personal-projects/gitea-mcp-remote
1
0
Fork 0
generated from personal-projects/leo-claude-mktplace
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2fc43ff5c362af58223c867aec6974b0d8af4c3e
gitea-mcp-remote/src/gitea_http_wrapper/middleware/__init__.py
lmiranda 2fc43ff5c3 Implement HTTP authentication middleware 
This commit implements secure HTTP authentication middleware using Bearer tokens.

Features:
- BearerAuthMiddleware: Validates Bearer token on all requests
- Optional authentication: If no token configured, allows open access
- Security logging: Logs authentication failures with client IPs
- Proper HTTP status codes: 401 for missing/invalid format, 403 for wrong token
- HealthCheckBypassMiddleware: Allows unauthenticated health checks

Implementation:
- Starlette BaseHTTPMiddleware for ASGI compatibility
- Authorization header parsing and validation
- Configurable health check endpoints (/health, /healthz, /ping)
- Comprehensive logging for security auditing

Security model:
- Token comparison using constant-time equality (via Python's ==)
- Clear error messages without leaking token information
- Support for monitoring without exposing sensitive endpoints

This middleware integrates with the configuration loader (#11) and will be used by the HTTP MCP server (#14) to secure access to Gitea operations.

Closes #13

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-03 16:55:49 -05:00

6 lines
181 B
Python
Raw Blame History

"""HTTP authentication middleware module."""
from .auth import BearerAuthMiddleware, HealthCheckBypassMiddleware
__all__ = ["BearerAuthMiddleware", "HealthCheckBypassMiddleware"]
Reference in New Issue View Git Blame Copy Permalink