Feat: [sm/auth] admin api 인증 헤더 추가

2026-01-14 17:24:47 +09:00
parent 122b367bed
commit 1a67844e41
2 changed files with 17 additions and 2 deletions
--- a/utils.py
+++ b/utils.py
@@ -5,6 +5,8 @@ from typing import Optional, Tuple, List

 import requests

+from fastapi import HTTPException, Header
+
 # ====== HTTP Session ======
 SESSION = requests.Session()
 SESSION.headers.update({"User-Agent": "baekjoon-n8n-bot/1.0"})
@@ -13,6 +15,16 @@ SESSION.headers.update({"User-Agent": "baekjoon-n8n-bot/1.0"})
 KNOWN_LANGS = ["ko", "en", "ja", "ru", "zh", "de", "fr", "es", "pt", "it"]


+def require_admin(x_admin_password: str | None = Header(default=None, alias="X-Admin-Password")):
+    expected = env("ADMIN_PASSWORD", "")
+    if not expected:
+        raise HTTPException(status_code=500, detail="ADMIN_PASSWORD is not configured")
+
+    if not x_admin_password or x_admin_password != expected:
+        raise HTTPException(status_code=403, detail="invalid admin password")
+
+
+
 def fetch_json_with_retry(url: str, params: dict, retries: int = 3, timeout=(3.05, 10)) -> dict:
    last_err = None
    for i in range(retries):