From 6688beeaadedba432a8f0f53d863a858f0dfcc2b Mon Sep 17 00:00:00 2001 From: irl Date: Thu, 21 May 2026 13:15:43 +0100 Subject: [PATCH] misc: add comment to explain why no exception is thrown on api key check --- src/security.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/security.py b/src/security.py index c384ff2..527c30a 100644 --- a/src/security.py +++ b/src/security.py @@ -8,6 +8,8 @@ from src.config import settings def api_key(host: str = Header(), authorization: str | None = Header(None)) -> bool: + # This function deliberately does not throw an exception in the case of unauthenticated use as there are public + # endpoints that need to optionally be authenticated. if host.lower().strip() != settings.API_DOMAIN.strip(): raise HTTPException(status_code=status.HTTP_404_NOT_FOUND) try: