d3664fe2-c0fc-40d5-90bd-93904dd237b1"
"uid": "65c83cd2-1e60-4541-a922-6132aabb9311"
}
],
"name": "contoso",
@ -218,14 +218,14 @@
"type": "RoutesReady"
}
],
"latest_created_revision_name": "contoso-00001-v79",
"latest_ready_revision_name": "contoso-00001-v79",
"latest_created_revision_name": "contoso-00001-w6c",
"latest_ready_revision_name": "contoso-00001-w6c",
"observed_generation": 1,
"traffic": [
{
"latest_revision": true,
"percent": 100,
"revision_name": "contoso-00001-v79",
"revision_name": "contoso-00001-w6c",
"tag": "",
"url": ""
}
@ -393,7 +393,7 @@
"schema_version": 0,
"attributes": {
"condition": [],
"etag": "BwY2DdQrt9Y=",
"etag": "BwY2DeqBDyE=",
"id": "v1/projects/gen-lang-client-0424120530/locations/us-central1/services/contoso/roles/run.invoker/allUsers",
"location": "us-central1",
"member": "allUsers",
@ -802,7 +802,7 @@
"delete_protection_state": "DELETE_PROTECTION_DISABLED",
"deletion_policy": "ABANDON",
"earliest_version_time": "2025-05-26T17:30:34.654251Z",
"etag": "IInb+u7cwY0DMLiE6qfXwY0D",
"etag": "IJPvj6vewY0DMLiE6qfXwY0D",
"id": "projects/gen-lang-client-0424120530/databases/contoso-imagedb",
"key_prefix": "",
"location_id": "us-central1",

35
main.py
View File

@ -140,9 +140,38 @@ def custom_openapi():
if "schemas" not in openapi_schema["components"]:
openapi_schema["components"]["schemas"] = {}
# Note: Authentication is now handled properly in individual route modules
# Public endpoints (auth, users, teams) don't require authentication
# Protected endpoints (images, search) require API key authentication
# Apply security to protected endpoints
# Look for endpoints that use get_current_user dependency and apply ApiKeyAuth
for path, path_item in openapi_schema.get("paths", {}).items():
for method, operation in path_item.items():
if method in ["get", "post", "put", "delete", "patch"]:
# Check if this endpoint requires authentication by looking at the operation ID or tags
operation_id = operation.get("operationId", "")
tags = operation.get("tags", [])
# Apply security to protected endpoints
# These are endpoints that require authentication based on our API design
protected_paths = [
"/api/v1/auth/api-keys",
"/api/v1/auth/verify",
"/api/v1/auth/admin/",
"/api/v1/images",
"/api/v1/search"
]
# Check if this is a protected endpoint
is_protected = False
for protected_path in protected_paths:
if protected_path in path:
# Skip the public API key creation endpoint
if path == "/api/v1/auth/api-keys" and method == "post":
continue
is_protected = True
break
if is_protected:
operation["security"] = [{"ApiKeyAuth": []}]
app.openapi_schema = openapi_schema
return app.openapi_schema