Fix openapi authorize (#8794)

2026-03-22 05:37:20 +08:00 · 2025-05-29 13:20:00 -06:00
parent fd52841842
commit 30d53f8df0
14 changed files with 48 additions and 40 deletions
--- a/openhands/server/dependencies.py
+++ b/openhands/server/dependencies.py
@@ -0,0 +1,25 @@
+import os
+
+from fastapi import Depends, HTTPException, status
+from fastapi.security import APIKeyHeader
+
+_SESSION_API_KEY = os.getenv('SESSION_API_KEY')
+_SESSION_API_KEY_HEADER = APIKeyHeader(name='X-Session-API-Key', auto_error=False)
+
+
+def check_session_api_key(
+    session_api_key: str | None = Depends(_SESSION_API_KEY_HEADER),
+):
+    """
+    Check the session API key and throw an exception if incorrect. Having this as a dependency
+    means it appears in OpenAPI Docs
+    """
+    if session_api_key != _SESSION_API_KEY:
+        raise HTTPException(status.HTTP_401_UNAUTHORIZED)
+
+
+def get_dependencies() -> list[Depends]:
+    result = []
+    if _SESSION_API_KEY:
+        result.append(Depends(check_session_api_key))
+    return result