simple authen

auth.py

@@ -25,10 +25,10 @@ def get_user(db, username: str):
 def authenticate_user(fake_db, username: str, password: str):
     user = get_user(fake_db, username)
     if not user:
-        return False
+        return None
     if not verify_password(password, user.hashed_password):
-        return False
-    return user
+        return None
+    return user  # Return the user object, not a boolean
 
 def create_access_token(data: dict, expires_delta: Optional[timedelta] = None):
     to_encode = data.copy()

config.py

@@ -5,6 +5,10 @@ SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"
 ALGORITHM = "HS256"
 ACCESS_TOKEN_EXPIRE_HOURS = 24
 
+# Simple API Key (for HF Spaces)
+API_KEY = "meisai-api-key-2025"
+API_KEY_NAME = "X-API-KEY"
+
 # Paths
 BASE_DIR = os.path.dirname(os.path.abspath(__file__))
 DATA_DIR = os.path.join(BASE_DIR, "data")

routes/auth.py

@@ -37,20 +37,3 @@ async def register_user(user_data: UserCreate):
     if not success:
         raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail=message)
     return {"message": message}
-
-
-@router.get("/generate-test-token/{username}")
-async def generate_test_token(username: str):
-    """
-    Generate a test token for a user without requiring password
-    (For testing only, should be disabled in production)
-    """
-    users = get_users()
-    if username not in users:
-        raise HTTPException(status_code=404, detail="User not found")
-
-    access_token_expires = timedelta(hours=ACCESS_TOKEN_EXPIRE_HOURS)
-    access_token = create_access_token(
-        data={"sub": username}, expires_delta=access_token_expires
-    )
-    return {"access_token": access_token, "token_type": "bearer", "username": username}

routes/health.py

@@ -1,9 +1,5 @@
-from fastapi import APIRouter, Depends, Header, Request
-from auth import get_current_user
-from models import User
-import time
-import jwt
-from config import SECRET_KEY, ALGORITHM
+from fastapi import APIRouter, Depends
+from simple_auth import get_current_user_from_api_key
 
 router = APIRouter()
 
@@ -16,7 +12,7 @@ async def health_check():
 
 
 @router.get("/auth-check")
-async def auth_check(current_user: User = Depends(get_current_user)):
+async def auth_check(current_user=Depends(get_current_user_from_api_key)):
     """
     Debug endpoint to verify authentication is working
     """
@@ -25,34 +21,3 @@ async def auth_check(current_user: User = Depends(get_current_user)):
         "username": current_user.username,
         "message": "Authentication successful",
     }
-
-
-@router.get("/debug-auth")
-async def debug_auth(request: Request, authorization: str = Header(None)):
-    """
-    Debug endpoint to manually inspect the authorization header and token
-    """
-    headers = dict(request.headers)
-    auth_header = headers.get("authorization", "Not found")
-
-    token_info = {"valid": False, "error": None, "payload": None}
-
-    if authorization and authorization.startswith("Bearer "):
-        token = authorization.replace("Bearer ", "")
-        try:
-            payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
-            token_info["valid"] = True
-            token_info["payload"] = payload
-        except Exception as e:
-            token_info["error"] = str(e)
-
-    return {
-        "headers": headers,
-        "auth_header": auth_header,
-        "token_info": token_info,
-        "host_info": {
-            "url": str(request.url),
-            "base_url": str(request.base_url),
-            "method": request.method,
-        },
-    }

routes/predict.py

@@ -5,6 +5,7 @@ from pathlib import Path
 from fastapi import APIRouter, UploadFile, File, HTTPException, Depends, Body
 from fastapi.responses import FileResponse
 from auth import get_current_user
+from simple_auth import get_current_user_from_api_key
 from services.sentence_transformer_service import SentenceTransformerService, sentence_transformer_service
 from data_lib.input_name_data import InputNameData
 from data_lib.base_name_data import COL_NAME_SENTENCE
@@ -23,14 +24,17 @@ import traceback
 
 router = APIRouter()
 
+
 @router.post("/predict")
 async def predict(
-    current_user=Depends(get_current_user),
+    current_user=Depends(get_current_user_from_api_key),
     file: UploadFile = File(...),
-    sentence_service: SentenceTransformerService = Depends(lambda: sentence_transformer_service)
+    sentence_service: SentenceTransformerService = Depends(
+        lambda: sentence_transformer_service
+    ),
 ):
     """
-    Process an input CSV file and return standardized names (requires authentication)
+    Process an input CSV file and return standardized names (requires API Key authentication)
     """
     if not file.filename.endswith(".csv"):
         raise HTTPException(status_code=400, detail="Only CSV files are supported")
@@ -116,13 +120,13 @@ async def predict(
 @router.post("/embeddings")
 async def create_embeddings(
     request: EmbeddingRequest,
-    current_user=Depends(get_current_user),
+    current_user=Depends(get_current_user_from_api_key),
     sentence_service: SentenceTransformerService = Depends(
         lambda: sentence_transformer_service
     ),
 ):
     """
-    Create embeddings for a list of input sentences (requires authentication)
+    Create embeddings for a list of input sentences (requires API Key authentication)
     """
     try:
         start_time = time.time()
@@ -143,13 +147,13 @@ async def create_embeddings(
 @router.post("/predict-raw", response_model=PredictRawResponse)
 async def predict_raw(
     request: PredictRawRequest,
-    current_user=Depends(get_current_user),
+    current_user=Depends(get_current_user_from_api_key),
     sentence_service: SentenceTransformerService = Depends(
         lambda: sentence_transformer_service
     ),
 ):
     """
-    Process raw input records and return standardized names (requires authentication)
+    Process raw input records and return standardized names (requires API Key authentication)
     """
     try:
         # Convert input records to DataFrame
@@ -212,7 +216,7 @@ async def predict_raw(
             print(f"Error mapping standard names: {e}")
             traceback.print_exc()
             raise HTTPException(status_code=500, detail=str(e))
-        
+
         important_columns = ['確定', '標準科目', '標準項目名', '基準名称類似度']
         for column in important_columns:
             if column not in df_predicted.columns:

simple_auth.py

@@ -0,0 +1,34 @@
+from fastapi import Security, HTTPException, status, Depends
+from fastapi.security.api_key import APIKeyHeader
+from config import API_KEY, API_KEY_NAME
+from typing import Optional
+
+# Define the API key header
+api_key_header = APIKeyHeader(name=API_KEY_NAME, auto_error=False)
+
+
+async def get_api_key(api_key_header: str = Security(api_key_header)) -> str:
+    """
+    Validate API key from header
+    """
+    if api_key_header == API_KEY:
+        return api_key_header
+    raise HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Invalid API Key",
+    )
+
+
+# Simple function to get a dummy user for API key auth
+async def get_current_user_from_api_key(api_key: str = Depends(get_api_key)):
+    """
+    Return a dummy user for API key authentication
+    """
+    # This provides a compatible interface with the JWT auth
+    return SimpleUser(username="api_user", disabled=False)
+
+
+class SimpleUser:
+    def __init__(self, username: str, disabled: bool = False):
+        self.username = username
+        self.disabled = disabled