Initial commit: svg backend

2026-03-19 13:39:32 +03:00
commit 85fb2f4bb9
78 changed files with 6161 additions and 0 deletions
--- a/backend/app/security/auth.py
+++ b/backend/app/security/auth.py
@@ -0,0 +1,31 @@
+from fastapi import Header, HTTPException, status
+
+from app.core.config import settings
+from app.domain.roles import UserRole
+
+
+def resolve_role(api_key: str) -> str | None:
+    if api_key in settings.admin_keys:
+        return UserRole.ADMIN.value
+    if api_key in settings.operator_keys:
+        return UserRole.OPERATOR.value
+    if api_key in settings.viewer_keys:
+        return UserRole.VIEWER.value
+    return None
+
+
+async def require_api_key(x_api_key: str | None = Header(default=None, alias="X-API-Key")) -> str:
+    if not x_api_key:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Missing API key",
+        )
+
+    role = resolve_role(x_api_key)
+    if role is None:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Invalid API key",
+        )
+
+    return role