Add improvements

2026-01-12 14:24:14 +01:00
parent 6037faaf8c
commit 230bbe6a19
61 changed files with 1668 additions and 894 deletions
--- a/services/distribution/app/api/internal_demo.py
+++ b/services/distribution/app/api/internal_demo.py
@@ -24,14 +24,6 @@ logger = structlog.get_logger()
 router = APIRouter(prefix="/internal/demo", tags=["internal"])


-def verify_internal_api_key(x_internal_api_key: Optional[str] = Header(None)):
-    """Verify internal API key for service-to-service communication"""
-    if x_internal_api_key != settings.INTERNAL_API_KEY:
-        logger.warning("Unauthorized internal API access attempted")
-        raise HTTPException(status_code=403, detail="Invalid internal API key")
-    return True
-
-
 def parse_date_field(date_value, session_time: datetime, field_name: str = "date") -> Optional[datetime]:
    """
    Parse date field, handling both ISO strings and BASE_TS markers.
@@ -85,8 +77,7 @@ async def clone_demo_data(
    demo_account_type: str,
    session_id: Optional[str] = None,
    session_created_at: Optional[str] = None,
-    db: AsyncSession = Depends(get_db),
-    _: bool = Depends(verify_internal_api_key)
+    db: AsyncSession = Depends(get_db)
 ):
    """
    Clone distribution service data for a virtual demo tenant
@@ -374,7 +365,7 @@ async def clone_demo_data(


@router.get("/clone/health")
-async def clone_health_check(_: bool = Depends(verify_internal_api_key)):
+async def clone_health_check():
    """
    Health check for internal cloning endpoint
    Used by orchestrator to verify service availability
@@ -389,8 +380,7 @@ async def clone_health_check(_: bool = Depends(verify_internal_api_key)):
@router.delete("/tenant/{virtual_tenant_id}")
 async def delete_demo_data(
    virtual_tenant_id: str,
-    db: AsyncSession = Depends(get_db),
-    _: bool = Depends(verify_internal_api_key)
+    db: AsyncSession = Depends(get_db)
 ):
    """Delete all distribution data for a virtual demo tenant"""
    logger.info("Deleting distribution data for virtual tenant", virtual_tenant_id=virtual_tenant_id)
--- a/services/distribution/app/api/routes.py
+++ b/services/distribution/app/api/routes.py
@@ -19,15 +19,8 @@ logger = structlog.get_logger()
 route_builder = RouteBuilder('distribution')


-async def verify_internal_api_key(x_internal_api_key: str = Header(None)):
-    """Verify internal API key for service-to-service communication"""
-    required_key = settings.INTERNAL_API_KEY
-    if x_internal_api_key != required_key:
-        logger.warning("Unauthorized internal API access attempted")
-        raise HTTPException(status_code=403, detail="Invalid internal API key")
-    return True
-
-
+# ✅ Security: Internal API key system removed
+# All authentication now handled via JWT service tokens at gateway level
 router = APIRouter()