This update adds a decorator to check for an API key passed as a header:
X-BERTLY-API-KEY: mytestkey
Both key name and value get defined as env vars: BERTLY_API_KEY_NAME and BERTLY_API_KEY. See INSTALL.md for details.
The decorator wraps the create and revoke Flask routes.
How should this be reviewed?
Given that you invoke the app with BERTLY_API_KEY_NAME and BERTLY_API_KEY defined in the environment, requests to POST / and POST /revoke/<token> should fail without the correct header.
Any background context you want to provide?
N/A
Relevant tickets
Fixes #5
Checklist
[x] Documentation added for new features/changed endpoints.
What's this PR do?
This update adds a decorator to check for an API key passed as a header:
X-BERTLY-API-KEY: mytestkeyBoth key name and value get defined as env vars:
BERTLY_API_KEY_NAMEandBERTLY_API_KEY. SeeINSTALL.mdfor details.The decorator wraps the
createandrevokeFlask routes.How should this be reviewed?
Given that you invoke the app with
BERTLY_API_KEY_NAMEandBERTLY_API_KEYdefined in the environment, requests toPOST /andPOST /revoke/<token>should fail without the correct header.Any background context you want to provide?
N/A
Relevant tickets
Fixes #5
Checklist