improve auth

docker-compose.yml

@@ -8,8 +8,8 @@ services:
       - ./models:/app/models
       - ./main.py:/app/main.py:ro
       - ./hydra_node:/app/hydra_node:ro
-      - ./static:/app/static:ro
+      #- ./static:/app/static:ro
     environment:
       # TOKEN_SERVER: https://api.moecube.com/accounts/authUser
       TOKEN: mycard
-      WITH_STATIC: 1
+      #WITH_STATIC: 1

main.py

@@ -52,31 +52,31 @@ hostname = socket.gethostname()
 sent_first_message = False
 
 def verify_token(req: Request):
-    if TOKEN:
-        valid = "Authorization" in req.headers and req.headers["Authorization"] == "Bearer "+TOKEN
-        if valid:
-            return True
-        if not TOKEN_SERVER and not valid:
-            raise HTTPException(
-                status_code=401,
-                detail="Unauthorized"
-            )
+    if not TOKEN and not TOKEN_SERVER:
+        # no auth
+        return True
+    if "Authorization" not in req.headers:
+        raise HTTPException(
+            status_code=401,
+            detail="Unauthorized"
+        )
+    token = req.headers["Authorization"]
+    if token.startswith("Bearer "):
+        token = token[7:]
+    if TOKEN and token == TOKEN:
+        return True
     if TOKEN_SERVER:
-        if "Authorization" not in req.headers:
-            raise HTTPException(
-                status_code=401,
-                detail="Unauthorized"
-            )
-        token = req.headers["Authorization"]
-        if token.startswith("Bearer "):
-            token = token[7:]
         tokenAuthResult = requests.get(TOKEN_SERVER, headers={"Authorization": "Bearer "+token})
         if tokenAuthResult.status_code >= 400:
             raise HTTPException(
                 status_code=tokenAuthResult.status_code,
                 detail="Unauthorized"
             )
-    return True
+        return True
+    raise HTTPException(
+        status_code=401,
+        detail="Unauthorized"
+    )
 #Initialize fastapi
 app = FastAPI()