fix: add admin CORS + optional header

2026-02-21 23:39:05 +00:00
parent b8ebddbe94
commit 87097a2099
1 changed files with 2 additions and 2 deletions
--- a/app/routers/admin.py
+++ b/app/routers/admin.py
@@ -24,8 +24,8 @@ router = APIRouter(prefix="/admin", tags=["admin"])
 ADMIN_API_KEY = "Platform-Admin-2024!"   # in prod: from secret/env


-def _require_admin(x_admin_key: str = Header(...)):
-    if x_admin_key != ADMIN_API_KEY:
+def _require_admin(x_admin_key: Optional[str] = Header(default=None)):
+    if not x_admin_key or x_admin_key != ADMIN_API_KEY:
        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Not authorized")