slipstream/discordbot
slipstream/discordbot
1
1
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

feat: Add private endpoint to retrieve OpenRouter API key with authorization check

Browse Source
This commit is contained in:
Slipstream 2025-05-14 17:07:34 -06:00
parent 5b901ac9bf
commit eef8800716
Signed by: slipstream
GPG Key ID: 13E498CE010AC6FD
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
api_service/api_server.py
View File

@ -68,6 +68,7 @@ class ApiSettings(BaseSettings):
# Secret key for AI Moderation API endpoint # Secret key for AI Moderation API endpoint
MOD_LOG_API_SECRET: Optional[str] = None MOD_LOG_API_SECRET: Optional[str] = None
AI_API_KEY: Optional[str] = None
model_config = SettingsConfigDict( model_config = SettingsConfigDict(
env_file=dotenv_path, env_file=dotenv_path,
@ -2826,6 +2827,19 @@ async def delete_token_by_user_id(user_id: str):
# Note: Server shutdown is now handled by the lifespan context manager above # Note: Server shutdown is now handled by the lifespan context manager above
@app.post("/openrouter-key", response_class=PlainTextResponse)
async def update_gurt_stats_internal(request: Request):
"""private endpoint return openrouter api key"""
global latest_gurt_stats
# Basic security check
auth_header = request.headers.get("Authorization")
# Use loaded setting
if not settings.MOD_LOG_API_SECRET or not auth_header or auth_header != f"Bearer {settings.MOD_LOG_API_SECRET}":
print("Unauthorized attempt to access OpenRouter key.")
raise HTTPException(status_code=403, detail="Forbidden")
return f"{settings.AI_API_KEY}"
# ============= Gurt Stats Endpoints (IPC Approach) ============= # ============= Gurt Stats Endpoints (IPC Approach) =============
# --- Internal Endpoint to Receive Stats --- # --- Internal Endpoint to Receive Stats ---