dm/sfs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added hash system

Browse Source
This commit is contained in:
dm
2025-09-04 11:42:33 +03:00
parent c256f8834e
commit 19b2afcb43
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.env
View File

@@ -1,5 +1,5 @@
FILES_DIR="./files" FILES_DIR="./files"
API_KEY="aboba" API_KEY_HASH="a6c79a27049109e472b246b5dfbe08aedff1e9e2259597e54032dbad4958d4ad"
FILES_PADDING="5" FILES_PADDING="5"
DATABASE_NAME="files.db" DATABASE_NAME="files.db"
FTP_URL="ftp" FTP_URL="ftp"

9
app/api.py
View File

@@ -8,11 +8,12 @@ from io import BytesIO
from . import db from . import db
from dotenv import load_dotenv from dotenv import load_dotenv
import os import os
import hmac
load_dotenv() load_dotenv()
FILES_DIR = os.getenv("FILES_DIR") FILES_DIR = os.getenv("FILES_DIR")
API_KEY = os.getenv("API_KEY") API_KEY_HASH = os.getenv("API_KEY_HASH")
api_key_header = APIKeyHeader(name="X-API-Key") api_key_header = APIKeyHeader(name="X-API-Key")
FTP_URL = os.getenv("FTP_URL") FTP_URL = os.getenv("FTP_URL")
@@ -20,8 +21,10 @@ FTP_LOGIN = os.getenv("FTP_LOGIN")
FTP_PASSWORD = os.getenv("FTP_PASSWORD") FTP_PASSWORD = os.getenv("FTP_PASSWORD")
def verify_api_key(api_key: str = Security(api_key_header)): def verify_api_key(api_key: str = Security(api_key_header)):
if api_key != API_KEY: api_key_hashed = hashlib.sha256(api_key.encode()).hexdigest()
raise HTTPException(status_code=403, detail="Forbidden") if not hmac.compare_digest(api_key_hashed, API_KEY_HASH):
raise HTTPException(status_code=403, detail="Forbidden. (╥﹏╥)")
return api_key return api_key
def compute_hash(data: bytes, algorithm="sha256") -> str: def compute_hash(data: bytes, algorithm="sha256") -> str: