art-dag/celery
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ADMIN_TOKEN for admin endpoints and allow token-based auth

Browse Source 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
giles
2026-02-02 23:28:19 +00:00
parent d20eef76ad
commit 2081092ce8
2 changed files with 16 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
app/routers/runs.py
View File

@@ -895,10 +895,23 @@ async def publish_run(
@router.delete("/admin/purge-failed") @router.delete("/admin/purge-failed")
async def purge_failed_runs( async def purge_failed_runs(
ctx: UserContext = Depends(require_auth), request: Request,
ctx: UserContext = Depends(get_current_user),
): ):
"""Delete all failed runs from pending_runs table.""" """Delete all failed runs from pending_runs table.
Requires authentication OR admin token in X-Admin-Token header.
"""
import database import database
import os
# Check for admin token
admin_token = os.environ.get("ADMIN_TOKEN")
request_token = request.headers.get("X-Admin-Token")
# Require either valid auth or admin token
if not ctx and (not admin_token or request_token != admin_token):
raise HTTPException(401, "Authentication required")
# Get all failed runs # Get all failed runs
failed_runs = await database.list_pending_runs(status="failed") failed_runs = await database.list_pending_runs(status="failed")

1
docker-compose.yml
View File

@@ -50,6 +50,7 @@ services:
environment: environment:
- REDIS_URL=redis://redis:6379/5 - REDIS_URL=redis://redis:6379/5
- DATABASE_URL=postgresql://artdag:artdag@postgres:5432/artdag - DATABASE_URL=postgresql://artdag:artdag@postgres:5432/artdag
- ADMIN_TOKEN=artdag-admin-purge-token-2026
# IPFS_API multiaddr - used for all IPFS operations (add, cat, pin) # IPFS_API multiaddr - used for all IPFS operations (add, cat, pin)
- IPFS_API=/dns/ipfs/tcp/5001 - IPFS_API=/dns/ipfs/tcp/5001
- CACHE_DIR=/data/cache - CACHE_DIR=/data/cache