Added Key Vault-based authorization

yashcodingprodigy · yashcodingprodigy · commit 998b0e33bc18 · 2025-06-13T09:05:15.000Z
diff --git a/app.py b/app.py
@@ -1,10 +1,27 @@
-from flask import Flask
+from flask import Flask, request, abort
+from azure.identity import DefaultAzureCredential
+from azure.keyvault.secrets import SecretClient
+import os
 
 app = Flask(__name__)
 
+# Key Vault URL (replace with yours)
+KEY_VAULT_URL = "https://yashkeyvaultverysafe.vault.azure.net/"
+
+# Set up Azure Key Vault client
+credential = DefaultAzureCredential()
+client = SecretClient(vault_url=KEY_VAULT_URL, credential=credential)
+
+# Get secret from Key Vault
+retrieved_secret = client.get_secret("app-auth-secret").value
+
 @app.route("/")
 def home():
-    return "Yo! i made a change"
+    # Check if 'x-api-key' header matches the secret
+    api_key = request.headers.get('x-api-key')
+    if api_key != retrieved_secret:
+        abort(403)  # Forbidden
+    return "✅ Authorized! You accessed a secure route."
 
 if __name__ == "__main__":
     app.run(host='0.0.0.0', port=8000)
