Spaces:
Build error
Build error
Update server.py
Browse files
server.py
CHANGED
@@ -543,23 +543,9 @@ def image_to_base64(image: Image, quality: int = 75) -> str:
|
|
543 |
img_str = base64.b64encode(buffer.getvalue()).decode("utf-8")
|
544 |
return img_str
|
545 |
|
546 |
-
ignore_auth = []
|
547 |
-
#
|
548 |
-
|
549 |
-
try:
|
550 |
-
with open("api_key.txt", "r") as txt:
|
551 |
-
api_key = txt.read().replace('\n', '')
|
552 |
-
except:
|
553 |
-
api_key = secrets.token_hex(5)
|
554 |
-
with open("api_key.txt", "w") as txt:
|
555 |
-
txt.write(api_key)
|
556 |
-
|
557 |
-
print(f"Your API key is {api_key}")
|
558 |
-
elif args.share and args.secure != True:
|
559 |
-
print("WARNING: This instance is publicly exposed without an API key! It is highly recommended to restart with the \"--secure\" argument!")
|
560 |
-
else:
|
561 |
-
print("No API key given because you are running locally.")
|
562 |
-
|
563 |
|
564 |
def is_authorize_ignored(request):
|
565 |
view_func = app.view_functions.get(request.endpoint)
|
@@ -569,7 +555,6 @@ def is_authorize_ignored(request):
|
|
569 |
return True
|
570 |
return False
|
571 |
|
572 |
-
|
573 |
@app.before_request
|
574 |
def before_request():
|
575 |
# Request time measuring
|
@@ -578,14 +563,16 @@ def before_request():
|
|
578 |
# Checks if an API key is present and valid, otherwise return unauthorized
|
579 |
# The options check is required so CORS doesn't get angry
|
580 |
try:
|
581 |
-
if request.method != 'OPTIONS' and
|
582 |
print(f"WARNING: Unauthorized API key access from {request.remote_addr}")
|
|
|
|
|
583 |
response = jsonify({ 'error': '401: Invalid API key' })
|
584 |
response.status_code = 401
|
585 |
-
return
|
586 |
except Exception as e:
|
587 |
print(f"API key check error: {e}")
|
588 |
-
return "
|
589 |
|
590 |
|
591 |
@app.after_request
|
|
|
543 |
img_str = base64.b64encode(buffer.getvalue()).decode("utf-8")
|
544 |
return img_str
|
545 |
|
546 |
+
ignore_auth = []
|
547 |
+
# Hugging Face, Get password instead of text file.
|
548 |
+
api_key = os.environ.get("password")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
549 |
|
550 |
def is_authorize_ignored(request):
|
551 |
view_func = app.view_functions.get(request.endpoint)
|
|
|
555 |
return True
|
556 |
return False
|
557 |
|
|
|
558 |
@app.before_request
|
559 |
def before_request():
|
560 |
# Request time measuring
|
|
|
563 |
# Checks if an API key is present and valid, otherwise return unauthorized
|
564 |
# The options check is required so CORS doesn't get angry
|
565 |
try:
|
566 |
+
if request.method != 'OPTIONS' and is_authorize_ignored(request) == False and getattr(request.authorization, 'token', '') != api_key:
|
567 |
print(f"WARNING: Unauthorized API key access from {request.remote_addr}")
|
568 |
+
if request.method == 'POST':
|
569 |
+
print(f"Incoming POST request with {request.headers.get('Authorization')}")
|
570 |
response = jsonify({ 'error': '401: Invalid API key' })
|
571 |
response.status_code = 401
|
572 |
+
return "https://(hf_name)-(space_name).hf.space/"
|
573 |
except Exception as e:
|
574 |
print(f"API key check error: {e}")
|
575 |
+
return "https://(hf_name)-(space_name).hf.space/"
|
576 |
|
577 |
|
578 |
@app.after_request
|