feat: add the possibility to just pass routes on top of the standard routes

with some api key query security

Author: etorreborre

implementations/python/examples/15.py

@@ -1,5 +1,5 @@
 from ockam import Agent, Node, HttpServer, Repl, Model
-from app_15 import app
+from api_15 import Api
 
 """
     This example shows how a HTTP server can be started to interact with some agents deployed on a node.
@@ -51,4 +51,4 @@ async def main(node):
     await Repl.start(agent)
 
 
-Node.start(main, http_server=HttpServer(app=app))
+Node.start(main, http_server=HttpServer(api=Api()))

implementations/python/examples/api_15.py

@@ -0,0 +1,13 @@
+from fastapi import FastAPI
+from fastapi.responses import JSONResponse
+
+
+class Api:
+    def __init__(self):
+        self.api = FastAPI()
+
+    def routes(self, node):
+        @self.api.post("/analysis")
+        async def create_analysis(network: str):
+            print(f"Analyzing network {network} with node {node.name}...")
+            return JSONResponse(content={"status": "ok"})

implementations/python/python/ockam/agents/http.py

@@ -4,8 +4,10 @@
 import uvicorn
 from dataclasses import asdict, is_dataclass
 from enum import Enum
-from fastapi import FastAPI, Depends, HTTPException, Request
+from fastapi import FastAPI, Depends, HTTPException, Request, status
 from fastapi.responses import StreamingResponse, FileResponse
+from fastapi.security.api_key import APIKeyQuery
+from fastapi import Security
 from typing import Annotated
 
 from .socket_address import parse_host_and_port
@@ -23,20 +25,20 @@
 
 
 class HttpServer(InfoContext):
-    def __init__(self, listen_address=f"{DEFAULT_HOST}:{DEFAULT_PORT}", app: FastAPI = None):
+    def __init__(self, listen_address=f"{DEFAULT_HOST}:{DEFAULT_PORT}", app: FastAPI = None, api=None):
         from ..logging.logging import get_logger
 
         self.logger = get_logger("http")
         self.node = None
         self.host = DEFAULT_HOST
         self.port = DEFAULT_PORT
         self.set_host_and_port(listen_address)
+        self.api = api
 
         if not app:
-            self.app = FastAPI()
+            self.app = FastAPI(dependencies=[Depends(validate_api_key)])
         else:
             self.app = app
-
         self.app.middleware("http")(self.inject_node)
         self._setup_routes()
 
@@ -232,6 +234,11 @@ def set_host_and_port(self, listen_address):
 
     async def start(self, node):
         self.node = node
+        # mount some additional if provided custom routes
+        if self.api:
+            self.api.routes(self.node)
+            self.app.mount("/", self.api.api)
+
         asyncio.create_task(self.serve())
 
 
@@ -250,3 +257,10 @@ def default(obj):
     if isinstance(obj, Enum):
         return obj.value
     raise TypeError(f"Object of type {obj.__class__.__name__} is not JSON serializable")
+
+
+def validate_api_key(api_key: str = Security(APIKeyQuery(name="api_key", auto_error=False))) -> str:
+    expected = os.environ.get("API_KEY")
+    if api_key != expected:
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid or missing API key header")
+    return expected